marcusconsulting/docker-skeleton
2
0
Fork 0
Code
docker-skeleton/.recipes/wondercms_php8/storage/volumes/wonder_html/index.php

3069 lines
97 KiB
PHP
Raw Blame History

<?php
/**
* @package WonderCMS
* @author Robert Isoski (https://robert.si)
* @see https://www.wondercms.com
* @license MIT
*/
session_start();
define('VERSION', '3.4.3');
mb_internal_encoding('UTF-8');
if (defined('PHPUNIT_TESTING') === false) {
$Wcms = new Wcms();
$Wcms->init();
$Wcms->render();
}
class Wcms
{
private const MODULES_JSON_VERSION = 1;
private const THEMES_DIR = 'themes';
private const PLUGINS_DIR = 'plugins';
private const VALID_DIRS = [self::THEMES_DIR, self::PLUGINS_DIR];
private const THEME_PLUGINS_TYPES = [
'installs' => 'install',
'updates' => 'update',
'exists' => 'exist',
];
/** Database main keys */
public const DB_CONFIG = 'config';
public const DB_MENU_ITEMS = 'menuItems';
public const DB_MENU_ITEMS_SUBPAGE = 'subpages';
public const DB_PAGES_KEY = 'pages';
public const DB_PAGES_SUBPAGE_KEY = 'subpages';
/** @var int MIN_PASSWORD_LENGTH minimum number of characters */
public const MIN_PASSWORD_LENGTH = 8;
/** @var string WCMS_REPO - repo URL */
public const WCMS_REPO = 'https://raw.githubusercontent.com/WonderCMS/wondercms/main/';
/** @var string WCMS_CDN_REPO - CDN repo URL */
public const WCMS_CDN_REPO = 'https://raw.githubusercontent.com/WonderCMS/wondercms-cdn-files/main/';
/** @var string $currentPage - current page */
public $currentPage = '';
/** @var array $currentPageTree - Tree hierarchy of the current page */
public $currentPageTree = [];
/** @var array $installedPlugins - Currently installed plugins */
public $installedPlugins = [];
/** @var bool $currentPageExists - check if current page exists */
public $currentPageExists = false;
/** @var object $db - content of database.js */
protected $db;
/** @var bool $loggedIn - check if admin is logged in */
public $loggedIn = false;
/** @var array $listeners for hooks */
public $listeners = [];
/** @var string $dataPath path to data folder */
public $dataPath;
/** @var string $modulesCachePath path to cached json file with Themes/Plugins data */
protected $modulesCachePath;
/** @var string $securityCachePath path to security json file with force https caching data */
protected $securityCachePath;
/** @var string $dbPath path to database.js */
protected $dbPath;
/** @var string $filesPath path to uploaded files */
public $filesPath;
/** @var string $rootDir root dir of the install (where index.php is) */
public $rootDir;
/** @var bool $headerResponseDefault read default header response */
public $headerResponseDefault = true;
/** @var string $headerResponse header status */
public $headerResponse = 'HTTP/1.0 200 OK';
/**
* Constructor
*
* @param string $dataFolder
* @param string $filesFolder
* @param string $dbName
* @param string $rootDir
* @throws Exception
*/
public function __construct(
string $dataFolder = 'data',
string $filesFolder = 'files',
string $dbName = 'database.js',
string $rootDir = __DIR__
) {
$this->rootDir = $rootDir;
$this->setPaths($dataFolder, $filesFolder, $dbName);
$this->db = $this->getDb();
}
/**
* Setting default paths
*
* @param string $dataFolder
* @param string $filesFolder
* @param string $dbName
*/
public function setPaths(
string $dataFolder = 'data',
string $filesFolder = 'files',
string $dbName = 'database.js'
): void {
$this->dataPath = sprintf('%s/%s', $this->rootDir, $dataFolder);
$this->dbPath = sprintf('%s/%s', $this->dataPath, $dbName);
$this->filesPath = sprintf('%s/%s', $this->dataPath, $filesFolder);
$this->modulesCachePath = sprintf('%s/%s', $this->dataPath, 'cache.json');
$this->securityCachePath = sprintf('%s/%s', $this->dataPath, 'security.json');
}
/**
* Init function called on each page load
*
* @return void
* @throws Exception
*/
public function init(): void
{
$this->forceSSL();
$this->loginStatus();
$this->getSiteLanguage();
$this->pageStatus();
$this->logoutAction();
$this->loginAction();
$this->notFoundResponse();
$this->loadPlugins();
if ($this->loggedIn) {
$this->manuallyRefreshCacheData();
$this->addCustomModule();
$this->installUpdateModuleAction();
$this->changePasswordAction();
$this->deleteFileModuleAction();
$this->changePageThemeAction();
$this->backupAction();
$this->forceHttpsAction();
$this->saveChangesPopupAction();
$this->saveLogoutToLoginScreenAction();
$this->deletePageAction();
$this->saveAction();
$this->updateAction();
$this->uploadFileAction();
$this->notifyAction();
}
}
/**
* Set site language based on logged-in user
* @return string
* @throws Exception
*/
public function getSiteLanguage(): string
{
if ($this->loggedIn) {
$lang = $this->get('config', 'adminLang');
} else {
$lang = $this->get('config', 'siteLang');
}
if (gettype($lang) === 'object' && empty(get_object_vars($lang))) {
$lang = 'en';
$this->set('config', 'siteLang', $lang);
$this->set('config', 'adminLang', $lang);
}
return $lang;
}
/**
* Display the HTML. Called after init()
* @return void
*/
public function render(): void
{
header($this->headerResponse);
// Alert admin that page is hidden
if ($this->loggedIn) {
$loadingPage = null;
foreach ($this->get('config', 'menuItems') as $item) {
if ($this->currentPage === $item->slug) {
$loadingPage = $item;
}
}
if ($loadingPage && $loadingPage->visibility === 'hide') {
$this->alert('info',
'This page (' . $this->currentPage . ') is currently hidden from the menu. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#menu"><b>Open menu visibility settings</b></a>');
}
}
$this->loadThemeAndFunctions();
}
/**
* Function used by plugins to add a hook
*
* @param string $hook
* @param callable $functionName
*/
public function addListener(string $hook, callable $functionName): void
{
$this->listeners[$hook][] = $functionName;
}
/**
* Add alert message for admin
*
* @param string $class see bootstrap alerts classes
* @param string $message the message to display
* @param bool $sticky can it be closed?
* @return void
*/
public function alert(string $class, string $message, bool $sticky = false): void
{
if (isset($_SESSION['alert'][$class])) {
foreach ($_SESSION['alert'][$class] as $v) {
if ($v['message'] === $message) {
return;
}
}
}
$_SESSION['alert'][$class][] = ['class' => $class, 'message' => $this->hook('alert', $message)[0], 'sticky' => $sticky];
}
/**
* Display alert message to the admin
* @return string
*/
public function alerts(): string
{
if (!isset($_SESSION['alert'])) {
return '';
}
$output = '<div id="alertWrapperId" class="alertWrapper" style="">';
$output .= '<script>
const displayAlerts = localStorage.getItem("displayAlerts");
if (displayAlerts === "false") {
const alertWrapper = document.getElementById("alertWrapperId");
if (alertWrapper) {
alertWrapper.style.display = "none";
}
}
</script>';
foreach ($_SESSION['alert'] as $alertClass) {
foreach ($alertClass as $alert) {
$output .= '<div class="alert alert-'
. $alert['class']
. (!$alert['sticky'] ? ' alert-dismissible' : '')
. '">'
. (!$alert['sticky'] ? '<button type="button" class="close" data-dismiss="alert" onclick="parentNode.remove();">&times;</button>' : '')
. $alert['message']
. $this->hideAlerts();
}
}
$output .= '</div>';
unset($_SESSION['alert']);
return $output;
}
/**
* Allow admin to dismiss alerts
* @return string
*/
public function hideAlerts(): string
{
if (!$this->loggedIn) {
return '';
}
$output = '';
$output .= '<br><a href="" onclick="localStorage.setItem(\'displayAlerts\', \'false\');"><small>Hide all alerts until next login</small></a></div>';
return $output;
}
/**
* Get an asset (returns URL of the asset)
*
* @param string $location
* @return string
*/
public function asset(string $location): string
{
return self::url('themes/' . $this->get('config', 'theme') . '/' . $location);
}
/**
* Backup whole WonderCMS installation
*
* @return void
* @throws Exception
*/
public function backupAction(): void
{
if (!$this->loggedIn) {
return;
}
$backupList = glob($this->filesPath . '/*-backup-*.zip');
if (!empty($backupList)) {
$this->alert('danger',
'Backup files detected. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#files"><b>View and delete unnecessary backup files</b></a>');
}
if (isset($_POST['backup']) && $this->verifyFormActions()) {
$this->zipBackup();
}
}
/**
* Save if WCMS should force https
* @return void
* @throws Exception
*/
public function forceHttpsAction(): void
{
if (isset($_POST['forceHttps']) && $this->verifyFormActions()) {
$this->set('config', 'forceHttps', $_POST['forceHttps'] === 'true');
$this->updateSecurityCache();
$this->alert('success', 'Force HTTPs was successfully changed.');
$this->redirect();
}
}
/**
* Save if WCMS should show the popup before saving the page content changes
* @return void
* @throws Exception
*/
public function saveChangesPopupAction(): void
{
if (isset($_POST['saveChangesPopup']) && $this->verifyFormActions()) {
$this->set('config', 'saveChangesPopup', $_POST['saveChangesPopup'] === 'true');
$this->alert('success', 'Saving the confirmation popup settings changed.');
$this->redirect();
}
}
/**
* Save if admin should be redirected to login/last viewed page after logging out.
* @return void
* @throws Exception
*/
public function saveLogoutToLoginScreenAction(): void
{
if (isset($_POST['logoutToLoginScreen']) && $this->verifyFormActions()) {
$redirectToLogin = $_POST['logoutToLoginScreen'] === 'true';
$message = $redirectToLogin
? 'You will be redirected to login screen after logging out.'
: 'You will be redirected to last viewed screen after logging out.';
$this->set('config', 'logoutToLoginScreen', $_POST['logoutToLoginScreen'] === 'true');
$this->alert('success', $message);
$this->redirect();
}
}
/**
* Update cache for security settings.
* @return void
*/
public function updateSecurityCache(): void
{
$content = ['forceHttps' => $this->isHttpsForced()];
$json = json_encode($content, JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
file_put_contents($this->securityCachePath, $json, LOCK_EX);
}
/**
* Get a static block
*
* @param string $key name of the block
* @return string
*/
public function block(string $key): string
{
$blocks = $this->get('blocks');
$content = '';
if (isset($blocks->{$key})) {
$content = $this->loggedIn
? $this->editable($key, $blocks->{$key}->content, 'blocks')
: $blocks->{$key}->content;
}
return $this->hook('block', $content, $key)[0];
}
/**
* Change password
* @return void
* @throws Exception
*/
public function changePasswordAction(): void
{
if (isset($_POST['old_password'], $_POST['new_password'], $_POST['repeat_password'])
&& $_SESSION['token'] === $_POST['token']
&& $this->loggedIn
&& $this->hashVerify($_POST['token'])) {
if (!password_verify($_POST['old_password'], $this->get('config', 'password'))) {
$this->alert('danger',
'Wrong password. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#security"><b>Re-open security settings</b></a>');
$this->redirect();
return;
}
if (strlen($_POST['new_password']) < self::MIN_PASSWORD_LENGTH) {
$this->alert('danger',
sprintf('Password must be longer than %d characters. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#security"><b>Re-open security settings</b></a>',
self::MIN_PASSWORD_LENGTH));
$this->redirect();
return;
}
if ($_POST['new_password'] !== $_POST['repeat_password']) {
$this->alert('danger',
'New passwords do not match. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#security"><b>Re-open security settings</b></a>');
$this->redirect();
return;
}
$this->set('config', 'password', password_hash($_POST['new_password'], PASSWORD_DEFAULT));
$this->set('config', 'forceLogout', true);
$this->logoutAction(true);
$this->alert('success', '<center><b>Password changed. Log in again.</b></center>', 1);
}
}
/**
* Check if folders are writable
* Executed once before creating the database file
*
* @param string $folder the relative path of the folder to check/create
* @return void
* @throws Exception
*/
public function checkFolder(string $folder): void
{
if (!is_dir($folder) && !mkdir($folder, 0755) && !is_dir($folder)) {
throw new Exception('Could not create data folder.');
}
if (!is_writable($folder)) {
throw new Exception('Could write to data folder.');
}
}
/**
* Initialize the JSON database if it doesn't exist
* @return void
* @throws Exception
*/
public function createDb(): void
{
// Check php requirements
$this->checkMinimumRequirements();
$password = $this->generatePassword();
$this->db = (object)[
self::DB_CONFIG => [
'siteTitle' => 'Website title',
'siteLang' => 'en',
'adminLang' => 'en',
'theme' => 'sky',
'defaultPage' => 'home',
'login' => 'loginURL',
'forceLogout' => false,
'forceHttps' => false,
'saveChangesPopup' => false,
'password' => password_hash($password, PASSWORD_DEFAULT),
'lastLogins' => [],
'lastModulesSync' => null,
'customModules' => $this->defaultCustomModules(),
'menuItems' => [
'0' => [
'name' => 'Home',
'slug' => 'home',
'visibility' => 'show',
self::DB_MENU_ITEMS_SUBPAGE => new stdClass()
],
'1' => [
'name' => 'How to',
'slug' => 'how-to',
'visibility' => 'show',
self::DB_MENU_ITEMS_SUBPAGE => new stdClass()
]
]
],
'pages' => [
'404' => [
'title' => '404',
'keywords' => '404',
'description' => '404',
'content' => '<center><h1>404 - Page not found</h1></center>',
self::DB_PAGES_SUBPAGE_KEY => new stdClass()
],
'home' => [
'title' => 'Home',
'keywords' => 'Enter, page, keywords, for, search, engines',
'description' => 'A page description is also good for search engines.',
'content' => '<h1>Welcome to your website</h1>
<p>Your password for editing everything is: <b>' . $password . '</b></p>
<p><a href="' . self::url('loginURL') . '" class="button">Click here to login</a></p>
<p>To install an awesome editor, open Settings/Plugins and click Install Summernote.</p>',
self::DB_PAGES_SUBPAGE_KEY => new stdClass()
],
'how-to' => [
'title' => 'How to',
'keywords' => 'Enter, keywords, for, this page',
'description' => 'A page description is also good for search engines.',
'content' => '<h2>Easy editing</h2>
<p>After logging in, click anywhere to edit and click outside to save. Changes are live and shown immediately.</p>
<h2>Create new page</h2>
<p>Pages can be created in the Settings.</p>
<h2>Start a blog or change your theme</h2>
<p>To install, update or remove themes/plugins, visit the Settings.</p>
<h2><b>Support WonderCMS</b></h2>
<p>WonderCMS is free for over 12 years.<br>
<a href="https://swag.wondercms.com" target="_blank"><u>Click here to support us by getting a T-shirt</u></a> or <a href="https://www.wondercms.com/donate" target="_blank"><u>with a donation</u></a>.</p>',
self::DB_PAGES_SUBPAGE_KEY => new stdClass()
]
],
'blocks' => [
'subside' => [
'content' => '<h2>About your website</h2>
<br>
<p>Website description, contact form, mini map or anything else.</p>
<p>This editable area is visible on all pages.</p>'
],
'footer' => [
'content' => '&copy;' . date('Y') . ' Your website'
]
]
];
$this->save();
}
/**
* Default data for the Custom Modules
* @return array[]
*/
private function defaultCustomModules(): array {
return [
'themes' => [],
'plugins' => []
];
}
/**
* Create menu item
*
* @param string $name
* @param string|null $menu
* @param bool $createPage
* @param string $visibility show or hide
* @return void
* @throws Exception
*/
public function createMenuItem(
string $name,
string $menu = null,
string $visibility = 'hide',
bool $createPage = false
): void {
if (!in_array($visibility, ['show', 'hide'], true)) {
return;
}
$name = empty($name) ? 'empty' : str_replace([PHP_EOL, '<br>'], '', $name);
$slug = $this->createUniqueSlug($name, $menu);
$menuItems = $menuSelectionObject = clone $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
$menuTree = !empty($menu) || $menu === '0' ? explode('-', $menu) : [];
$slugTree = [];
if (count($menuTree)) {
foreach ($menuTree as $childMenuKey) {
$childMenu = $menuSelectionObject->{$childMenuKey};
if (!property_exists($childMenu, self::DB_MENU_ITEMS_SUBPAGE)) {
$childMenu->{self::DB_MENU_ITEMS_SUBPAGE} = new StdClass;
}
$menuSelectionObject = $childMenu->{self::DB_MENU_ITEMS_SUBPAGE};
$slugTree[] = $childMenu->slug;
}
}
$slugTree[] = $slug;
$menuCount = count(get_object_vars($menuSelectionObject));
$menuSelectionObject->{$menuCount} = new stdClass;
$menuSelectionObject->{$menuCount}->name = $name;
$menuSelectionObject->{$menuCount}->slug = $slug;
$menuSelectionObject->{$menuCount}->visibility = $visibility;
$menuSelectionObject->{$menuCount}->{self::DB_MENU_ITEMS_SUBPAGE} = new StdClass;
$this->set(self::DB_CONFIG, self::DB_MENU_ITEMS, $menuItems);
if ($createPage) {
$this->createPage($slugTree);
$_SESSION['redirect_to_name'] = $name;
$_SESSION['redirect_to'] = implode('/', $slugTree);
}
}
/**
* Update menu item
*
* @param string $name
* @param string $menu
* @param string $visibility show or hide
* @return void
* @throws Exception
*/
public function updateMenuItem(string $name, string $menu, string $visibility = 'hide'): void
{
if (!in_array($visibility, ['show', 'hide'], true)) {
return;
}
$name = empty($name) ? 'empty' : str_replace([PHP_EOL, '<br>'], '', $name);
$slug = $this->createUniqueSlug($name, $menu);
$menuItems = $menuSelectionObject = clone $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
$menuTree = explode('-', $menu);
$slugTree = [];
$menuKey = array_pop($menuTree);
if (count($menuTree) > 0) {
foreach ($menuTree as $childMenuKey) {
$childMenu = $menuSelectionObject->{$childMenuKey};
if (!property_exists($childMenu, self::DB_MENU_ITEMS_SUBPAGE)) {
$childMenu->{self::DB_MENU_ITEMS_SUBPAGE} = new StdClass;
}
$menuSelectionObject = $childMenu->{self::DB_MENU_ITEMS_SUBPAGE};
$slugTree[] = $childMenu->slug;
}
}
$slugTree[] = $menuSelectionObject->{$menuKey}->slug;
$menuSelectionObject->{$menuKey}->name = $name;
$menuSelectionObject->{$menuKey}->slug = $slug;
$menuSelectionObject->{$menuKey}->visibility = $visibility;
$menuSelectionObject->{$menuKey}->{self::DB_MENU_ITEMS_SUBPAGE} = $menuSelectionObject->{$menuKey}->{self::DB_MENU_ITEMS_SUBPAGE} ?? new StdClass;
$this->set(self::DB_CONFIG, self::DB_MENU_ITEMS, $menuItems);
$this->updatePageSlug($slugTree, $slug);
if ($this->get(self::DB_CONFIG, 'defaultPage') === implode('/', $slugTree)) {
// Change old slug with new one
array_pop($slugTree);
$slugTree[] = $slug;
$this->set(self::DB_CONFIG, 'defaultPage', implode('/', $slugTree));
}
}
/**
* Check if slug already exists and creates unique one
*
* @param string $slug
* @param string|null $menu
* @return string
*/
public function createUniqueSlug(string $slug, string $menu = null): string
{
$slug = $this->slugify($slug);
$allMenuItems = $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
$menuCount = count(get_object_vars($allMenuItems));
// Check if it is subpage
$menuTree = $menu ? explode('-', $menu) : [];
if (count($menuTree)) {
foreach ($menuTree as $childMenuKey) {
$allMenuItems = $allMenuItems->{$childMenuKey}->subpages;
}
}
foreach ($allMenuItems as $value) {
if ($value->slug === $slug) {
$slug .= '-' . $menuCount;
break;
}
}
return $slug;
}
/**
* Create new page
*
* @param array|null $slugTree
* @param bool $createMenuItem
* @return void
* @throws Exception
*/
public function createPage(array $slugTree = null, bool $createMenuItem = false): void
{
$pageExists = false;
$pageData = null;
foreach ($slugTree as $parentPage) {
if (!$pageData) {
$pageData = $this->get(self::DB_PAGES_KEY)->{$parentPage};
continue;
}
$pageData = $pageData->subpages->{$parentPage} ?? null;
$pageExists = !empty($pageData);
}
if ($pageExists) {
$this->alert('danger', 'Cannot create page with existing slug.');
return;
}
$slug = array_pop($slugTree);
$pageSlug = $slug ?: $this->slugify($this->currentPage);
$allPages = $selectedPage = clone $this->get(self::DB_PAGES_KEY);
$menuKey = null;
if (!empty($slugTree)) {
foreach ($slugTree as $childSlug) {
// Find menu key tree
if ($createMenuItem) {
$menuKey = $this->findAndUpdateMenuKey($menuKey, $childSlug);
}
// Create new parent page if it doesn't exist
if (!$selectedPage->{$childSlug}) {
$parentTitle = mb_convert_case(str_replace('-', ' ', $childSlug), MB_CASE_TITLE);
$selectedPage->{$childSlug}->title = $parentTitle;
$selectedPage->{$childSlug}->keywords = 'Keywords, are, good, for, search, engines';
$selectedPage->{$childSlug}->description = 'A short description is also good.';
if ($createMenuItem) {
$this->createMenuItem($parentTitle, $menuKey);
$menuKey = $this->findAndUpdateMenuKey($menuKey, $childSlug); // Add newly added menu key
}
}
if (!property_exists($selectedPage->{$childSlug}, self::DB_PAGES_SUBPAGE_KEY)) {
$selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY} = new StdClass;
}
$selectedPage = $selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY};
}
}
$pageTitle = !$slug ? str_replace('-', ' ', $pageSlug) : $pageSlug;
$selectedPage->{$slug} = new stdClass;
$selectedPage->{$slug}->title = mb_convert_case($pageTitle, MB_CASE_TITLE);
$selectedPage->{$slug}->keywords = 'Keywords, are, good, for, search, engines';
$selectedPage->{$slug}->description = 'A short description is also good.';
$selectedPage->{$slug}->{self::DB_PAGES_SUBPAGE_KEY} = new StdClass;
$this->set(self::DB_PAGES_KEY, $allPages);
if ($createMenuItem) {
$this->createMenuItem($pageTitle, $menuKey);
}
}
/**
* Find and update menu key tree based on newly requested slug
* @param string|null $menuKey
* @param string $slug
* @return string
*/
private function findAndUpdateMenuKey(?string $menuKey, string $slug): string
{
$menuKeys = $menuKey !== null ? explode('-', $menuKey) : $menuKey;
$menuItems = json_decode(json_encode($this->get(self::DB_CONFIG, self::DB_MENU_ITEMS)), true);
foreach ($menuKeys as $key) {
$menuItems = $menuItems[$key][self::DB_MENU_ITEMS_SUBPAGE] ?? [];
}
if (false !== ($index = array_search($slug, array_column($menuItems, 'slug'), true))) {
$menuKey = $menuKey === null ? $index : $menuKey . '-' . $index;
} elseif ($menuKey === null) {
$menuKey = count($menuItems);
}
return $menuKey;
}
/**
* Update page data
*
* @param array $slugTree
* @param string $fieldname
* @param string $content
* @return void
* @throws Exception
*/
public function updatePage(array $slugTree, string $fieldname, string $content): void
{
$slug = array_pop($slugTree);
$allPages = $selectedPage = clone $this->get(self::DB_PAGES_KEY);
if (!empty($slugTree)) {
foreach ($slugTree as $childSlug) {
if (!property_exists($selectedPage->{$childSlug}, self::DB_PAGES_SUBPAGE_KEY)) {
$selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY} = new StdClass;
}
$selectedPage = $selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY};
}
}
$selectedPage->{$slug}->{$fieldname} = $content;
$this->set(self::DB_PAGES_KEY, $allPages);
}
/**
* Delete page key
*
* @param array $slugTree
* @param string $fieldname
*
* @return void
* @throws Exception
*/
public function deletePageKey(array $slugTree, string $fieldname): void
{
$slug = array_pop($slugTree);
$selectedPage = clone $this->get(self::DB_PAGES_KEY);
if (!empty($slugTree)) {
foreach ($slugTree as $childSlug) {
if (!property_exists($selectedPage->{$childSlug}, self::DB_PAGES_SUBPAGE_KEY)) {
$selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY} = new StdClass;
}
$selectedPage = $selectedPage->{$childSlug}->{self::DB_PAGES_SUBPAGE_KEY};
}
}
unset($selectedPage->{$slug}->{$fieldname});
$this->save();
}
/**
* Delete existing page by slug
*
* @param array|null $slugTree
* @throws Exception
*/
public function deletePageFromDb(array $slugTree = null): void
{
$slug = array_pop($slugTree);
$selectedPage = $this->db->{self::DB_PAGES_KEY};
if (!empty($slugTree)) {
foreach ($slugTree as $childSlug) {
$selectedPage = $selectedPage->{$childSlug}->subpages;
}
}
unset($selectedPage->{$slug});
$this->save();
}
/**
* Update existing page slug
*
* @param array $slugTree
* @param string $newSlugName
* @throws Exception
*/
public function updatePageSlug(array $slugTree, string $newSlugName): void
{
$slug = array_pop($slugTree);
$selectedPage = $this->db->{self::DB_PAGES_KEY};
if (!empty($slugTree)) {
foreach ($slugTree as $childSlug) {
$selectedPage = $selectedPage->{$childSlug}->subpages;
}
}
$selectedPage->{$newSlugName} = $selectedPage->{$slug};
unset($selectedPage->{$slug});
$this->save();
}
/**
* Load CSS and enable plugins to load CSS
* @return string
*/
public function css(): string
{
if ($this->loggedIn) {
$styles = <<<'EOT'
<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/WonderCMS/wondercms-cdn-files@3.2.25/wcms-admin.min.css" crossorigin="anonymous">
EOT;
return $this->hook('css', $styles)[0];
}
return $this->hook('css', '')[0];
}
/**
* Get database content
* @return stdClass
* @throws Exception
*/
public function getDb(): stdClass
{
// initialize database if it doesn't exist
if (!file_exists($this->dbPath)) {
// this code only runs one time (on first page load/install)
$this->checkFolder(dirname($this->dbPath));
$this->checkFolder($this->filesPath);
$this->checkFolder($this->rootDir . '/' . self::THEMES_DIR);
$this->checkFolder($this->rootDir . '/' . self::PLUGINS_DIR);
$this->createDb();
}
return json_decode(file_get_contents($this->dbPath), false);
}
/**
* Get data from any json file
* @param string $path
* @return stdClass|null
*/
public function getJsonFileData(string $path): ?array
{
if (is_file($path) && file_exists($path)) {
return json_decode(file_get_contents($path), true);
}
return null;
}
/**
* Delete theme
* @return void
*/
public function deleteFileModuleAction(): void
{
if (!$this->loggedIn) {
return;
}
if (isset($_REQUEST['deleteModule'], $_REQUEST['type']) && $this->verifyFormActions(true)) {
$allowedDeleteTypes = ['files', 'plugins', 'themes'];
$filename = str_ireplace(
['/', './', '../', '..', '~', '~/', '\\'],
null,
trim($_REQUEST['deleteModule'])
);
$type = str_ireplace(
['/', './', '../', '..', '~', '~/', '\\'],
null,
trim($_REQUEST['type'])
);
if (!in_array($type, $allowedDeleteTypes, true)) {
$this->alert('danger',
'Wrong delete folder path.');
$this->redirect();
}
if ($filename === $this->get('config', 'theme')) {
$this->alert('danger',
'Cannot delete currently active theme. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#themes"><b>Re-open theme settings</b></a>');
$this->redirect();
}
$folder = $type === 'files' ? $this->filesPath : sprintf('%s/%s', $this->rootDir, $type);
$path = realpath("{$folder}/{$filename}");
if (file_exists($path)) {
$this->recursiveDelete($path);
$this->alert('success', "Deleted {$filename}.");
$this->redirect();
}
}
}
public function changePageThemeAction(): void
{
if (isset($_REQUEST['selectModule'], $_REQUEST['type']) && $this->verifyFormActions(true)) {
$theme = $_REQUEST['selectModule'];
if (!is_dir($this->rootDir . '/' . $_REQUEST['type'] . '/' . $theme)) {
return;
}
$this->set('config', 'theme', $theme);
$this->redirect();
}
}
/**
* Delete page
* @return void
* @throws Exception
*/
public function deletePageAction(): void
{
if (!isset($_GET['delete']) || !$this->verifyFormActions(true)) {
return;
}
$slugTree = explode('/', $_GET['delete']);
$this->deletePageFromDb($slugTree);
$allMenuItems = $selectedMenuItem = clone $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
if (count(get_object_vars($allMenuItems)) === 1 && count($slugTree) === 1) {
$this->alert('danger', 'Last page cannot be deleted - at least one page must exist.');
$this->redirect();
}
$selectedMenuItemParent = $selectedMenuItemKey = null;
foreach ($slugTree as $slug) {
$selectedMenuItemParent = $selectedMenuItem->{self::DB_MENU_ITEMS_SUBPAGE} ?? $selectedMenuItem;
foreach ($selectedMenuItemParent as $menuItemKey => $menuItem) {
if ($menuItem->slug === $slug) {
$selectedMenuItem = $menuItem;
$selectedMenuItemKey = $menuItemKey;
break;
}
}
}
unset($selectedMenuItemParent->{$selectedMenuItemKey});
$allMenuItems = $this->reindexObject($allMenuItems);
$defaultPage = $this->get(self::DB_CONFIG, 'defaultPage');
$defaultPageArray = explode('/', $defaultPage);
$treeIntersect = array_intersect_assoc($defaultPageArray, $slugTree);
if ($treeIntersect === $slugTree) {
$this->set(self::DB_CONFIG, 'defaultPage', $allMenuItems->{0}->slug);
}
$this->set(self::DB_CONFIG, self::DB_MENU_ITEMS, $allMenuItems);
$this->alert('success', 'Page <b>' . $slug . '</b> deleted.');
$this->redirect();
}
/**
* Get editable block
*
* @param string $id id for the block
* @param string $content html content
* @param string $dataTarget
* @return string
*/
public function editable(string $id, string $content, string $dataTarget = ''): string
{
return '<div' . ($dataTarget !== '' ? ' data-target="' . $dataTarget . '"' : '') . ' id="' . $id . '" class="editText editable">' . $content . '</div>';
}
/**
* Get main website title, show edit icon if logged in
* @return string
*/
public function siteTitle(): string
{
$output = $this->get('config', 'siteTitle');
if ($this->loggedIn) {
$output .= "<a data-toggle='wcms-modal' href='#settingsModal' data-target-tab='#menu'><i class='editIcon'></i></a>";
}
return $output;
}
/**
* Get footer, make it editable and show login link if it's set to default
* @return string
*/
public function footer(): string
{
if ($this->loggedIn) {
$output = '<div data-target="blocks" id="footer" class="editText editable">' . $this->get('blocks',
'footer')->content . '</div>';
} else {
$output = $this->get('blocks', 'footer')->content .
(!$this->loggedIn && $this->get('config', 'login') === 'loginURL'
? ' &bull; <a href="' . self::url('loginURL') . '">Login</a>'
: '');
}
return $this->hook('footer', $output)[0];
}
/**
* Generate random password
* @return string
*/
public function generatePassword(): string
{
$characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
return substr(str_shuffle($characters), 0, self::MIN_PASSWORD_LENGTH);
}
/**
* Get CSRF token
* @return string
* @throws Exception
*/
public function getToken(): string
{
return $_SESSION['token'] ?? $_SESSION['token'] = bin2hex(random_bytes(32));
}
/**
* Get something from database
*/
public function get()
{
$args = func_get_args();
$object = $this->db;
foreach ($args as $key => $arg) {
if (!property_exists($object, $arg)) {
$this->set(...array_merge($args, [new stdClass]));
}
$object = $object->{$arg};
}
return $object;
}
/**
* Download file content from url
* @param string $fileUrl
* @return string
*/
private function downloadFileFromUrl(string $fileUrl): string
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $fileUrl);
$content = curl_exec($ch);
if (false === $content) {
$this->alert('danger', 'Cannot get content from url.');
}
curl_close($ch);
return (string)$content;
}
/**
* Get content of a file from main branch
*
* @param string $file the file we want
* @param string $repo
* @return string
*/
public function getFileFromRepo(string $file, string $repo = self::WCMS_REPO): string
{
$repo = str_replace('https://github.com/', 'https://raw.githubusercontent.com/', $repo);
return $this->downloadFileFromUrl($repo . $file);
}
/**
* Get the latest version from main branch
* @param string $repo
* @return null|string
*/
public function getOfficialVersion(string $repo = self::WCMS_REPO): ?string
{
return $this->getCheckFileFromRepo('version', $repo);
}
/**
* Get the files from main branch
* @param string $fileName
* @param string $repo
* @return null|string
*/
public function getCheckFileFromRepo(string $fileName, string $repo = self::WCMS_REPO): ?string
{
$version = trim($this->getFileFromRepo($fileName, $repo));
return $version === '404: Not Found' || $version === '400: Invalid request' ? null : $version;
}
/**
* Compare token with hash_equals
*
* @param string $token
* @return bool
*/
public function hashVerify(string $token): bool
{
return hash_equals($token, $this->getToken());
}
/**
* Return hooks from plugins
* @return array
*/
public function hook(): array
{
$numArgs = func_num_args();
$args = func_get_args();
if ($numArgs < 2) {
trigger_error('Insufficient arguments', E_USER_ERROR);
}
$hookName = array_shift($args);
if (!isset($this->listeners[$hookName])) {
return $args;
}
foreach ($this->listeners[$hookName] as $func) {
$args = $func($args);
}
return $args;
}
/**
* Return array with all themes and their data
* @param string $type
* @return array
* @throws Exception
*/
public function listAllModules(string $type = self::THEMES_DIR): array
{
$newData = [];
if ($this->loggedIn) {
$data = $this->getModulesCachedData($type);
foreach ($data as $dirName => $addon) {
$exists = is_dir($this->rootDir . "/$type/" . $dirName);
$currentVersion = $exists ? $this->getModuleVersion($type, $dirName) : null;
$newVersion = $addon['version'];
$update = $newVersion !== null && $currentVersion !== null && $newVersion > $currentVersion;
if ($update) {
$this->alert('info',
'New ' . $type . ' update available. <b><a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#' . $type . '">Open ' . $type . '</a></b>');
}
$addonType = $exists ? self::THEME_PLUGINS_TYPES['exists'] : self::THEME_PLUGINS_TYPES['installs'];
$addonType = $update ? self::THEME_PLUGINS_TYPES['updates'] : $addonType;
$newData[$addonType][$dirName] = $addon;
$newData[$addonType][$dirName]['update'] = $update;
$newData[$addonType][$dirName]['install'] = !$exists;
$newData[$addonType][$dirName]['currentVersion'] = $currentVersion;
}
}
return $newData;
}
/**
* Check modules for cache
* @return void
* @throws Exception
*/
public function checkModulesCache(): void
{
$db = $this->getDb();
$data = $this->getJsonFileData($this->modulesCachePath);
// Recreate cache if lastModulesSync is missing
$lastSync = $db->config->lastModulesSync ?? strtotime('-2 days');
if (empty($data) || strtotime($lastSync) < strtotime('-1 days')) {
$this->updateAndCacheModules();
}
}
/**
* Retrieve cached Themes/Plugins data
* @param string $type
* @return array|null
* @throws Exception
*/
public function getModulesCachedData(string $type = self::THEMES_DIR): array
{
$this->checkModulesCache();
$data = $this->getJsonFileData($this->modulesCachePath);
return $data !== null && array_key_exists($type, $data) ? $data[$type] : [];
}
/**
* Retrieve cached single Theme/Plugin data
* @param string $moduleKey
* @param string $type
* @return array|null
* @throws Exception
*/
public function getSingleModuleCachedData(string $moduleKey, string $type = self::THEMES_DIR): array
{
$data = $this->getModulesCachedData($type);
return $data !== null && array_key_exists($moduleKey, $data) ? $data[$moduleKey] : [];
}
/**
* Force cache refresh for updates
* @throws Exception
*/
public function manuallyRefreshCacheData(): void
{
if (!isset($_REQUEST['manuallyResetCacheData']) || !$this->verifyFormActions(true)) {
return;
}
$this->updateAndCacheModules();
$this->checkWcmsCoreUpdate();
$this->set('config', 'lastModulesSync', date('Y/m/d'));
$this->redirect();
}
/**
* Forces http to https
*/
private function forceSSL(): void
{
if ($this->isHttpsForced() && !Wcms::isCurrentlyOnSSL()) {
$this->updateSecurityCache();
$this->redirect();
}
}
/**
* Method checks for new modules and caches them
* @throws Exception
*/
private function updateAndCacheModules(): void
{
$this->set('config', 'lastModulesSync', date('Y/m/d'));
$this->cacheModulesData();
}
/**
* Fetch module config from url
* @param string $url
* @param string $type
* @return object|null
*/
private function fetchModuleConfig(string $url, string $type): ?object
{
$wcmsModules = json_decode(trim($this->downloadFileFromUrl($url)));
$wcmsModulesData = $wcmsModules && property_exists($wcmsModules, $type)
? $wcmsModules->{$type}
: null;
if (null === $wcmsModulesData) {
$this->alert('danger', 'The wcms-modules.json file does not contain all the required information.');
return null;
}
$wcmsModulesData = get_mangled_object_vars($wcmsModulesData);
$returnData = reset($wcmsModulesData);
$name = key($wcmsModulesData);
$returnData->dirName = $name;
return $returnData;
}
/**
* Update cache for default themes/plugins modules.
* @return void
* @throws Exception
*/
private function updateModulesCache(): void
{
$wcmsModules = trim($this->getFileFromRepo('wcms-modules.json', self::WCMS_CDN_REPO));
$jsonObject = json_decode($wcmsModules);
if (empty($jsonObject)) {
return;
}
$parsedCache = $this->moduleCacheMapper($jsonObject);
if (empty($parsedCache)) {
return;
}
$this->save($this->modulesCachePath, $parsedCache);
}
/**
* Mapper between wcms-modules.json and applications cache.json
* @param object $wcmsModule
* @return object
*/
private function moduleCacheMapper(object $wcmsModule): object
{
$mappedModules = new stdClass;
foreach ($wcmsModule as $type => $value) {
if ($type === 'version') {
if ($value !== self::MODULES_JSON_VERSION) {
$this->alert('danger', 'The wcms-modules.json version is incorrect');
break;
}
continue;
}
$mappedModules->{$type} = new stdClass();
foreach ($value as $moduleName => $module) {
$parsedModule = $this->moduleCacheParser($module, $moduleName);
if (empty($parsedModule)) {
continue;
}
$mappedModules->{$type}->{$moduleName} = new stdClass();
$mappedModules->{$type}->{$moduleName} = $parsedModule;
}
}
return $mappedModules;
}
/**
* Parse module cache to
* @param object $module
* @param string $moduleName
* @return object|null
*/
private function moduleCacheParser(object $module, string $moduleName): ?object {
if (!$this->validateWcmsModuleStructure($module)) {
return null;
}
return (object)[
"name" => $module->name,
"dirName" => $moduleName,
"repo" => $module->repo,
"zip" => $module->zip,
"summary" => $module->summary,
"version" => $module->version,
"image" => $module->image,
];
}
/**
* Cache themes and plugins data
* @throws Exception
*/
private function cacheModulesData(): void
{
$db = $this->getDb();
// Download wcms-modules as cache
$this->updateModulesCache();
// Cache custom modules
$returnArray = $this->getJsonFileData($this->modulesCachePath);
// If custom modules is missing from the DB, we add it
if (!property_exists($db->config, 'customModules')) {
$this->set('config', 'customModules', $this->defaultCustomModules());
$db = $this->getDb();
}
$arrayCustom = (array)$db->config->customModules;
foreach ($arrayCustom as $type => $modules) {
foreach ($modules as $url) {
$wcmsModuleData = $this->fetchModuleConfig($url, $type);
if (null === $wcmsModuleData) {
continue;
}
$name = $wcmsModuleData->dirName;
$wcmsModuleData = $this->moduleCacheParser($wcmsModuleData, $name);
$returnArray[$type][$name] = $wcmsModuleData;
}
}
$this->save($this->modulesCachePath, (object)$returnArray);
}
/**
* Cache single theme or plugin data
* @param string $url
* @param string $type
* @throws Exception
*/
private function cacheSingleCacheModuleData(string $url, string $type): void
{
$returnArray = $this->getJsonFileData($this->modulesCachePath);
$wcmsModuleData = $this->fetchModuleConfig($url, $type);
if (null === $wcmsModuleData) {
return;
}
$name = $wcmsModuleData->dirName;
$wcmsModuleData = $this->moduleCacheParser($wcmsModuleData, $name);
$returnArray[$type][$name] = $wcmsModuleData;
$this->save($this->modulesCachePath, (object)$returnArray);
}
/**
* Check if the module url already exists
* @param string $repo
* @param string $type
* @return bool
* @throws Exception
*/
private function checkIfModuleRepoExists(string $repo, string $type): bool
{
$data = $this->getModulesCachedData($type);
return in_array($repo, array_column($data, 'repo'));
}
/**
* Validate structure of the wcms module json
* @param object $wcmsModule
* @return bool
*/
private function validateWcmsModuleStructure(object $wcmsModule): bool {
return property_exists($wcmsModule, 'name')
&& property_exists($wcmsModule, 'repo')
&& property_exists($wcmsModule, 'zip')
&& property_exists($wcmsModule, 'summary')
&& property_exists($wcmsModule, 'version')
&& property_exists($wcmsModule, 'image');
}
/**
* Add custom url links for themes and plugins
* @throws Exception
*/
public function addCustomModule(): void
{
if (!isset($_POST['pluginThemeUrl'], $_POST['pluginThemeType'], $_POST['password_recheck']) || !$this->verifyFormActions()) {
return;
}
if (!password_verify($_POST['password_recheck'], $this->get('config', 'password'))) {
$this->alert('danger', 'Invalid password.');
$this->redirect();
}
$type = $_POST['pluginThemeType'];
$url = rtrim(trim($_POST['pluginThemeUrl']), '/');
$customModules = (array)$this->get('config', 'customModules', $type);
$wcmsModuleData = $this->fetchModuleConfig($url, $type);
$errorMessage = null;
switch (true) {
case null === $wcmsModuleData || !$this->isValidModuleURL($url):
$errorMessage = 'Invalid URL. The module URL needs to contain the full path to the raw wcms-modules.json file.';
break;
case !$this->validateWcmsModuleStructure($wcmsModuleData):
$errorMessage = 'Module not added - the wcms-modules.json file does not contain all the required information.';
break;
case $this->checkIfModuleRepoExists($wcmsModuleData->repo, $type):
$errorMessage = 'Module already exists.';
break;
}
if ($errorMessage !== null) {
$this->alert('danger', $errorMessage);
$this->redirect();
}
$customModules[] = $url;
$this->set('config', 'customModules', $type, $customModules);
$this->cacheSingleCacheModuleData($url, $type);
$this->alert('success',
'Module successfully added to <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#' . $type . '">' . ucfirst($type) . '</b></a>.');
$this->redirect();
}
/**
* Read plugin version
* @param string $type
* @param string $name
* @return string|null
*/
public function getModuleVersion(string $type, string $name): ?string
{
$version = null;
$path = sprintf('%s/%s/%s', $this->rootDir, $type, $name);
$wcmsModulesPath = $path . '/wcms-modules.json';
$versionPath = $path . '/version';
if (is_dir($path) && (is_file($wcmsModulesPath) || is_file($versionPath))) {
if (is_file($wcmsModulesPath)) {
$wcmsModules = json_decode(trim(file_get_contents($wcmsModulesPath)));
$version = $wcmsModules->{$type}->{$name}->version;
} else {
$version = trim(file_get_contents($versionPath));
}
}
return $version;
}
/**
* Install and update theme
* @throws Exception
*/
public function installUpdateModuleAction(): void
{
if (!isset($_REQUEST['installModule'], $_REQUEST['type']) || !$this->verifyFormActions(true)) {
return;
}
$folderName = trim(htmlspecialchars($_REQUEST['installModule']));
$type = $_REQUEST['type'];
$cached = $this->getSingleModuleCachedData($folderName, $type);
$url = !empty($cached) ? $cached['zip'] : null;
if (empty($url)) {
$this->alert('danger', 'Unable to find theme or plugin.');
return;
}
$path = sprintf('%s/%s/', $this->rootDir, $type);
if (in_array($type, self::VALID_DIRS, true)) {
$zipFile = $this->filesPath . '/ZIPFromURL.zip';
$zipResource = fopen($zipFile, 'w');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FILE, $zipResource);
curl_exec($ch);
$curlError = curl_error($ch);
curl_close($ch);
$zip = new \ZipArchive;
if ($curlError || $zip->open($zipFile) !== true || (stripos($url, '.zip') === false)) {
$this->recursiveDelete($this->rootDir . '/data/files/ZIPFromURL.zip');
$this->alert('danger',
'Error opening ZIP file.' . ($curlError ? ' Error description: ' . $curlError : ''));
$this->redirect();
}
// First delete old plugin folder
$this->recursiveDelete($path . $folderName);
// Then extract new one
$zip->extractTo($path);
$zip->close();
$this->recursiveDelete($this->rootDir . '/data/files/ZIPFromURL.zip');
$moduleFolder = $path . $folderName . '-master';
if (!is_dir($moduleFolder)) {
$moduleFolder = $path . $folderName . '-main';
}
if (is_dir($moduleFolder) && !rename($moduleFolder, $path . $folderName)) {
throw new Exception('Theme or plugin not installed. Possible cause: themes or plugins folder is not writable.');
}
$this->alert('success', 'Successfully installed/updated ' . $folderName . '.');
$this->redirect();
}
}
/**
* Validate if custom module url has wcms-modules.json
* @param string $url
* @return boolean
*/
private function isValidModuleURL(string $url): bool
{
return strpos($url, 'wcms-modules.json') !== false;
}
/**
* Verify if admin is logged in and has verified token for POST calls
* @param bool $isRequest
* @return bool
*/
public function verifyFormActions(bool $isRequest = false): bool
{
return ($isRequest ? isset($_REQUEST['token']) : isset($_POST['token']))
&& $this->loggedIn
&& $this->hashVerify($isRequest ? $_REQUEST['token'] : $_POST['token']);
}
/**
* Load JS and enable plugins to load JS
* @return string
* @throws Exception
*/
public function js(): string
{
if ($this->loggedIn) {
$scripts = <<<EOT
<script src="https://cdn.jsdelivr.net/npm/autosize@4.0.2/dist/autosize.min.js" integrity="sha384-gqYjRLBp7SeF6PCEz2XeqqNyvtxuzI3DuEepcrNHbrO+KG3woVNa/ISn/i8gGtW8" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/taboverride@4.0.3/build/output/taboverride.min.js" integrity="sha384-fYHyZra+saKYZN+7O59tPxgkgfujmYExoI6zUvvvrKVT1b7krdcdEpTLVJoF/ap1" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/gh/WonderCMS/wondercms-cdn-files@3.2.26/wcms-admin.min.js" integrity="sha384-lwdbkm/17hWy+Y4iBnY0iEp0FlaKvjdeTBZaRYM1DGPshGgxKoPaB87Xue26Wv1W" crossorigin="anonymous"></script>
EOT;
$scripts .= '<script>const token = "' . $this->getToken() . '";</script>';
$scripts .= '<script>const rootURL = "' . $this->url() . '";</script>';
$scripts .= '<script>function recheckPasswordPrompt(e) {
e.target.elements["password_recheck"].value = prompt("Please confirm your admin password.");
return true;
}</script>';
return $this->hook('js', $scripts)[0];
}
return $this->hook('js', '')[0];
}
/**
* Load plugins (if any exist)
* @return void
*/
public function loadPlugins(): void
{
$this->installedPlugins = [];
$plugins = $this->rootDir . '/plugins';
if (!is_dir($plugins) && !mkdir($plugins) && !is_dir($plugins)) {
return;
}
if (!is_dir($this->filesPath) && !mkdir($this->filesPath) && !is_dir($this->filesPath)) {
return;
}
foreach (glob($plugins . '/*', GLOB_ONLYDIR) as $dir) {
$pluginName = basename($dir);
if (file_exists($dir . '/' . $pluginName . '.php')) {
include $dir . '/' . $pluginName . '.php';
$this->installedPlugins[] = $pluginName;
}
}
}
/**
* Loads theme files and functions.php file (if they exist)
* @return void
*/
public function loadThemeAndFunctions(): void
{
$location = $this->rootDir . '/themes/' . $this->get('config', 'theme');
if (file_exists($location . '/functions.php')) {
require_once $location . '/functions.php';
}
# If page does not exist for non-logged-in users, then show 404 theme if it exists.
$is404 = !$this->loggedIn && !$this->currentPageExists && $this->currentPage !== $this->get('config', 'login');
$customPageTemplate = sprintf('%s/%s.php', $location, $is404 ? '404' : $this->currentPage);
require_once file_exists($customPageTemplate) ? $customPageTemplate : $location . '/theme.php';
}
/**
* Admin login verification
* @return void
* @throws Exception
*/
public function loginAction(): void
{
if ($this->currentPage !== $this->get('config', 'login')) {
return;
}
if ($this->loggedIn) {
$this->redirect();
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
return;
}
$password = $_POST['password'] ?? '';
if (password_verify($password, $this->get('config', 'password'))) {
session_regenerate_id(true);
$_SESSION['loggedIn'] = true;
$_SESSION['rootDir'] = $this->rootDir;
$this->set('config', 'forceLogout', false);
$this->saveAdminLoginIP();
$this->redirect();
}
$this->alert('test', '<script>alert("Wrong password")</script>', 1);
$this->redirect($this->get('config', 'login'));
}
/**
* Save admins last 5 IPs
*/
private function saveAdminLoginIP(): void
{
$getAdminIP = $_SERVER['HTTP_CLIENT_IP'] ?? $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'] ?? null;
if ($getAdminIP === null) {
return;
}
if (!$savedIPs = $this->get('config', 'lastLogins')) {
$this->set('config', 'lastLogins', []);
$savedIPs = [];
}
$savedIPs = (array)$savedIPs;
$savedIPs[date('Y/m/d H:i:s')] = $getAdminIP;
krsort($savedIPs);
$this->set('config', 'lastLogins', array_slice($savedIPs, 0, 5));
}
/**
* Check if admin is logged in
* @return void
*/
public function loginStatus(): void
{
$this->loggedIn = $this->get('config', 'forceLogout')
? false
: isset($_SESSION['loggedIn'], $_SESSION['rootDir']) && $_SESSION['rootDir'] === $this->rootDir;
}
/**
* Login form view
* @return array
*/
public function loginView(): array
{
return [
'title' => $this->hook('loginView', 'Login')[0],
'description' => '',
'keywords' => '',
'content' => $this->hook('loginView', '
<style>.showUpdate{display: block !important}</style>
<div class="wUpdate" style="display:none;color:#ccc;left:0;top:0;width:100%;height:100%;position:fixed;text-align:center;padding-top:100px;background:rgba(51,51,51,.8);z-index:2448"><h2>Logging in and checking for updates</h2><p>This might take a moment.</p></div>
<form action="' . self::url($this->get('config', 'login')) . '" method="post">
<div class="winput-group text-center">
<h1>Login to your website</h1>
<input type="password" class="wform-control" id="password" name="password" placeholder="Password" autofocus><br><br>
<span class="winput-group-btn">
<button type="submit" class="wbtn wbtn-info" onclick="document.getElementsByClassName(\'wUpdate\')[0].classList.toggle(\'showUpdate\'); localStorage.clear();">Login</button>
</span>
</div>
</form>')[0]
];
}
/**
* Logout action
* @param bool $forceLogout
* @return void
*/
public function logoutAction(bool $forceLogout = false): void
{
if ($forceLogout
|| ($this->currentPage === 'logout'
&& isset($_REQUEST['token'])
&& $this->hashVerify($_REQUEST['token']))) {
$to = isset($_GET['to']) && !empty($_GET['to']) && !$this->isLogoutToLoginScreenEnabled()
? $_GET['to']
: $this->get('config', 'login');
unset($_SESSION['loggedIn'], $_SESSION['rootDir'], $_SESSION['token'], $_SESSION['alert']);
$this->redirect($to);
}
}
/**
* If admin is logged in and on existing page, this will save previous page and push it to logout action
* @return string|null
*/
private function logoutToUrl(): ?string
{
if (!$this->loggedIn || !$this->currentPageExists) {
return null;
}
return $this->getCurrentPagePath();
}
/**
* Return menu items, if they are set to be visible
* @return string
*/
public function menu(): string
{
$output = '';
foreach ($this->get('config', 'menuItems') as $item) {
if ($item->visibility === 'hide') {
continue;
}
$output .= $this->renderPageNavMenuItem($item);
}
return $this->hook('menu', $output)[0];
}
/**
* 404 header response
* @return void
*/
public function notFoundResponse(): void
{
if (!$this->loggedIn && !$this->currentPageExists && $this->headerResponseDefault) {
$this->headerResponse = 'HTTP/1.1 404 Not Found';
}
}
/**
* Return 404 page to visitors
* Admin can create a page that doesn't exist yet
*/
public function notFoundView()
{
if ($this->loggedIn) {
return [
'title' => str_replace('-', ' ', $this->currentPage),
'description' => '',
'keywords' => '',
'content' => '<h2>Click to create content</h2>'
];
}
return $this->get('pages', '404');
}
/**
* Admin notifications
* Alerts for non-existent pages, changing default settings, new version/update
* @return void
* @throws Exception
*/
public function notifyAction(): void
{
if (!$this->loggedIn) {
return;
}
if (!$this->currentPageExists) {
$this->alert(
'info',
'<b>This page (' . $this->currentPage . ') doesn\'t exist.</b> Editing the content below will create it.'
);
}
if ($this->get('config', 'login') === 'loginURL') {
$this->alert('danger',
'Change your login URL and save it for later use. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#security"><b>Open security settings</b></a>');
}
$this->checkModulesCache();
}
/**
* Checks if there is new Wcms version
*/
private function checkWcmsCoreUpdate(): void
{
$onlineVersion = $this->getOfficialVersion();
if ($onlineVersion > VERSION) {
$this->alert(
'info',
'<h3>New WonderCMS update available</h3>
<a href="https://wondercms.com/news" target="_blank"><u><b>Check what\'s new</b></u></a>
and <b>backup your website</b> before updating.
<form action="' . $this->getCurrentPageUrl() . '" method="post" class="marginTop5">
<button type="submit" class="wbtn wbtn-info marginTop20" name="backup"><i class="installIcon"></i>Download backup</button>
<div class="clear"></div>
<button class="wbtn wbtn-info marginTop5" name="update"><i class="refreshIcon"></i>Update WonderCMS ' . VERSION . ' to ' . $onlineVersion . '</button>
<input type="hidden" name="token" value="' . $this->getToken() . '">
</form>'
);
}
}
/**
* Update menu visibility state
*
* @param string $visibility - "show" for visible, "hide" for invisible
* @param string $menu
* @throws Exception
*/
public function updateMenuItemVisibility(string $visibility, string $menu): void
{
if (!in_array($visibility, ['show', 'hide'], true)) {
return;
}
$menuTree = explode('-', $menu);
$menuItems = $menuSelectionObject = clone $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
// Find sub menu item
if ($menuTree) {
$mainParentMenu = array_shift($menuTree);
$menuSelectionObject = $menuItems->{$mainParentMenu};
foreach ($menuTree as $childMenuKey) {
$menuSelectionObject = $menuSelectionObject->subpages->{$childMenuKey};
}
}
$menuSelectionObject->visibility = $visibility;
$this->set(self::DB_CONFIG, self::DB_MENU_ITEMS, $menuItems);
}
/**
* Reorder the pages
*
* @param int $content 1 for down arrow or -1 for up arrow
* @param string $menu
* @return void
* @throws Exception
*/
public function orderMenuItem(int $content, string $menu): void
{
// check if content is 1 or -1 as only those values are acceptable
if (!in_array($content, [1, -1], true)) {
return;
}
$menuTree = explode('-', $menu);
$mainParentMenu = $selectedMenuKey = array_shift($menuTree);
$menuItems = $menuSelectionObject = clone $this->get(self::DB_CONFIG, self::DB_MENU_ITEMS);
// Sorting of subpages in menu
if ($menuTree) {
$selectedMenuKey = array_pop($menuTree);
$menuSelectionObject = $menuItems->{$mainParentMenu}->subpages;
foreach ($menuTree as $childMenuKey) {
$menuSelectionObject = $menuSelectionObject->{$childMenuKey}->subpages;
}
}
$targetPosition = $selectedMenuKey + $content;
// Find and switch target and selected menu position in DB
$selectedMenu = $menuSelectionObject->{$selectedMenuKey};
$targetMenu = $menuSelectionObject->{$targetPosition};
$menuSelectionObject->{$selectedMenuKey} = $targetMenu;
$menuSelectionObject->{$targetPosition} = $selectedMenu;
$this->set(self::DB_CONFIG, self::DB_MENU_ITEMS, $menuItems);
}
/**
* Return pages and display correct view (actual page or 404)
* Display different content and editable areas for admin
*
* @param string $key
* @return string
*/
public function page(string $key): string
{
$segments = $this->getCurrentPageData();
if (!$this->currentPageExists || !$segments) {
$segments = $this->get('config', 'login') === $this->currentPage
? (object)$this->loginView()
: (object)$this->notFoundView();
}
$segments->content = $segments->content ?? '<h2>Click here add content</h2>';
$keys = [
'title' => $segments->title,
'description' => $segments->description,
'keywords' => $segments->keywords,
'content' => $this->loggedIn
? $this->editable('content', $segments->content, 'pages')
: $segments->content
];
$content = $keys[$key] ?? '';
return $this->hook('page', $content, $key)[0];
}
/**
* Return database data of current page
*
* @return object|null
*/
public function getCurrentPageData(): ?object
{
return $this->getPageData(implode('/', $this->currentPageTree));
}
/**
* Return database data of any page
*
* @param string $slugTree
* @return object|null
*/
public function getPageData(string $slugTree): ?object
{
$arraySlugTree = explode('/', $slugTree);
$pageData = null;
foreach ($arraySlugTree as $slug) {
if ($pageData === null) {
$pageData = $this->get(self::DB_PAGES_KEY)->{$slug} ?? null;
continue;
}
$pageData = $pageData->{self::DB_PAGES_SUBPAGE_KEY}->{$slug} ?? null;
if (!$pageData) {
return null;
}
}
return $pageData;
}
/**
* Get current page url
*
* @return string
*/
public function getCurrentPageUrl(): string
{
return self::url($this->getCurrentPagePath());
}
/**
* Get current page path
*
* @return string
*/
public function getCurrentPagePath(): string
{
$path = '';
foreach ($this->currentPageTree as $parentPage) {
$path .= $parentPage . '/';
}
return $path;
}
/**
* Page status (exists or doesn't exist)
* @return void
*/
public function pageStatus(): void
{
$this->currentPage = $this->parseUrl() ?: $this->get('config', 'defaultPage');
$this->currentPageExists = !empty($this->getCurrentPageData());
}
/**
* URL parser
* @return string
*/
public function parseUrl(): string
{
$page = $_GET['page'] ?? null;
$page = !empty($page) ? trim(htmlspecialchars($page, ENT_QUOTES)) : null;
if (!isset($page) || !$page) {
$defaultPage = $this->get('config', 'defaultPage');
$this->currentPageTree = explode('/', $defaultPage);
return $defaultPage;
}
$this->currentPageTree = explode('/', rtrim($page, '/'));
if ($page === $this->get('config', 'login')) {
return $page;
}
$currentPage = end($this->currentPageTree);
return $this->slugify($currentPage);
}
/**
* Recursive delete - used for deleting files, themes, plugins
*
* @param string $file
* @return void
*/
public function recursiveDelete(string $file): void
{
if (is_dir($file)) {
$files = new DirectoryIterator($file);
foreach ($files as $dirFile) {
if (!$dirFile->isDot()) {
$dirFile->isDir() ? $this->recursiveDelete($dirFile->getPathname()) : unlink($dirFile->getPathname());
}
}
rmdir($file);
} elseif (is_file($file)) {
unlink($file);
}
}
/**
* Redirect to any URL
*
* @param string $location
* @return void
*/
public function redirect(string $location = ''): void
{
header('Location: ' . self::url($location));
die();
}
/**
* Save object to disk (default is set for DB)
* @param string|null $path
* @param object|null $content
* @return void
* @throws Exception
*/
public function save(string $path = null, object $content = null): void
{
$path = $path ?? $this->dbPath;
$content = $content ?? $this->db;
$json = json_encode($content, JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
if (empty($content) || empty($json) || json_last_error() !== JSON_ERROR_NONE) {
$errorMessage = sprintf(
'%s - Error while trying to save in %s: %s',
time(),
$path,
print_r($content, true)
);
try {
$randomNumber = random_bytes(8);
} catch (Exception $e) {
$randomNumber = microtime(false);
}
$logName = date('Y-m-d H:i:s') . '-error-' . bin2hex($randomNumber) . '.log';
$logsPath = sprintf('%s/data/logs', $this->rootDir);
$this->checkFolder($logsPath);
error_log(
$errorMessage,
3,
sprintf('%s/%s', $logsPath, $logName)
);
return;
}
file_put_contents($path, $json, LOCK_EX);
}
/**
* Saving menu items, default page, login URL, theme, editable content
* @return void
* @throws Exception
*/
public function saveAction(): void
{
if (!$this->loggedIn) {
return;
}
if (isset($_SESSION['redirect_to'])) {
$newUrl = $_SESSION['redirect_to'];
$newPageName = $_SESSION['redirect_to_name'];
unset($_SESSION['redirect_to'], $_SESSION['redirect_to_name']);
$this->alert('success',
"Page <b>$newPageName</b> created. Click <a href=" . $newUrl . ">here</a> to open it.");
$this->redirect($newUrl);
}
if (isset($_POST['fieldname'], $_POST['content'], $_POST['target'], $_POST['token'])
&& $this->hashVerify($_POST['token'])) {
[$fieldname, $content, $target, $menu, $visibility] = $this->hook('save', $_POST['fieldname'],
$_POST['content'], $_POST['target'], $_POST['menu'] ?? null, ($_POST['visibility'] ?? 'hide'));
if ($target === 'menuItemUpdate' && $menu !== null) {
$this->updateMenuItem($content, $menu, $visibility);
$_SESSION['redirect_to_name'] = $content;
$_SESSION['redirect_to'] = $this->slugify($content);
}
if ($target === 'menuItemCreate' && $menu !== null) {
$this->createMenuItem($content, $menu, $visibility, true);
}
if ($target === 'menuItemVsbl' && $menu !== null) {
$this->updateMenuItemVisibility($visibility, $menu);
}
if ($target === 'menuItemOrder' && $menu !== null) {
$this->orderMenuItem($content, $menu);
}
if ($fieldname === 'defaultPage' && $this->getPageData($content) === null) {
return;
}
if ($fieldname === 'login' && (empty($content) || $this->getPageData($content) !== null)) {
return;
}
if ($fieldname === 'theme' && !is_dir($this->rootDir . '/themes/' . $content)) {
return;
}
if ($target === 'config') {
$this->set('config', $fieldname, $content);
} elseif ($target === 'blocks') {
$this->set('blocks', $fieldname, 'content', $content);
} elseif ($target === 'pages') {
if (!$this->currentPageExists) {
$this->createPage($this->currentPageTree, true);
}
$this->updatePage($this->currentPageTree, $fieldname, $content);
}
}
}
/**
* Set something to database
* @return void
* @throws Exception
*/
public function set(): void
{
$args = func_get_args();
$value = array_pop($args);
$lastKey = array_pop($args);
$data = $this->db;
foreach ($args as $arg) {
$data = $data->{$arg};
}
$data->{$lastKey} = $value;
$this->save();
}
/**
* Display admin settings panel
* @return string
* @throws Exception
*/
public function settings(): string
{
if (!$this->loggedIn) {
return '';
}
$currentPageData = $this->getCurrentPageData();
$fileList = array_slice(scandir($this->filesPath), 2);
$logoutTo = $this->logoutToUrl();
$isHttpsForced = $this->isHttpsForced();
$isSaveChangesPopupEnabled = $this->isSaveChangesPopupEnabled();
$isLogoutToLoginScreenEnabled = $this->isLogoutToLoginScreenEnabled();
$output = '
<script>var saveChangesPopup = ' . ($isSaveChangesPopupEnabled ? "true" : "false") . '</script>
<div id="save" class="loader-overlay"><h2><i class="animationLoader"></i><br />Saving</h2></div>
<div id="cache" class="loader-overlay"><h2><i class="animationLoader"></i><br />Checking for updates</h2></div>
<div id="adminPanel">
<a data-toggle="wcms-modal" class="wbtn wbtn-secondary wbtn-sm settings button" href="#settingsModal"><i class="settingsIcon"></i> Settings </a> <a href="' . self::url('logout?token=' . $this->getToken()) . '&to=' . $logoutTo . '" class="wbtn wbtn-danger wbtn-sm button logout" title="Logout" onclick="return confirm(\'Log out?\')"><i class="logoutIcon"></i></a>
<div class="wcms-modal modal" id="settingsModal">
<div class="modal-dialog modal-xl">
<div class="modal-content">
<div class="modal-header"><button type="button" class="close" data-dismiss="wcms-modal" aria-hidden="true">&times;</button></div>
<div class="modal-body coll-xs-12 coll-12">
<ul class="nav nav-tabs justify-content-center text-center" role="tablist">
<li role="presentation" class="nav-item"><a href="#currentPage" aria-controls="currentPage" role="tab" data-toggle="tab" class="nav-link active">Current page</a></li>
<li role="presentation" class="nav-item"><a href="#menu" aria-controls="menu" role="tab" data-toggle="tab" class="nav-link">Menu</a></li>
<li role="presentation" class="nav-item"><a href="#files" aria-controls="files" role="tab" data-toggle="tab" class="nav-link">Files</a></li>
<li role="presentation" class="nav-item"><a href="#themes" aria-controls="themes" role="tab" data-toggle="tab" class="nav-link">Themes</a></li>
<li role="presentation" class="nav-item"><a href="#plugins" aria-controls="plugins" role="tab" data-toggle="tab" class="nav-link">Plugins</a></li>
<li role="presentation" class="nav-item"><a href="#security" aria-controls="security" role="tab" data-toggle="tab" class="nav-link">Security</a></li>
</ul>
<div class="tab-content coll-md-8 coll-md-offset-2 offset-md-2">
<div role="tabpanel" class="tab-pane active" id="currentPage">';
if ($this->currentPageExists && $currentPageData) {
$output .= '
<p class="subTitle">Page title</p>
<div class="change">
<div data-target="pages" id="title" class="editText">' . ($currentPageData->title ?: '') . '</div>
</div>
<p class="subTitle">Page keywords</p>
<div class="change">
<div data-target="pages" id="keywords" class="editText">' . ($currentPageData->keywords ?: '') . '</div>
</div>
<p class="subTitle">Page description</p>
<div class="change">
<div data-target="pages" id="description" class="editText">' . ($currentPageData->description ?: '') . '</div>
</div>
<a href="' . self::url('?delete=' . implode('/',
$this->currentPageTree) . '&token=' . $this->getToken()) . '" class="wbtn wbtn-danger pull-right marginTop40" title="Delete page" onclick="return confirm(\'Delete ' . $this->currentPage . '?\')"><i class="deleteIconInButton"></i> Delete page (' . $this->currentPage . ')</a>';
} else {
$output .= 'This page doesn\'t exist. More settings will be displayed here after this page is created.';
}
$output .= '
</div>
<div role="tabpanel" class="tab-pane" id="menu">';
$items = get_mangled_object_vars($this->get('config', 'menuItems'));
reset($items);
$first = key($items);
end($items);
$end = key($items);
$output .= '
<p class="subTitle">Website title</p>
<div class="change">
<div data-target="config" id="siteTitle" class="editText">' . $this->get('config',
'siteTitle') . '</div>
</div>
<p class="subTitle">Menu</p>
<div>
<div id="menuSettings" class="container-fluid">
<a class="menu-item-add wbtn wbtn-info cursorPointer" data-toggle="tooltip" id="menuItemAdd" title="Add new page"><i class="addNewIcon"></i> Add page</a><br><br>';
foreach ($items as $key => $value) {
$output .= '<div class="row">';
$output .= $this->renderSettingsMenuItem($key, $value, ($key === $first), ($key === $end), $value->slug);
if (property_exists($value, 'subpages')) {
$output .= $this->renderSettingsSubMenuItem($value->subpages, $key, $value->slug);
}
$output .= '</div>';
}
$output .= ' </div>
</div>
<p class="subTitle">Page to display on homepage</p>
<div class="change">
<select id="changeDefaultPage" class="wform-control" name="defaultPage">';
$items = $this->get('config', 'menuItems');
$defaultPage = $this->get('config', 'defaultPage');
foreach ($items as $item) {
$output .= $this->renderDefaultPageOptions($item, $defaultPage);
}
$output .= '
</select>
</div>
</div>
<div role="tabpanel" class="tab-pane" id="files">
<p class="subTitle">Upload</p>
<div class="change">
<form action="' . $this->getCurrentPageUrl() . '" method="post" enctype="multipart/form-data">
<div class="winput-group"><input type="file" name="uploadFile" class="wform-control">
<span class="winput-group-btn"><button type="submit" class="wbtn wbtn-info"><i class="uploadIcon"></i>Upload</button></span>
<input type="hidden" name="token" value="' . $this->getToken() . '">
</div>
</form>
</div>
<p class="subTitle marginTop20">Delete files</p>
<div class="change">';
foreach ($fileList as $file) {
$output .= '
<a href="' . self::url('?deleteModule=' . $file . '&type=files&token=' . $this->getToken()) . '" class="wbtn wbtn-sm wbtn-danger" onclick="return confirm(\'Delete ' . $file . '?\')" title="Delete file"><i class="deleteIcon"></i></a>
<span class="marginLeft5">
<a href="' . self::url('data/files/') . $file . '" class="normalFont" target="_blank">' . self::url('data/files/') . '<b class="fontSize21">' . $file . '</b></a>
</span>
<p></p>';
}
$output .= '
</div>
</div>';
$output .= $this->renderModuleTab();
$output .= $this->renderModuleTab('plugins');
$output .= ' <div role="tabpanel" class="tab-pane" id="security">
<p class="subTitle">Admin login URL</p>
<p class="change marginTop5 small danger">Important: save your login URL to log in to your website next time:<br/><b><span class="normalFont">' . self::url($this->get('config', 'login')) . '</b></span></p>
<div class="change">
<div data-target="config" id="login" class="editText">' . $this->get('config', 'login') . '</div>
</div>
<p class="subTitle">Site language config</p>
<p class="change marginTop5 small">HTML lang value for admin.</p>
<div class="change">
<div data-target="config" id="adminLang" class="editText">' . $this->get('config', 'adminLang') . '</div>
</div>
<p class="change marginTop5 small">HTML lang value for visitors.</p>
<div class="change">
<div data-target="config" id="siteLang" class="editText">' . $this->get('config', 'siteLang') . '</div>
</div>
<p class="subTitle">Password</p>
<div class="change">
<form action="' . $this->getCurrentPageUrl() . '" method="post">
<input type="password" name="old_password" class="wform-control normalFont" placeholder="Old password"><br>
<div class="winput-group">
<input type="password" name="new_password" class="wform-control normalFont" placeholder="New password"><span class="winput-group-btn"></span>
<input type="password" name="repeat_password" class="wform-control normalFont" placeholder="Repeat new password">
<span class="winput-group-btn"><button type="submit" class="wbtn wbtn-info"><i class="lockIcon"></i> Change password</button></span>
</div>
<input type="hidden" name="fieldname" value="password"><input type="hidden" name="token" value="' . $this->getToken() . '">
</form>
</div>
<p class="subTitle">Backup</p>
<div class="change">
<form action="' . $this->getCurrentPageUrl() . '" method="post">
<button type="submit" class="wbtn wbtn-block wbtn-info" name="backup"><i class="installIcon"></i> Backup website</button><input type="hidden" name="token" value="' . $this->getToken() . '">
</form>
</div>
<p class="text-right marginTop5"><a href="https://github.com/WonderCMS/wondercms/wiki/Restore-backup#how-to-restore-a-backup-in-3-steps" target="_blank"><i class="linkIcon"></i> How to restore backup</a></p>
<p class="subTitle">Save confirmation popup</p>
<p class="change small">If this is turned "ON", WonderCMS will always ask you to confirm any changes you make.</p>
<div class="change">
<form method="post">
<div class="wbtn-group wbtn-group-justified w-100">
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-info" name="saveChangesPopup" value="true">ON' . ($isSaveChangesPopupEnabled ? " (Selected)" : "") . '</button></div>
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-danger" name="saveChangesPopup" value="false">OFF' . (!$isSaveChangesPopupEnabled ? " (Selected)" : "") . '</button></div>
</div>
<input type="hidden" name="token" value="' . $this->getToken() . '">
</form>
</div>
<p class="subTitle">Login redirect</p>
<p class="change small">If this is set to "ON", when logging out, you will be redirected to the login page. If set to "OFF", you will be redirected to the last viewed page.</p>
<div class="change">
<form method="post">
<div class="wbtn-group wbtn-group-justified w-100">
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-info" name="logoutToLoginScreen" value="true">ON' . ($isLogoutToLoginScreenEnabled ? " (Selected)" : "") . '</button></div>
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-danger" name="logoutToLoginScreen" value="false">OFF' . (!$isLogoutToLoginScreenEnabled ? " (Selected)" : "") . '</button></div>
</div>
<input type="hidden" name="token" value="' . $this->getToken() . '">
</form>
</div>
<p class="subTitle">Force HTTPS</p>
<p class="change small">WonderCMS automatically checks for SSL, this will force to always use HTTPS.</p>
<div class="change">
<form method="post">
<div class="wbtn-group wbtn-group-justified w-100">
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-info" name="forceHttps" value="true" onclick="return confirm(\'Are you sure? This might break your website if you do not have SSL configured correctly.\')">ON' . ($isHttpsForced ? " (Selected)" : "") . '</button></div>
<div class="wbtn-group w-50"><button type="submit" class="wbtn wbtn-danger" name="forceHttps" value="false">OFF' . (!$isHttpsForced ? " (Selected)" : "") . '</button></div>
</div>
<input type="hidden" name="token" value="' . $this->getToken() . '">
</form>
</div>
<p class="text-right marginTop5"><a href="https://github.com/WonderCMS/wondercms/wiki/Better-security-mode-(HTTPS-and-other-features)#important-read-before-turning-this-feature-on" target="_blank"><i class="linkIcon"></i> Read more before enabling</a></p>';
$output .= $this->renderAdminLoginIPs();
$output .= '
</div>
</div>
</div>
<div class="modal-footer clear">
<p class="small">
<a href="https://wondercms.com" target="_blank">WonderCMS ' . VERSION . '</a> &nbsp;
<b><a href="https://wondercms.com/news" target="_blank">News</a> &nbsp;
<a href="https://wondercms.com/community" target="_blank">Community</a> &nbsp;
<a href="https://github.com/WonderCMS/wondercms/wiki#wondercms-documentation" target="_blank">Docs</a> &nbsp;
<a href="https://wondercms.com/donate" target="_blank">Donate</a> &nbsp;
<a href="https://swag.wondercms.com" target="_blank">Shop/Merch</a></b>
</p>
</div>
</div>
</div>
</div>
</div>';
return $this->hook('settings', $output)[0];
}
/**
* Render options for default page selection
*
* @param object $menuItem
* @param string $defaultPage
* @param string $parentSlug
* @param string $parentName
* @return string
*/
private function renderDefaultPageOptions(
object $menuItem,
string $defaultPage,
string $parentSlug = '',
string $parentName = ''
): string {
$slug = $parentSlug ? sprintf('%s/%s', $parentSlug, $menuItem->slug) : $menuItem->slug;
$name = $parentName ? sprintf('%s | %s', $parentName, $menuItem->name) : $menuItem->name;
$output = '<option value="' . $slug . '" ' . ($slug === $defaultPage ? 'selected' : '') . '>' . $name . '</option>';
foreach ($menuItem->subpages ?? [] as $subpage) {
$output .= $this->renderDefaultPageOptions($subpage, $defaultPage, $slug, $name);
}
return $output;
}
/**
* Render page navigation items
*
* @param object $item
* @param string $parentSlug
* @return string
*/
private function renderPageNavMenuItem(object $item, string $parentSlug = ''): string
{
$subpages = $visibleSubpage = false;
if (property_exists($item, 'subpages') && !empty((array)$item->subpages)) {
$subpages = $item->subpages;
$visibleSubpage = $subpages && in_array('show', array_column((array)$subpages, 'visibility'));
}
$parentSlug .= $subpages ? $item->slug . '/' : $item->slug;
$output = '<li class="nav-item ' . ($this->currentPage === $item->slug ? 'active ' : '') . ($visibleSubpage ? 'subpage-nav' : '') . '">
<a class="nav-link" href="' . self::url($parentSlug) . '">' . $item->name . '</a>';
// Recursive method for rendering infinite subpages
if ($visibleSubpage) {
$output .= '<ul class="subPageDropdown">';
foreach ($subpages as $subpage) {
if ($subpage->visibility === 'hide') {
continue;
}
$output .= $this->renderPageNavMenuItem($subpage, $parentSlug);
}
$output .= '</ul>';
}
$output .= '</li>';
return $output;
}
/**
* Render menu item for settings
*
* @param string $menuKeyTree
* @param object $value
* @param bool $isFirstEl
* @param bool $isLastEl
* @param string $slugTree
* @return string
* @throws Exception
*/
private function renderSettingsMenuItem(
string $menuKeyTree,
object $value,
bool $isFirstEl,
bool $isLastEl,
string $slugTree
): string {
$arraySlugTree = explode('/', $slugTree);
array_shift($arraySlugTree);
$subMenuLevel = count($arraySlugTree);
$output = '<div class="coll-xs-2 coll-sm-1">
<i class="menu-toggle eyeIcon' . ($value->visibility === 'show' ? ' eyeShowIcon menu-item-hide' : ' eyeHideIcon menu-item-show') . '" data-toggle="tooltip" title="' . ($value->visibility === 'show' ? 'Hide page from menu' : 'Show page in menu') . '" data-menu="' . $menuKeyTree . '"></i>
</div>
<div class="coll-xs-4 coll-md-7">
<div data-target="menuItemUpdate" data-menu="' . $menuKeyTree . '" data-visibility="' . $value->visibility . '" id="menuItems-' . $menuKeyTree . '" class="editText" style="margin-right: ' . (13.1 * $subMenuLevel) . 'px;">' . $value->name . '</div>
</div>
<div class="coll-xs-6 coll-md-4 text-right">';
if (!$isFirstEl) {
$output .= '<a class="arrowIcon upArrowIcon toolbar menu-item-up cursorPointer" data-toggle="tooltip" data-menu="' . $menuKeyTree . '" data-menu-slug="' . $value->slug . '" title="Move up"></a>';
}
if (!$isLastEl) {
$output .= '<a class="arrowIcon downArrowIcon toolbar menu-item-down cursorPointer" data-toggle="tooltip" data-menu="' . $menuKeyTree . '" data-menu-slug="' . $value->slug . '" title="Move down"></a>';
}
$output .= ' <a class="linkIcon" href="' . self::url($slugTree) . '" title="Visit page" style="display: inline;">visit</a>
</div>
<div class="coll-xs-12 text-right marginTop5 marginBottom20">
<a class="menu-item-add wbtn wbtn-sm wbtn-info cursorPointer" data-toggle="tooltip" data-menu="' . $menuKeyTree . '" title="Add new sub-page"><i class="addNewIcon"></i> Add subpage</a>
<a href="' . self::url('?delete=' . urlencode($slugTree) . '&token=' . $this->getToken()) . '" title="Delete page" class="wbtn wbtn-sm wbtn-danger" data-menu="' . $menuKeyTree . '" onclick="return confirm(\'Delete ' . $value->slug . '?\')"><i class="deleteIcon"></i></a>
</div>';
return $output;
}
/**
* Render sub menu item for settings
*
* @param object $subpages
* @param string $parentKeyTree
* @param string $parentSlugTree
* @return string
* @throws Exception
*/
private function renderSettingsSubMenuItem(object $subpages, string $parentKeyTree, string $parentSlugTree): string
{
$subpages = get_mangled_object_vars($subpages);
reset($subpages);
$firstSubpage = key($subpages);
end($subpages);
$endSubpage = key($subpages);
$output = '';
foreach ($subpages as $subpageKey => $subpage) {
$keyTree = $parentKeyTree . '-' . $subpageKey;
$slugTree = $parentSlugTree . '/' . $subpage->slug;
$output .= '<div class="coll-xs-offset-1 coll-xs-11">
<div class="row marginTop5">';
$firstElement = ($subpageKey === $firstSubpage);
$lastElement = ($subpageKey === $endSubpage);
$output .= $this->renderSettingsMenuItem($keyTree, $subpage, $firstElement, $lastElement, $slugTree);
// Recursive method for rendering infinite subpages
if (property_exists($subpage, 'subpages')) {
$output .= $this->renderSettingsSubMenuItem($subpage->subpages, $keyTree, $slugTree);
}
$output .= ' </div>
</div>';
}
return $output;
}
/**
* Render last login IPs
* @return string
*/
private function renderAdminLoginIPs(): string
{
$getIPs = $this->get('config', 'lastLogins') ?? [];
$renderIPs = '';
foreach ($getIPs as $time => $adminIP) {
$renderIPs .= sprintf('%s - %s<br />', date('M d, Y H:i:s', strtotime($time)), $adminIP);
}
return '<p class="subTitle">Last 5 logins</p>
<div class="change">
' . $renderIPs . '
</div>';
}
/**
* Render Plugins/Themes cards
* @param string $type
* @return string
* @throws Exception
*/
private function renderModuleTab(string $type = 'themes'): string
{
$output = '<div role="tabpanel" class="tab-pane" id="' . $type . '">
<a class="wbtn wbtn-info wbtn-sm pull-right float-right marginTop20 marginBottom20" data-loader-id="cache" href="' . self::url('?manuallyResetCacheData=true&token=' . $this->getToken()) . '" title="Check updates" onclick="localStorage.clear();"><i class="refreshIcon" aria-hidden="true"></i> Check for updates</a>
<div class="clear"></div>
<div class="change row custom-cards">';
$defaultImage = '<svg style="max-width: 100%;" xmlns="http://www.w3.org/2000/svg" width="100%" height="140"><text x="50%" y="50%" font-size="18" text-anchor="middle" alignment-baseline="middle" font-family="monospace, sans-serif" fill="#ddd">No preview</text></svg>';
$updates = $exists = $installs = '';
foreach ($this->listAllModules($type) as $addonType => $addonModules) {
foreach ($addonModules as $directoryName => $addon) {
$name = $addon['name'];
$info = $addon['summary'];
$infoUrl = $addon['repo'];
$currentVersion = $addon['currentVersion'] ? sprintf('Installed version: %s',
$addon['currentVersion']) : '';
$isThemeSelected = $this->get('config', 'theme') === $directoryName;
$image = $addon['image'] !== null ? '<a class="text-center center-block" href="' . $addon['image'] . '" target="_blank"><img style="max-width: 100%; max-height: 250px;" src="' . $addon['image'] . '" alt="' . $name . '" /></a>' : $defaultImage;
$installButton = $addon['install'] ? '<a class="wbtn wbtn-success wbtn-block wbtn-sm" href="' . self::url('?installModule=' . $directoryName . '&type=' . $type . '&token=' . $this->getToken()) . '" title="Install"><i class="installIcon"></i> Install</a>' : '';
$updateButton = !$addon['install'] && $addon['update'] ? '<a class="wbtn wbtn-info wbtn-sm wbtn-block marginTop5" href="' . self::url('?installModule=' . $directoryName . '&type=' . $type . '&token=' . $this->getToken()) . '" title="Update"><i class="refreshIcon"></i> Update to ' . $addon['version'] . '</a>' : '';
$removeButton = !$addon['install'] ? '<a class="wbtn wbtn-danger wbtn-sm marginTop5" href="' . self::url('?deleteModule=' . $directoryName . '&type=' . $type . '&token=' . $this->getToken()) . '" onclick="return confirm(\'Remove ' . $name . '?\')" title="Remove"><i class="deleteIcon"></i></a>' : '';
$inactiveThemeButton = $type === 'themes' && !$addon['install'] && !$isThemeSelected ? '<a class="wbtn wbtn-primary wbtn-sm wbtn-block" href="' . self::url('?selectModule=' . $directoryName . '&type=' . $type . '&token=' . $this->getToken()) . '" onclick="return confirm(\'Activate ' . $name . ' theme?\')"><i class="checkmarkIcon"></i> Activate</a>' : '';
$activeThemeButton = $type === 'themes' && !$addon['install'] && $isThemeSelected ? '<a class="wbtn wbtn-primary wbtn-sm wbtn-block" disabled>Active</a>' : '';
$html = "<div class='coll-sm-4'>
<div>
$image
<h4>$name</h4>
<p class='normalFont'>$info</p>
<p class='text-right small normalFont marginTop20'>$currentVersion<br /><a href='$infoUrl' target='_blank'><i class='linkIcon'></i> More info</a></p>
<div class='text-right'>$inactiveThemeButton $activeThemeButton</div>
<div class='text-left'>$installButton</div>
<div class='text-right'><span class='text-left bold'>$updateButton</span> <span class='text-right'>$removeButton</span></div>
</div>
</div>";
switch ($addonType) {
case self::THEME_PLUGINS_TYPES['updates']:
$updates .= $html;
break;
case self::THEME_PLUGINS_TYPES['exists']:
$exists .= $html;
break;
case self::THEME_PLUGINS_TYPES['installs']:
default:
$installs .= $html;
break;
}
}
}
$output .= $updates;
$output .= $exists;
$output .= $installs;
$output .= '</div>
<p class="subTitle">Custom module</p>
<form action="' . $this->getCurrentPageUrl() . '" method="post" onsubmit="recheckPasswordPrompt(event)">
<div class="wform-group">
<div class="change winput-group marginTop5"><input type="text" name="pluginThemeUrl" class="wform-control normalFont" placeholder="Enter full URL to wcms-modules.json file">
<span class="winput-group-btn"><button type="submit" class="wbtn wbtn-info" onclick="return confirm(\'Adding unknown modules can be VERY dangerous, are you sure you want to continue?\')"><i class="addNewIcon"></i> Add</button></span>
</div>
</div>
<input type="hidden" name="token" value="' . $this->getToken() . '" /><input type="hidden" name="pluginThemeType" value="' . $type . '" /><input type="hidden" name="password_recheck" />
</form>
<p class="text-right"><a href="https://github.com/WonderCMS/wondercms/wiki/Custom-modules" target="_blank"><i class="linkIcon"></i> Read more about custom modules</a></p>
</div>';
return $output;
}
/**
* Slugify page
*
* @param string $text for slugifying
* @return string
*/
public function slugify(string $text): string
{
$text = preg_replace('~[^\\pL\d]+~u', '-', $text);
$text = trim(htmlspecialchars(mb_strtolower($text), ENT_QUOTES), '/');
$text = trim($text, '-');
return empty($text) ? '-' : $text;
}
/**
* Delete something from database
* Has variadic arguments
* @return void
*/
public function unset(): void
{
$numArgs = func_num_args();
$args = func_get_args();
switch ($numArgs) {
case 1:
unset($this->db->{$args[0]});
break;
case 2:
unset($this->db->{$args[0]}->{$args[1]});
break;
case 3:
unset($this->db->{$args[0]}->{$args[1]}->{$args[2]});
break;
case 4:
unset($this->db->{$args[0]}->{$args[1]}->{$args[2]}->{$args[3]});
break;
}
$this->save();
}
/**
* Update WonderCMS
* Overwrites index.php with latest version from GitHub
* @return void
*/
public function updateAction(): void
{
if (!isset($_POST['update']) || !$this->verifyFormActions()) {
return;
}
$contents = $this->getFileFromRepo('index.php');
if ($contents) {
file_put_contents(__FILE__, $contents);
$this->alert('success', 'WonderCMS successfully updated. Wohoo!');
$this->redirect();
}
$this->alert('danger', 'Something went wrong. Could not update WonderCMS.');
$this->redirect();
}
/**
* Upload file to files folder
* List of allowed extensions
* @return void
*/
public function uploadFileAction(): void
{
if (!isset($_FILES['uploadFile']) || !$this->verifyFormActions()) {
return;
}
$allowedMimeTypes = [
'video/avi',
'text/css',
'text/x-asm',
'application/msword',
'application/vnd.ms-word',
'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
'video/x-flv',
'image/gif',
'text/html',
'image/x-icon',
'image/jpeg',
'application/octet-stream',
'audio/mp4',
'video/x-matroska',
'video/quicktime',
'audio/mpeg',
'video/mp4',
'video/mpeg',
'application/vnd.oasis.opendocument.spreadsheet',
'application/vnd.oasis.opendocument.text',
'application/ogg',
'video/ogg',
'application/pdf',
'image/png',
'application/vnd.ms-powerpoint',
'application/vnd.openxmlformats-officedocument.presentationml.presentation',
'application/photoshop',
'application/rar',
'image/svg',
'image/svg+xml',
'image/avif',
'image/webp',
'application/svg+xm',
'text/plain',
'application/vnd.ms-excel',
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'video/webm',
'video/x-ms-wmv',
'application/zip',
];
$allowedExtensions = [
'avi',
'avif',
'css',
'doc',
'docx',
'flv',
'gif',
'htm',
'html',
'ico',
'jpeg',
'jpg',
'kdbx',
'm4a',
'mkv',
'mov',
'mp3',
'mp4',
'mpg',
'ods',
'odt',
'ogg',
'ogv',
'pdf',
'png',
'ppt',
'pptx',
'psd',
'rar',
'svg',
'txt',
'xls',
'xlsx',
'webm',
'webp',
'wmv',
'zip',
];
if (!isset($_FILES['uploadFile']['error']) || is_array($_FILES['uploadFile']['error'])) {
$this->alert('danger', 'Invalid parameters.');
$this->redirect();
}
switch ($_FILES['uploadFile']['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
$this->alert('danger',
'No file selected. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#files"><b>Re-open file options</b></a>');
$this->redirect();
break;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$this->alert('danger',
'File too large. Change maximum upload size limit or contact your host. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#files"><b>Re-open file options</b></a>');
$this->redirect();
break;
default:
$this->alert('danger', 'Unknown error.');
$this->redirect();
}
$mimeType = '';
$fileName = basename(str_replace(
['"', "'", '*', '<', '>', '%22', '&#39;', '%', ';', '#', '&', './', '../', '/', '+'],
'',
htmlspecialchars(strip_tags($_FILES['uploadFile']['name']))
));
$nameExploded = explode('.', $fileName);
$ext = strtolower(array_pop($nameExploded));
if (class_exists('finfo')) {
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($_FILES['uploadFile']['tmp_name']);
} elseif (function_exists('mime_content_type')) {
$mimeType = mime_content_type($_FILES['uploadFile']['tmp_name']);
} elseif (array_key_exists($ext, $allowedExtensions)) {
$mimeType = $allowedExtensions[$ext];
}
if (!in_array($mimeType, $allowedMimeTypes, true) || !in_array($ext, $allowedExtensions)) {
$this->alert('danger',
'File format is not allowed. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#files"><b>Re-open file options</b></a>');
$this->redirect();
}
if (!move_uploaded_file($_FILES['uploadFile']['tmp_name'], $this->filesPath . '/' . $fileName)) {
$this->alert('danger', 'Failed to move uploaded file.');
}
$this->alert('success',
'File uploaded. <a data-toggle="wcms-modal" href="#settingsModal" data-target-tab="#files"><b>Open file options to see your uploaded file</b></a>');
$this->redirect();
}
/**
* Get canonical URL
*
* @param string $location
* @return string
*/
public static function url(string $location = ''): string
{
$showHttps = Wcms::isCurrentlyOnSSL();
$dataPath = sprintf('%s/%s', __DIR__, 'data');
$securityCachePath = sprintf('%s/%s', $dataPath, 'security.json');
if (is_file($securityCachePath) && file_exists($securityCachePath)) {
$securityCache = json_decode(file_get_contents($securityCachePath), true);
$showHttps = $securityCache['forceHttps'] ?? false;
}
$serverPort = ((($_SERVER['SERVER_PORT'] == '80') || ($_SERVER['SERVER_PORT'] == '443')) ? '' : ':' . $_SERVER['SERVER_PORT']);
return ($showHttps ? 'https' : 'http')
. '://' . ($_SERVER['HTTP_HOST'] ?? $_SERVER['SERVER_NAME'])
. ($_SERVER['HTTP_HOST'] ? '' : $serverPort)
. ((dirname($_SERVER['SCRIPT_NAME']) === '/') ? '' : dirname($_SERVER['SCRIPT_NAME']))
. '/' . $location;
}
/**
* Create a ZIP backup of whole WonderCMS installation (all files)
*
* @return void
*/
public function zipBackup(): void
{
try {
$randomNumber = random_bytes(8);
} catch (Exception $e) {
$randomNumber = microtime(false);
}
$zipName = date('Y-m-d') . '-backup-' . bin2hex($randomNumber) . '.zip';
$zipPath = $this->rootDir . '/data/files/' . $zipName;
$zip = new ZipArchive();
if ($zip->open($zipPath, ZipArchive::CREATE) !== true) {
$this->alert('danger', 'Cannot create ZIP archive.');
}
$iterator = new RecursiveDirectoryIterator($this->rootDir);
$iterator->setFlags(RecursiveDirectoryIterator::SKIP_DOTS);
$files = new RecursiveIteratorIterator($iterator, RecursiveIteratorIterator::SELF_FIRST);
foreach ($files as $file) {
$file = realpath($file);
$source = realpath($this->rootDir);
if (is_dir($file)) {
$zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
} elseif (is_file($file)) {
$zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
}
}
$zip->close();
$this->redirect('data/files/' . $zipName);
}
/**
* Check if currently user is on https
* @return bool
*/
public static function isCurrentlyOnSSL(): bool
{
return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
|| (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) === 'on')
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https');
}
/**
* Check compatibility
*/
private function checkMinimumRequirements(): void
{
if (PHP_VERSION_ID <= 70200) {
die('<p>To run WonderCMS, PHP version 7.2 or greater is required.</p>');
}
$extensions = ['curl', 'zip', 'mbstring'];
$missingExtensions = [];
foreach ($extensions as $ext) {
if (!extension_loaded($ext)) {
$missingExtensions[] = $ext;
}
}
if (!empty($missingExtensions)) {
die('<p>The following extensions are required: '
. implode(', ', $missingExtensions)
. '. Contact your host or configure your server to enable them with correct permissions.</p>');
}
}
/**
* Helper for reseting the index key of the object
* @param stdClass $object
* @return stdClass
*/
private function reindexObject(stdClass $object): stdClass
{
$reindexObject = new stdClass;
$index = 0;
foreach ($object as $value) {
$reindexObject->{$index} = $value;
$index++;
}
return $reindexObject;
}
/**
* Check if user has forced https
* @return bool
*/
private function isHttpsForced(): bool
{
$value = $this->get('config', 'forceHttps');
if (gettype($value) === 'object' && empty(get_object_vars($value))) {
return false;
}
return $value ?? false;
}
/**
* Check if user has confirmation dialog enabled
* @return bool
*/
private function isSaveChangesPopupEnabled(): bool
{
$value = $this->get('config', 'saveChangesPopup');
if (gettype($value) === 'object' && empty(get_object_vars($value))) {
return false;
}
return $value ?? false;
}
/**
* Check if admin will be redirected to the login screen or current page screen after logout.
* @return bool
*/
private function isLogoutToLoginScreenEnabled(): bool
{
$value = $this->get('config', 'logoutToLoginScreen');
if (gettype($value) === 'object' && empty(get_object_vars($value))) {
return true;
}
return $value ?? true;
}
}
View Git Blame Copy Permalink