PageRenderTime 72ms CodeModel.GetById 32ms RepoModel.GetById 0ms app.codeStats 1ms

/admin/routes.php

https://bitbucket.org/sirestudios/fortis-wellness
PHP | 1666 lines | 1088 code | 356 blank | 222 comment | 244 complexity | 1c38d49b933a687952e950fd34e0c02f MD5 | raw file
Possible License(s): JSON

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * The Routes
  4. **/
  5. function authenticateForRole($role = 'member')
  6. {
  7. $admin_app = \Slim\Slim::getInstance();
  8. $user = Statamic_Auth::get_current_user();
  9. if ($user) {
  10. if ($user->has_role($role) === false) {
  11. $admin_app->redirect($admin_app->urlFor('denied'));
  12. }
  13. } else {
  14. $admin_app->redirect($admin_app->urlFor('login'));
  15. }
  16. return true;
  17. }
  18. function isCurlEnabled()
  19. {
  20. return function_exists('curl_version') ? true : false;
  21. }
  22. function doStatamicVersionCheck($app)
  23. {
  24. // default values
  25. $app->config['latest_version_url'] = '';
  26. $app->config['latest_version'] = '';
  27. if (isCurlEnabled()) {
  28. $cookie = $app->getEncryptedCookie('stat_latest_version');
  29. if (!$cookie) {
  30. $license = Config::getLicenseKey();
  31. $site_url = Config::getSiteURL();
  32. $parts = parse_url($site_url);
  33. $domain = isset($parts['host']) ? $parts['host'] : '/';
  34. $url = "http://outpost.statamic.com/check?v=".urlencode(STATAMIC_VERSION)."&l=".urlencode($license)."&d=".urlencode($domain);
  35. $ch = curl_init($url);
  36. curl_setopt($ch, CURLOPT_URL, $url);
  37. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  38. curl_setopt($ch, CURLOPT_TIMEOUT, '3');
  39. $content = trim(curl_exec($ch));
  40. curl_close($ch);
  41. if ($content <> '') {
  42. $response = json_decode($content);
  43. if ($response && $response->status == 'ok') {
  44. $app->setEncryptedCookie('stat_latest_version', $response->current_version);
  45. $app->setEncryptedCookie('stat_latest_version_url', $response->url);
  46. $app->config['latest_version_url'] = $response->current_version;
  47. $app->config['latest_version'] = $response->current_version;
  48. } else {
  49. $app->config['latest_version_url'] = '';
  50. $app->config['latest_version'] = '';
  51. }
  52. }
  53. } else {
  54. $app->config['latest_version'] = $cookie;
  55. $app->config['latest_version_url'] = $app->getEncryptedCookie('stat_latest_version_url');
  56. }
  57. }
  58. }
  59. /////////////////////////////////////////////////////////////////////////////////////////////////
  60. // ROUTES
  61. /////////////////////////////////////////////////////////////////////////////////////////////////
  62. $admin_app->get('/', function() use ($admin_app) {
  63. authenticateForRole('admin');
  64. doStatamicVersionCheck($admin_app);
  65. if ( ! CP_Helper::show_page('dashboard')) {
  66. $admin_app->redirect($admin_app->urlFor('pages'));
  67. }
  68. $template_list = array("dashboard");
  69. Statamic_View::set_templates(array_reverse($template_list));
  70. $admin_app->render(null, array('route' => 'dashboard', 'app' => $admin_app));
  71. })->name('dashboard');
  72. // AUTH RELATED FUNCTION
  73. // --------------------------------------------------------
  74. $admin_app->get('/denied', function() use ($admin_app) {
  75. $template_list = array("denied");
  76. Statamic_View::set_templates(array_reverse($template_list));
  77. Statamic_View::set_layout("layouts/login");
  78. $admin_app->render(null, array('route' => 'login', 'app' => $admin_app));
  79. })->name('denied');
  80. $admin_app->get('/login', function() use ($admin_app) {
  81. $template_list = array("login");
  82. Statamic_View::set_templates(array_reverse($template_list));
  83. Statamic_View::set_layout("layouts/login");
  84. $admin_app->render(null, array('route' => 'login', 'app' => $admin_app));
  85. })->name('login');
  86. $admin_app->post('/login', function() use ($admin_app) {
  87. $app = \Slim\Slim::getInstance();
  88. $login = Request::post('login');
  89. $username = $login['username'];
  90. $password = $login['password'];
  91. $errors = array();
  92. // Auth login
  93. // if success direct to admin homepage
  94. if (Statamic_Auth::login($username, $password)) {
  95. $user = Statamic_Auth::get_user($username);
  96. if ( ! $user->is_password_hashed()) {
  97. $user->set_password($password, true);
  98. $user->save();
  99. Statamic_Auth::login($username, $password);
  100. }
  101. $redirect_to = Config::get('_admin_start_page', 'pages');
  102. $app->redirect($app->urlFor($redirect_to));
  103. } else {
  104. $errors = array('error' => Localization::fetch('incorrect_username_password'));
  105. }
  106. $template_list = array("login");
  107. Statamic_View::set_templates(array_reverse($template_list));
  108. Statamic_View::set_layout("layouts/login");
  109. $admin_app->render(null, array('route' => 'login', 'app' => $admin_app, 'errors' => $errors));
  110. })->name('login-submit');
  111. $admin_app->get('/logout', function() use ($admin_app) {
  112. Statamic_Auth::logout();
  113. $admin_app->redirect($admin_app->urlFor('dashboard'));
  114. })->name('logout');
  115. // ERROR FUNCTION
  116. // --------------------------------------------------------
  117. $admin_app->get('/error', function() use ($admin_app) {
  118. $template_list = array("error");
  119. Statamic_View::set_templates(array_reverse($template_list));
  120. Statamic_View::set_layout("layouts/default");
  121. $admin_app->render(null, array('route' => 'login', 'app' => $admin_app));
  122. })->name('error');
  123. // PUBLICATION
  124. // --------------------------------------------------------
  125. $admin_app->get('/pages', function() use ($admin_app) {
  126. authenticateForRole('admin');
  127. doStatamicVersionCheck($admin_app);
  128. $template_list = array("pages");
  129. /*
  130. |--------------------------------------------------------------------------
  131. | Check if file is writable
  132. |--------------------------------------------------------------------------
  133. |
  134. | We now have a file name. Let's check if we can write to this thing.
  135. |
  136. */
  137. if ( ! Statamic::is_content_writable()) {
  138. $url = $admin_app->urlFor('error')."?code=content_not_writable";
  139. $admin_app->redirect($url);
  140. }
  141. $path = "";
  142. $path = $admin_app->request()->get('path');
  143. $errors = array();
  144. /*
  145. |--------------------------------------------------------------------------
  146. | Pages and Home page
  147. |--------------------------------------------------------------------------
  148. |
  149. | We can get all the pages from get_content_tree(), but the home page
  150. | is a bit of an exception. We need to set a few things manually.
  151. |
  152. */
  153. $pages = Statamic::get_content_tree('/', 1, 1000, false, false, false, false, '/');
  154. // Home page isn't included by default
  155. $meta = Statamic::get_content_meta("page", '');
  156. $home_page = array(
  157. 'type' => 'home',
  158. 'url' => "/page",
  159. 'slug' => "/",
  160. 'title' => array_get($meta, 'title', Localization::fetch('home')),
  161. 'has_entries' => (File::exists(Path::tidy(Config::getContentRoot()."/fields.yaml"))) ? true : false,
  162. 'depth' => 1
  163. );
  164. // Merge into pages
  165. array_unshift($pages, $home_page);
  166. /*
  167. |--------------------------------------------------------------------------
  168. | Fieldsets
  169. |--------------------------------------------------------------------------
  170. |
  171. | Get all the available fieldsets, removing any hidden ones as necessary
  172. |
  173. */
  174. $fieldsets = Statamic_Fieldset::get_list();
  175. foreach ($fieldsets as $key => $fieldset) {
  176. // Remove hidden fieldsets
  177. if (isset($fieldset['hide']) && $fieldset['hide'] === true) {
  178. unset($fieldsets[$key]);
  179. // set a fallback name
  180. } elseif ( ! isset($fieldset['title'])) {
  181. $fieldsets[$key]['title'] = Slug::prettify($key);
  182. }
  183. }
  184. // Sort fieldsets by title
  185. uasort($fieldsets, function($a, $b) {
  186. return strcmp($a['title'], $b['title']);
  187. });
  188. #######################################################################
  189. Statamic_View::set_templates(array_reverse($template_list));
  190. $admin_app->render(null, array(
  191. 'route' => 'pages',
  192. 'app' => $admin_app,
  193. 'errors' => $errors,
  194. 'path' => $path,
  195. 'pages' => $pages,
  196. 'fieldsets' => $fieldsets,
  197. 'are_fieldsets' => count($fieldsets) > 0 ? true : false,
  198. 'listings' => Statamic::get_listings()
  199. )
  200. );
  201. })->name('pages');
  202. $admin_app->get('/entries', function() use ($admin_app) {
  203. authenticateForRole('admin');
  204. doStatamicVersionCheck($admin_app);
  205. $content_root = Config::getContentRoot();
  206. $template_list = array("entries");
  207. $path = "";
  208. $path = $admin_app->request()->get('path');
  209. $errors = array();
  210. $path = $admin_app->request()->get('path');
  211. if ($path) {
  212. $entry_type = Statamic::get_entry_type($path);
  213. $order = $entry_type == 'date' ? 'desc' : 'asc';
  214. $entries = Statamic::get_content_list($path, null, 0, true, true, $entry_type, $order, null, null, true);
  215. Statamic_View::set_templates(array_reverse($template_list));
  216. $admin_app->render(null, array(
  217. 'route' => 'entries',
  218. 'app' => $admin_app,
  219. 'errors' => $errors,
  220. 'path' => $path,
  221. 'folder' => preg_replace(Pattern::NUMERIC, '', $path),
  222. 'entries' => $entries,
  223. 'type' => $entry_type,
  224. 'listings' => Statamic::get_listings()
  225. )
  226. );
  227. }
  228. })->name('entries');
  229. // LOGIC
  230. // - VALIDATE
  231. // - SAVE TO ORIGINAL FILENAME
  232. // - IF NECESSARY: RENAME
  233. // POST: PUBLISH
  234. $admin_app->post('/publish', function() use ($admin_app) {
  235. authenticateForRole('admin');
  236. doStatamicVersionCheck($admin_app);
  237. $content_root = Config::getContentRoot();
  238. $content_type = Config::getContentType();
  239. $app = \Slim\Slim::getInstance();
  240. $path = Request::get('path');
  241. if ($path) {
  242. $index_file = false;
  243. $form_data = Request::post('page');
  244. // 1. Validate
  245. if ($form_data) {
  246. // ### Intercept the timestamp and convert to something we can work with
  247. if (isset($form_data['meta']['publish-time'])) {
  248. $_ts = $form_data['meta']['publish-time'];
  249. $ts = strtotime($_ts);
  250. $form_data['meta']['publish-time'] = Date::format("Hi", $ts);
  251. }
  252. if ($form_data['type'] == 'none') {
  253. $index_file = true;
  254. }
  255. // @TODO, confirm "/page" is the best match pattern
  256. // e.g. "2-blog/_2013-04-11-a-hidden-page" will trigger (true)
  257. if (Pattern::endsWith($path, '/page')) {
  258. $index_file = true;
  259. }
  260. $errors = array();
  261. if ( ! $form_data['yaml']['title'] || $form_data['yaml']['title'] == '') {
  262. $errors['title'] = Localization::fetch('is_required');
  263. }
  264. $slug = ($form_data['meta']['slug'] === '/') ? '/' : Slug::make($form_data['meta']['slug']);
  265. // rd($form_data);
  266. if ($index_file) {
  267. // some different validation rules
  268. if ($slug == '') {
  269. $errors['slug'] = Localization::fetch('is_required');
  270. } else {
  271. if ($slug != $form_data['original_slug']) {
  272. if ($form_data['type'] == 'none') {
  273. $file = $check_file = $content_root."/".$path."/".$slug."/page.".$content_type;
  274. $folders = Statamic::get_content_tree($path,1,1,false,false,true);
  275. if (Statamic_Validate::folder_slug_exists($folders, $slug)) {
  276. $errors['slug'] = Localization::fetch('already_exists');
  277. }
  278. } else {
  279. $file = $content_root."/".dirname($path)."/page.".$content_type;
  280. $check_file = str_replace($form_data['original_slug'], $slug, $file);
  281. if (File::exists($check_file)) {
  282. $errors['slug'] = Localization::fetch('already_exists');
  283. }
  284. }
  285. }
  286. }
  287. } elseif (isset($form_data['type']) && $form_data ['type'] == 'none') {
  288. $file = $content_root."/".$path."/".$slug.".".$content_type;
  289. if (File::exists($file)) {
  290. $errors['slug'] = Localization::fetch('already_exists');
  291. }
  292. } else {
  293. if (isset($form_data['new'])) {
  294. $entries = Statamic::get_content_list($path,null,0,true,true);
  295. } else {
  296. $entries = Statamic::get_content_list(dirname($path),null,0,true,true);
  297. }
  298. if ($slug == '') {
  299. $errors['slug'] = Localization::fetch('is_required');
  300. } else {
  301. // do we have this slug already?
  302. if (isset($form_data['new']) || $slug != $form_data['original_slug']) {
  303. if (Statamic_Validate::content_slug_exists($entries, $slug)) {
  304. $errors['slug'] = Localization::fetch('already_exists');
  305. }
  306. }
  307. }
  308. // generate slug & datestamp/number
  309. $datestamp = '';
  310. $timestamp = '';
  311. $numeric = '';
  312. if ($form_data['type'] == 'date') {
  313. // STANDARDIZE INPUT
  314. $datestamp = $form_data['meta']['publish-date'];
  315. if ($datestamp == '') {
  316. $errors['datestamp'] = Localization::fetch('is_required');
  317. }
  318. if (Config::getEntryTimestamps()) {
  319. $timestamp = $form_data['meta']['publish-time'];
  320. if ($timestamp == '') {
  321. $errors['timestamp'] = Localization::fetch('is_required');
  322. }
  323. }
  324. } elseif ($form_data['type'] == 'number') {
  325. $numeric = $form_data['meta']['publish-numeric'];
  326. if ($numeric == '') {
  327. $errors['numeric'] = Localization::fetch('is_required');
  328. }
  329. }
  330. }
  331. if (sizeof($errors) > 0) {
  332. // REPOPULATE IF THERE IS AN ERROR
  333. if (isset($form_data['new'])) {
  334. $data['new'] = $form_data['new'];
  335. }
  336. $data['path'] = $path;
  337. $data['page'] = '';
  338. $data['title'] = $form_data['yaml']['title'];
  339. $folder = $form_data['folder'];
  340. $data['folder'] = $form_data['folder'];
  341. $data['content'] = $form_data['content'];
  342. $data['content_raw'] = $form_data['content'];
  343. $data['type'] = $form_data['type'];
  344. $data['errors'] = $errors;
  345. $data['slug'] = $form_data['meta']['slug'];
  346. $data['full_slug'] = $form_data['full_slug'];
  347. $data['original_slug'] = $form_data['original_slug'];
  348. $data['original_datestamp'] = $form_data['original_datestamp'];
  349. $data['original_timestamp'] = $form_data['original_timestamp'];
  350. $data['original_numeric'] = $form_data['original_numeric'];
  351. if (isset($form_data['fieldset'])) {
  352. $data['fieldset'] = $form_data['fieldset'];
  353. }
  354. if (!$index_file) {
  355. if (isset($form_data['type']) && $form_data ['type'] != 'none') {
  356. $data['datestamp'] = strtotime($datestamp);
  357. $data['timestamp'] = strtotime($datestamp." ".$timestamp);
  358. $data['numeric'] = $numeric;
  359. }
  360. }
  361. if (isset($form_data['yaml']['_template'])) {
  362. $data['_template'] = $form_data['yaml']['_template'];
  363. } else {
  364. $data['_template'] = '';
  365. }
  366. $data['templates'] = Theme::getTemplates();
  367. $data['layouts'] = Theme::getLayouts();
  368. $fields_data = null;
  369. $content_root = Config::getContentRoot();
  370. // fieldset
  371. if ($data['type'] == 'none') {
  372. // load field set
  373. if (isset($data['fieldset'])) {
  374. $fieldset = $data['fieldset'];
  375. $fs = Statamic_Fieldset::load($fieldset);
  376. $fields_data = $fs->get_data();
  377. $data['fields'] = isset($fields_data['fields']) ? $fields_data['fields'] : array();
  378. $data['fieldset'] = $fieldset;
  379. }
  380. } elseif ($data['type'] != 'none' && File::exists("{$content_root}/{$folder}/fields.yaml")) {
  381. $fields_raw = File::get("{$content_root}/{$folder}/fields.yaml");
  382. $fields_data = YAML::Parse($fields_raw);
  383. if (isset($fields_data['_fieldset'])) {
  384. $fieldset = $fields_data['_fieldset'];
  385. $fs = Statamic_Fieldset::load($fieldset);
  386. $fields_data = $fs->get_data();
  387. $data['fields'] = isset($fields_data['fields']) ? $fields_data['fields'] : array();
  388. $data['fieldset'] = $fieldset;
  389. }
  390. }
  391. if ($fields_data && isset($fields_data['fields'])) {
  392. $data['fields'] = $fields_data['fields'];
  393. // reload the fields data
  394. foreach ($data['fields'] as $key => $value) {
  395. if (isset($form_data['yaml'][$key])) {
  396. $data[$key] = $form_data['yaml'][$key];
  397. }
  398. }
  399. }
  400. /*
  401. |--------------------------------------------------------------------------
  402. | Status bar message
  403. |--------------------------------------------------------------------------
  404. |
  405. | Gawd this is awful. Can't wait to refactor this spaghetti.
  406. |
  407. */
  408. $data['status_message'] = (isset($data['new'])) ? Localization::fetch('new') : Localization::fetch('editing');
  409. $data['status_message'] .= ' ';
  410. if ($data['type'] === 'none' || ($data['type'] === 'none' && $original_slug !== 'page')) {
  411. $data['status_message'] .= Localization::fetch('page', null, true);
  412. $data['identifier'] = ($data['page'] === 'page') ? Path::pretty($data['folder']) : Path::pretty($data['full_slug']);
  413. } else {
  414. $data['status_message'] .= Localization::fetch('entry', null, true);
  415. $data['identifier'] = (isset($data['new'])) ? Path::pretty($folder . '/') : Path::pretty($data['full_slug']);
  416. }
  417. if (isset($data['new'])) $data['status_message'] .= ' ' . Localization::fetch('in', null, true);
  418. $template_list = array("publish");
  419. Statamic_View::set_templates(array_reverse($template_list));
  420. $admin_app->render(null, array('route' => 'publish', 'app' => $admin_app)+$data);
  421. return;
  422. }
  423. } else {
  424. // @TODO: Replace this garbage
  425. print "no form data";
  426. }
  427. } else {
  428. // @TODO: Replace this garbage too
  429. print "no form data";
  430. }
  431. $status = array_get($form_data['yaml'], 'status', 'live');
  432. $status_prefix = Slug::getStatusPrefix($status);
  433. // if we got here, have no errors
  434. // save to original file if not new
  435. if (isset($form_data['new'])) {
  436. if ($form_data['type'] == 'date') {
  437. $date_or_datetime = Config::getEntryTimestamps() ? $datestamp."-".$timestamp : $datestamp;
  438. $file = $content_root."/".$path."/".$status_prefix.$date_or_datetime."-".$slug.".".$content_type;
  439. } elseif ($form_data['type'] == 'number') {
  440. $file = $content_root."/".$path."/".$numeric.".".$slug.".".$content_type;
  441. } elseif ($form_data['type'] == 'none') {
  442. $numeric = Statamic::get_next_numeric_folder($path);
  443. $file = $content_root."/".$path."/".$numeric."-".$slug."/page.".$content_type;
  444. $file = Path::tidy($file);
  445. if ( ! File::exists(dirname($file))) {
  446. Folder::make(dirname($file));
  447. }
  448. } else {
  449. $file = $content_root."/".$path."/".$form_data['original_slug'].".".$content_type;
  450. }
  451. $folder = $path;
  452. } else {
  453. $file = ltrim(URL::assemble(Config::getContentRoot(), $path), '/') . '.' . $content_type;
  454. }
  455. // load the original yaml
  456. if (isset($form_data['new'])) {
  457. $file_data = array();
  458. } else {
  459. $page = basename($path);
  460. $folder = dirname($path);
  461. $file_data = Statamic::get_content_meta($page, $folder, true);
  462. }
  463. # Post-processing for Fieldtypes api
  464. if (isset($file_data['_fieldset'])) {
  465. # defined a fieldset in the front-matter
  466. $fs = Statamic_Fieldset::load($file_data['_fieldset']);
  467. $fieldset_data = $fs->get_data();
  468. $data['fields'] = $fieldset_data['fields'];
  469. } elseif (isset($fields_data['fields'])) {
  470. # fields.yaml controls the fields
  471. $data['fields'] = $fields_data['fields'];
  472. } elseif (isset($fields_data['_fieldset'])) {
  473. # using a fieldset
  474. $fieldset = $fields_data['_fieldset'];
  475. $fs = Statamic_Fieldset::load($fieldset);
  476. $fieldset_data = $fs->get_data();
  477. $data['fields'] = $fieldset_data['fields'];
  478. } else {
  479. # not set.
  480. $data['fields'] = array();
  481. }
  482. /*
  483. |--------------------------------------------------------------------------
  484. | Check if file is writable
  485. |--------------------------------------------------------------------------
  486. |
  487. | We now have a file name. Let's check if we can write to this thing.
  488. | If not, throw an error page
  489. |
  490. */
  491. if ( ! Statamic::is_content_writable() || (File::exists($file) && ! File::isWritable($file))) {
  492. $url = $admin_app->urlFor('error')."?code=content_not_writable";
  493. $admin_app->redirect($url);
  494. }
  495. /*
  496. |--------------------------------------------------------------------------
  497. | Fieldset defaults
  498. |--------------------------------------------------------------------------
  499. |
  500. | We need to bring in the fieldset so we know what we're working with
  501. |
  502. */
  503. $fieldset = null;
  504. $field_settings = array();
  505. if (count($data['fields']) < 1 && file_exists("{$content_root}/{$folder}/fields.yaml")) {
  506. $fields_raw = File::get("{$content_root}/{$folder}/fields.yaml");
  507. $fields_data = YAML::Parse($fields_raw);
  508. if (isset($fields_data['fields'])) {
  509. #fields.yaml
  510. $field_settings = $fields_data['fields'];
  511. } elseif (isset($fields_data['_fieldset'])) {
  512. # using a fieldset
  513. $fieldset = $fields_data['_fieldset'];
  514. $fs = Statamic_Fieldset::load($fieldset);
  515. $fieldset_data = $fs->get_data();
  516. $field_settings = $fieldset_data['fields'];
  517. } else {
  518. $field_settings = array();
  519. }
  520. } elseif (isset($form_data['type']) && $form_data['type'] == 'none') {
  521. if (isset($form_data['fieldset'])) {
  522. $fieldset = $form_data['fieldset'];
  523. $file_data['_fieldset'] = $fieldset;
  524. $fs = Statamic_Fieldset::load($fieldset);
  525. $fields_data = $fs->get_data();
  526. $field_settings = $fields_data['fields'];
  527. }
  528. }
  529. /*
  530. |--------------------------------------------------------------------------
  531. | Check for empty checkbox fields
  532. |--------------------------------------------------------------------------
  533. |
  534. | Unchecked checkbox fields will not be included in the POST array due to
  535. | being unsuccessful, thus, we need to loop through all expected fields
  536. | looking for a checkbox type, and if it isn't in POST, set it to 0 manually
  537. |
  538. */
  539. foreach ($field_settings as $field => $settings) {
  540. if (isset($settings['type']) && $settings['type'] == 'checkbox' && !isset($form_data['yaml'][$field])) {
  541. $form_data['yaml'][$field] = 0;
  542. }
  543. }
  544. /*
  545. |--------------------------------------------------------------------------
  546. | File uploads
  547. |--------------------------------------------------------------------------
  548. |
  549. | This isn't great. We need to rewrite this. AJAX would probably be
  550. | best course of action.
  551. |
  552. */
  553. if (isset($_FILES['page'])) {
  554. foreach ($_FILES['page']['name']['yaml'] as $field => $value) {
  555. if (isset($field_settings[$field]['type'])) {
  556. if ($field_settings[$field]['type'] == 'file') {
  557. if ($value <> '') {
  558. $file_values = array();
  559. $file_values['name'] = $_FILES['page']['name']['yaml'][$field];
  560. $file_values['type'] = $_FILES['page']['type']['yaml'][$field];
  561. $file_values['tmp_name'] = $_FILES['page']['tmp_name']['yaml'][$field];
  562. $file_values['error'] = $_FILES['page']['error']['yaml'][$field];
  563. $file_values['size'] = $_FILES['page']['size']['yaml'][$field];
  564. $val = Fieldtype::process_field_data('file', $file_values, $field_settings[$field]);
  565. $file_data[$field] = $val;
  566. unset($form_data['yaml'][$field]);
  567. } else {
  568. if (isset($form_data['yaml'][$field.'_remove'])) {
  569. $form_data['yaml'][$field] = '';
  570. $file_data[$field] = '';
  571. } else {
  572. $file_data[$field] = isset($form_data['yaml'][$field]) ? $form_data['yaml'][$field] : '';
  573. }
  574. }
  575. // unset the remove column
  576. if (isset($form_data['yaml']["{$field}_remove"])) {
  577. unset($form_data['yaml']["{$field}_remove"]);
  578. }
  579. }
  580. }
  581. }
  582. }
  583. /*
  584. |--------------------------------------------------------------------------
  585. | Fieldtype Process Method
  586. |--------------------------------------------------------------------------
  587. |
  588. | Fieldtypes get the opportunity to process their own data.
  589. | That happens right here.
  590. |
  591. */
  592. foreach ($form_data['yaml'] as $field => $value) {
  593. if (isset($field_settings[$field]['type']) && $field_settings[$field]['type'] != 'file') {
  594. $file_data[$field] = Fieldtype::process_field_data($field_settings[$field]['type'], $value, $field_settings[$field], $field);
  595. } else {
  596. $file_data[$field] = $value;
  597. }
  598. }
  599. unset($file_data['content']);
  600. unset($file_data['content_raw']);
  601. unset($file_data['last_modified']);
  602. if (isset($file_data['status'])) {
  603. unset($file_data['status']);
  604. }
  605. /*
  606. |--------------------------------------------------------------------------
  607. | Build and write content
  608. |--------------------------------------------------------------------------
  609. |
  610. | Let's create or update this file.
  611. |
  612. */
  613. $file_content = File::buildContent($file_data, $form_data['content']);
  614. File::put($file, $file_content);
  615. /*
  616. |--------------------------------------------------------------------------
  617. | Rename/move file
  618. |--------------------------------------------------------------------------
  619. |
  620. | If the slug changed we'll need to rename the file accordingly.
  621. |
  622. */
  623. if ( ! isset($form_data['new'])) {
  624. $new_slug = ($form_data['meta']['slug'] === '/') ? '/' : Slug::make($form_data['meta']['slug']);
  625. // Date Entry
  626. if ($form_data['type'] == 'date') {
  627. // With Timestamps
  628. if (Config::getEntryTimestamps()) {
  629. $new_timestamp = $form_data['meta']['publish-time'];
  630. $new_datestamp = $form_data['meta']['publish-date'];
  631. $new_file = $content_root . "/" . dirname($path) . "/" . $status_prefix . $new_datestamp . "-" . $new_timestamp . "-" . $new_slug.".".$content_type;
  632. // Without Timestamps
  633. } else {
  634. $new_datestamp = $form_data['meta']['publish-date'];
  635. $new_file = $content_root . "/" . dirname($path) . "/" . $status_prefix . $new_datestamp . "-" . $new_slug.".".$content_type;
  636. }
  637. // Numerical Entry
  638. } elseif ($form_data['type'] == 'number') {
  639. $new_numeric = $form_data['meta']['publish-numeric'];
  640. $new_file = $content_root . "/" . dirname($path) . "/" . $status_prefix . $new_numeric . "." . $new_slug . "." . $content_type;
  641. // Pages
  642. } else {
  643. // Folder/page.md
  644. if ($index_file) {
  645. $new_file = str_replace($form_data['original_slug'], $status_prefix . $new_slug, $file);
  646. } else {
  647. // Regular page
  648. $new_file = $content_root . "/" . dirname($path) . "/" . $status_prefix . $new_slug . "." . $content_type;
  649. }
  650. }
  651. if ($file !== $new_file) {
  652. if ($index_file) {
  653. // If the page is an index file but not in a directory we want to rename the file not the parent directory.
  654. if (dirname($file) != dirname($new_file)) {
  655. rename(dirname($file), dirname($new_file));
  656. } else {
  657. rename($file, $new_file);
  658. }
  659. } else {
  660. rename($file, $new_file);
  661. }
  662. }
  663. }
  664. /*
  665. |--------------------------------------------------------------------------
  666. | Done. Let's redirect!
  667. |--------------------------------------------------------------------------
  668. |
  669. | Pages go back to the tree, entries to their respective Entry Listing
  670. |
  671. */
  672. if ($form_data['type'] == 'none') {
  673. $app->flash('success', Localization::fetch('page_saved'));
  674. $url = $app->urlFor('pages')."?path=".$folder;
  675. $app->redirect($url);
  676. } else {
  677. $app->flash('success', Localization::fetch('entry_saved'));
  678. $url = $app->urlFor('entries')."?path=".$folder;
  679. $app->redirect($url);
  680. }
  681. });
  682. // GET: DELETE ENTRY
  683. $admin_app->map('/delete/entry', function() use ($admin_app) {
  684. authenticateForRole('admin');
  685. doStatamicVersionCheck($admin_app);
  686. $content_root = Config::getContentRoot();
  687. $content_type = Config::getContentType();
  688. $entries = (array) Request::fetch('entries');
  689. $count = count($entries);
  690. foreach ($entries as $path) {
  691. $file = $content_root . "/" . $path . "." . $content_type;
  692. File::delete($file);
  693. }
  694. if ($count > 1) {
  695. $admin_app->flash('success', Localization::fetch('entries_deleted'));
  696. } else {
  697. $admin_app->flash('success', Localization::fetch('entry_deleted'));
  698. }
  699. $url = $admin_app->urlFor('entries')."?path=".dirname($path);
  700. $admin_app->redirect($url);
  701. })->name('delete_entry')->via('GET', 'POST');;
  702. // GET: DELETE PAGE
  703. $admin_app->get('/delete/page', function() use ($admin_app) {
  704. authenticateForRole('admin');
  705. doStatamicVersionCheck($admin_app);
  706. $path = URL::assemble(BASE_PATH, Config::getContentRoot(), $admin_app->request()->get('path'));
  707. $type = $admin_app->request()->get('type');
  708. if ($type == "folder" && Folder::exists($path)) {
  709. Folder::delete($path);
  710. $admin_app->flash('success', Localization::fetch('page_deleted'));
  711. } else {
  712. if ( ! Pattern::endsWith($path, Config::getContentType())) {
  713. $path .= Config::getContentType();
  714. }
  715. if (File::exists($path)) {
  716. File::delete($path);
  717. $admin_app->flash('success', Localization::fetch('page_deleted'));
  718. } else {
  719. $admin_app->flash('failure', Localization::fetch('page_unable_delete'));
  720. }
  721. }
  722. $admin_app->redirect($admin_app->urlFor('pages'));
  723. })->name('delete_page');
  724. // GET: PUBLISH
  725. $admin_app->get('/publish', function() use ($admin_app) {
  726. authenticateForRole('admin');
  727. doStatamicVersionCheck($admin_app);
  728. $content_root = Config::getContentRoot();
  729. $app = \Slim\Slim::getInstance();
  730. $data = array();
  731. $path = Request::get('path');
  732. $new = Request::get('new');
  733. $fieldset = Request::get('fieldset');
  734. $type = Request::get('type');
  735. if ($path) {
  736. if ($new) {
  737. $data['new'] = 'true';
  738. $page = 'new-slug';
  739. $folder = $path;
  740. $data['full_slug'] = dirname($path);
  741. $data['slug'] = '';
  742. $data['path'] = $path;
  743. $data['page'] = '';
  744. $data['title'] = '';
  745. $data['folder'] = $folder;
  746. $data['content'] = '';
  747. $data['content_raw'] = '';
  748. $data['datestamp'] = time();
  749. $data['timestamp'] = time();
  750. $data['original_slug'] = '';
  751. $data['original_datestamp'] = '';
  752. $data['original_timestamp'] = '';
  753. $data['original_numeric'] = '';
  754. if ($type == 'none') {
  755. $data['folder'] = $path;
  756. $data['full_slug'] = $path;
  757. $data['slug'] = 'page';
  758. }
  759. } else {
  760. $page = basename($path);
  761. $folder = substr($path, 0, (-1*strlen($page))-1);
  762. if ( ! Content::exists($page, $folder)) {
  763. $app->flash('error', Localization::fetch('content_not_found'));
  764. $url = $app->urlFor('pages');
  765. $app->redirect($url);
  766. return;
  767. }
  768. $data = Statamic::get_content_meta($page, $folder, true);
  769. $data['title'] = isset($data['title']) ? $data['title'] : '';
  770. $data['slug'] = basename($path);
  771. $data['full_slug'] = $folder."/".$page;
  772. $data['path'] = $path;
  773. $data['folder'] = $folder;
  774. $data['page'] = $page;
  775. $data['type'] = 'none';
  776. $data['original_slug'] = '';
  777. $data['original_datestamp'] = '';
  778. $data['original_timestamp'] = '';
  779. $data['original_numeric'] = '';
  780. $data['datestamp'] = 0;
  781. if ($page == 'page') {
  782. $page = basename($folder);
  783. if ($page == '') $page = '/';
  784. $folder = dirname($folder);
  785. $data['full_slug'] = $page;
  786. }
  787. }
  788. // Get/Set Status
  789. if ($data['slug'] === 'page') {
  790. $data['status'] = array_get($data, 'status', Slug::getStatus($data['folder']));
  791. } else {
  792. $data['status'] = array_get($data, 'status', Slug::getStatus($page));
  793. }
  794. if ($data['slug'] != 'page' && File::exists("{$content_root}/{$folder}/fields.yaml")) {
  795. $fields_raw = file_get_contents("{$content_root}/{$folder}/fields.yaml");
  796. $fields_data = YAML::Parse($fields_raw);
  797. if (isset($fields_data['fields'])) {
  798. # fields.yaml controls the fields
  799. $data['fields'] = $fields_data['fields'];
  800. } elseif (isset($fields_data['_fieldset'])) {
  801. # using a fieldset
  802. $fieldset = $fields_data['_fieldset'];
  803. $fs = Statamic_Fieldset::load($fieldset);
  804. $fieldset_data = $fs->get_data();
  805. $data['fields'] = $fieldset_data['fields'];
  806. } else {
  807. # not set.
  808. $data['fields'] = array();
  809. }
  810. $data['type'] = isset($fields_data['type']) && ! is_array($fields_data['type']) ? $fields_data['type'] : $fields_data['type']['prefix'];
  811. // Slug
  812. if (Slug::isDraft($page)) {
  813. $slug = substr($page, 2);
  814. } elseif (Slug::isHidden($page)) {
  815. $slug = substr($page, 1);
  816. } else {
  817. $slug = $page;
  818. }
  819. if ($data['type'] == 'date') {
  820. if (Config::getEntryTimestamps() && Slug::isDateTime($page)) {
  821. $data['full_slug'] = $folder;
  822. $data['original_slug'] = substr($slug, 16);
  823. $data['slug'] = substr($slug, 16);
  824. $data['original_datestamp'] = substr($slug, 0, 10);
  825. $data['original_timestamp'] = substr($slug, 11, 4);
  826. if (!$new) {
  827. $data['datestamp'] = strtotime(substr($slug, 0, 10));
  828. $data['timestamp'] = strtotime(substr($slug, 0, 10) . " " . substr($slug, 11, 4));
  829. $data['full_slug'] = $folder."/".$data['original_slug'];
  830. }
  831. } else {
  832. $data['full_slug'] = $folder;
  833. $data['original_slug'] = substr($slug, 11);
  834. $data['slug'] = substr($slug, 11);
  835. $data['original_datestamp'] = substr($slug, 0, 10);
  836. $data['original_timestamp'] = "";
  837. if (!$new) {
  838. $data['datestamp'] = strtotime(substr($slug, 0, 10));
  839. $data['full_slug'] = $folder."/".$data['original_slug'];
  840. $data['timestamp'] = "0000";
  841. }
  842. }
  843. } elseif ($data['type'] == 'number') {
  844. if ($new) {
  845. $data['original_numeric'] = Statamic::get_next_numeric($folder);
  846. $data['numeric'] = Statamic::get_next_numeric($folder);
  847. $data['full_slug'] = $folder;
  848. } else {
  849. $numeric = Slug::getOrderNumber($slug);
  850. $data['slug'] = substr($slug, strlen($numeric)+1);
  851. $data['original_slug'] = substr($slug, strlen($numeric)+1);
  852. $data['numeric'] = $numeric;
  853. $data['original_numeric'] = $numeric;
  854. $data['full_slug'] = $folder."/".$data['original_slug'];
  855. }
  856. }
  857. } else {
  858. if ($new) {
  859. if ($fieldset) {
  860. $fs = Statamic_Fieldset::load($fieldset);
  861. $fields_data = $fs->get_data();
  862. $data['fields'] = isset($fields_data['fields']) ? $fields_data['fields'] : array();
  863. $data['type'] = 'none';
  864. $data['fieldset'] = $fieldset;
  865. }
  866. } else {
  867. if (isset($data['_fieldset'])) {
  868. $fs = Statamic_Fieldset::load($data['_fieldset']);
  869. $fields_data = $fs->get_data();
  870. $data['fields'] = isset($fields_data['fields']) ? $fields_data['fields'] : array();
  871. $data['fieldset'] = $data['_fieldset'];
  872. }
  873. $data['type'] = 'none';
  874. }
  875. if (Slug::isDraft($page)) {
  876. $data['slug'] = substr($page, 2);
  877. } elseif (Slug::isHidden($page)) {
  878. $data['slug'] = substr($page, 1);
  879. } else {
  880. $data['slug'] = $page;
  881. }
  882. $data['original_slug'] = $page;
  883. }
  884. } else {
  885. print "NO PATH";
  886. }
  887. // We want to respect the Status field, but not run it through Fieldset::render()
  888. $data['status'] = ($new) ? array_get($data, 'fields:status:default', 'live') : $data['status'];
  889. unset($data['fields']['status']);
  890. // Content
  891. $content_defaults = array('content' => array(
  892. 'display' => array_get($data, 'fields:content:display', 'Content'),
  893. 'type' => array_get($data, 'fields:content:type', 'markitup'),
  894. 'field_config' => array_get($data, 'fields:content', array()),
  895. 'required' => (array_get($data, 'fields:content:required', false) === true) ? 'required' : '',
  896. 'instructions' => array_get($data, 'fields:content:instructions', ''),
  897. 'required' => array_get($data, 'fields:content:required', false),
  898. 'input_key' => ''
  899. ));
  900. $data['fields'] = array_merge(array_get($data, 'fields', array()), $content_defaults);
  901. $data['full_slug'] = Path::tidy($data['full_slug']);
  902. /*
  903. |--------------------------------------------------------------------------
  904. | Status bar message
  905. |--------------------------------------------------------------------------
  906. |
  907. | Gawd this is awful. Can't wait to refactor this spaghetti.
  908. |
  909. */
  910. if ($data['type'] === 'none' || ($data['type'] === 'none' && $original_slug !== 'page')) {
  911. $data['status_message'] = (isset($new)) ? Localization::fetch('editing_page') : Localization::fetch('edit_page');
  912. $data['identifier'] = ($data['page'] === 'page') ? Path::pretty($data['folder']) : Path::pretty($data['full_slug']);
  913. } else {
  914. $data['status_message'] = (isset($new)) ? Localization::fetch('new_entry') : Localization::fetch('editing_entry');
  915. $data['identifier'] = (isset($new)) ? Path::pretty($folder . '/') : Path::pretty($data['full_slug']);
  916. }
  917. if ($new) $data['status_message'] .= ' ' . Localization::fetch('in', null, true);
  918. $data['templates'] = Theme::getTemplates();
  919. $data['layouts'] = Theme::getLayouts();
  920. $template_list = array("publish");
  921. Statamic_View::set_templates(array_reverse($template_list));
  922. $admin_app->render(null, array('route' => 'publish', 'app' => $admin_app)+$data);
  923. })->name('publish');
  924. // MEMBERS
  925. // --------------------------------------------------------
  926. $admin_app->get('/members', function() use ($admin_app) {
  927. authenticateForRole('admin');
  928. doStatamicVersionCheck($admin_app);
  929. $members = Statamic_Auth::get_user_list();
  930. $data['members'] = $members;
  931. $template_list = array("members");
  932. Statamic_View::set_templates(array_reverse($template_list));
  933. $admin_app->render(null, array('route' => 'members', 'app' => $admin_app)+$data);
  934. })->name('members');
  935. // POST: MEMBER
  936. // --------------------------------------------------------
  937. $admin_app->post('/member', function() use ($admin_app) {
  938. authenticateForRole('admin');
  939. doStatamicVersionCheck($admin_app);
  940. $data = array();
  941. $name = $admin_app->request()->get('name');
  942. $form_data = $admin_app->request()->post('member');
  943. $original_name = (isset($form_data['original_name'])) ? $form_data['original_name'] : '';
  944. if ($form_data) {
  945. $errors = array();
  946. // VALIDATE
  947. if (isset($form_data['new'])) {
  948. $name = $form_data['name'];
  949. if ($name == '') {
  950. $errors[Localization::fetch('username')] = Localization::fetch('is_required');
  951. } elseif (!statamic_user::is_valid_name($name)) {
  952. $errors[Localization::fetch('username')] = Localization::fetch('already_exists');
  953. } elseif (Statamic_Auth::user_exists($name)) {
  954. $errors[Localization::fetch('username')] = Localization::fetch('already_exists');
  955. }
  956. if ((!isset($form_data['yaml']['password'])) || (!isset($form_data['yaml']['password']))) {
  957. $errors[Localization::fetch('password')] = Localization::fetch('password_confirmation_required');
  958. } else {
  959. if ($form_data['yaml']['password'] == '') {
  960. $errors['password'] = 'must be at least 1 character';
  961. } elseif ($form_data['yaml']['password'] != $form_data['yaml']['password_confirmation']) {
  962. $errors[Localization::fetch('password')] = Localization::fetch('password_confirmation_match');
  963. }
  964. }
  965. } else {
  966. if ($form_data['name'] <> $form_data['original_name']) {
  967. if (!statamic_user::is_valid_name($form_data['name'])) {
  968. $errors[Localization::fetch('username')] = Localization::fetch('already_exists');
  969. } elseif (Statamic_Auth::user_exists($form_data['name'])) {
  970. $errors[Localization::fetch('username')] = Localization::fetch('already_exists');
  971. }
  972. }
  973. if (isset($form_data['yaml']['password'])) {
  974. if ((!isset($form_data['yaml']['password'])) || (!isset($form_data['yaml']['password']))) {
  975. $errors[Localization::fetch('password')] = Localization::fetch('password_confirmation_required');
  976. } else {
  977. if ($form_data['yaml']['password'] <> '') {
  978. if ($form_data['yaml']['password'] != $form_data['yaml']['password_confirmation']) {
  979. $errors['password'] = 'and confirmation do not match';
  980. }
  981. }
  982. }
  983. }
  984. }
  985. if (sizeof($errors) > 0) {
  986. // repopulate and re-render
  987. $data['errors'] = $errors;
  988. $data['name'] = $form_data['name'];
  989. $data['first_name'] = $form_data['yaml']['first_name'];
  990. $data['last_name'] = $form_data['yaml']['last_name'];
  991. $data['full_name'] = $form_data['yaml']['first_name'] . ' ' .$form_data['yaml']['last_name'];
  992. $data['email'] = $form_data['yaml']['email'];
  993. $data['roles'] = $form_data['yaml']['roles'];
  994. $data['biography'] = $form_data['biography'];
  995. $data['original_name'] = $form_data['original_name'];
  996. $data['status_message'] = Localization::fetch('creating_member');
  997. $template_list = array("member");
  998. Statamic_View::set_templates(array_reverse($template_list));
  999. $admin_app->render(null, array('route' => 'publish', 'app' => $admin_app)+$data);
  1000. return;
  1001. }
  1002. // IF NOT ERRORS SAVE
  1003. if (isset($form_data['new'])) {
  1004. $user = new Statamic_User(array());
  1005. $user->set_name($name);
  1006. } else {
  1007. $user = Statamic_User::load($original_name);
  1008. }
  1009. $user->set_first_name($form_data['yaml']['first_name']);
  1010. $user->set_last_name($form_data['yaml']['last_name']);
  1011. $user->set_email($form_data['yaml']['email']);
  1012. if ( ! isset($form_data['yaml']['roles'])) {
  1013. $form_data['yaml']['roles'] = '';
  1014. }
  1015. $user->set_roles($form_data['yaml']['roles']);
  1016. $user->set_biography_raw($form_data['biography']);
  1017. if (isset($form_data['yaml']['password']) && $form_data['yaml']['password'] <> '') {
  1018. $user->set_password($form_data['yaml']['password'], true);
  1019. }
  1020. $user->save();
  1021. // Rename?
  1022. if (!isset($form_data['new']) && $form_data['name'] <> $form_data['original_name']) {
  1023. try {
  1024. $user->rename($form_data['name']);
  1025. } catch (Exception $e) {
  1026. rd($e->getMessage());
  1027. }
  1028. }
  1029. // REDIRECT
  1030. $admin_app->flash('success', Localization::fetch('member_saved'));
  1031. $url = (CP_Helper::show_page('members')) ? $admin_app->urlFor('members') : $admin_app->urlFor('pages');
  1032. $admin_app->redirect($url);
  1033. }
  1034. });
  1035. // GET: MEMBER
  1036. // --------------------------------------------------------
  1037. $admin_app->get('/member', function() use ($admin_app) {
  1038. authenticateForRole('admin');
  1039. doStatamicVersionCheck($admin_app);
  1040. $data = array();
  1041. if ( ! Statamic::are_users_writable()) {
  1042. $url = $admin_app->urlFor('error')."?code=users_not_writable";
  1043. $admin_app->redirect($url);
  1044. }
  1045. $name = $admin_app->request()->get('name');
  1046. $new = $admin_app->request()->get('new');
  1047. if ($new) {
  1048. $data['name'] = '';
  1049. $data['new'] = 'true';
  1050. $data['content_raw'] = '';
  1051. $data['original_name'] = '';
  1052. $data['first_name'] = '';
  1053. $data['last_name'] = '';
  1054. $data['full_name'] = '';
  1055. $data['email'] = '';
  1056. $data['roles'] = '';
  1057. $data['biography'] = '';
  1058. $data['status_message'] = Localization::fetch('creating_member');
  1059. } else {
  1060. $user = Statamic_Auth::get_user($name);
  1061. if ( ! $user) {
  1062. die("Error");
  1063. }
  1064. $data['name'] = $name;
  1065. $data['full_name'] = $user->get_full_name();
  1066. $data['first_name'] = $user->get_first_name();
  1067. $data['last_name'] = $user->get_last_name();
  1068. $data['email'] = $user->get_email();
  1069. $data['roles'] = $user->get_roles_list();
  1070. $data['status_message'] = Localization::fetch('editing_member');
  1071. $data['biography'] = $user->get_biography_raw();
  1072. $data['original_name'] = $name;
  1073. }
  1074. $template_list = array("member");
  1075. Statamic_View::set_templates(array_reverse($template_list));
  1076. $admin_app->render(null, array('route' => 'members', 'app' => $admin_app)+$data);
  1077. })->name('member');
  1078. // GET: DELETE MEMBER
  1079. $admin_app->get('/deletemember', function() use ($admin_app) {
  1080. authenticateForRole('admin');
  1081. doStatamicVersionCheck($admin_app);
  1082. $name = $admin_app->request()->get('name');
  1083. if (Statamic_Auth::user_exists($name)) {
  1084. $user = Statamic_Auth::get_user($name);
  1085. $user->delete();
  1086. }
  1087. // Redirect
  1088. $admin_app->flash('info', Localization::fetch('member_deleted'));
  1089. $url = $admin_app->urlFor('members');
  1090. $admin_app->redirect($url);
  1091. })->name('deletemember');
  1092. // Account
  1093. // --------------------------------------------------------
  1094. $admin_app->get('/account', function() use ($admin_app) {
  1095. authenticateForRole('admin');
  1096. doStatamicVersionCheck($admin_app);
  1097. $template_list = array("account");
  1098. Statamic_View::set_templates(array_reverse($template_list));
  1099. $admin_app->render(null, array('route' => 'members', 'app' => $admin_app));
  1100. })->name('account');
  1101. // System
  1102. // --------------------------------------------------------
  1103. $admin_app->get('/system', function() use ($admin_app) {
  1104. $redirect_to = Config::get('_admin_start_page', 'pages');
  1105. $admin_app->redirect($admin_app->urlFor('security'));
  1106. })->name('system');
  1107. // Security
  1108. // --------------------------------------------------------
  1109. $admin_app->get('/system/security', function() use ($admin_app) {
  1110. authenticateForRole('admin');
  1111. doStatamicVersionCheck($admin_app);
  1112. $template_list = array("security");
  1113. Statamic_View::set_templates(array_reverse($template_list));
  1114. $data = array();
  1115. if (isCurlEnabled()) {
  1116. $user = Statamic_Auth::get_current_user();
  1117. $username = $user->get_name();
  1118. $tests = array(
  1119. '_app' => Localization::fetch('security_app_folder'),
  1120. '_config' => Localization::fetch('security_config_folder'),
  1121. '_config/settings.yaml' => Localization::fetch('security_settings_files'),
  1122. '_config/users/'.$username.'.yaml' => Localization::fetch('security_user_files'),
  1123. Config::getContentRoot() => Localization::fetch('security_content_folder'),
  1124. Config::getTemplatesPath().'layouts/default.html' => Localization::fetch('security_template_files'),
  1125. '_logs' => Localization::fetch('security_logs_folder')
  1126. );
  1127. $site_url = 'http://'.$_SERVER['HTTP_HOST'].'/';
  1128. foreach ($tests as $url => $message) {
  1129. $test_url = $site_url.$url;
  1130. $http = curl_init($test_url);
  1131. curl_setopt($http, CURLOPT_RETURNTRANSFER, 1);
  1132. curl_setopt($http, CURLOPT_TIMEOUT, 3);
  1133. $result = curl_exec($http);
  1134. $http_status = curl_getinfo($http, CURLINFO_HTTP_CODE);
  1135. curl_close($http);
  1136. $data['system_checks'][$url]['status_code'] = $http_status;
  1137. $data['system_checks'][$url]['status'] = $http_status !== 200 ? 'good' : 'warning';
  1138. $data['system_checks'][$url]['message'] = $message;
  1139. }
  1140. }
  1141. $data['users'] = Statamic_Auth::get_user_list();
  1142. $admin_app->render(null, array('route' => 'security', 'app' => $admin_app)+$data);
  1143. })->name('security');
  1144. // Logs
  1145. // --------------------------------------------------------
  1146. $admin_app->get('/system/logs', function() use ($admin_app) {
  1147. authenticateForRole('admin');
  1148. doStatamicVersionCheck($admin_app);
  1149. $template_list = array("logs");
  1150. Statamic_View::set_templates(array_reverse($template_list));
  1151. $data = array();
  1152. $data['enabled'] = Config::get("_log_enabled", false);
  1153. $data['raw_path'] = Config::get("_log_file_path");
  1154. $data['prefix'] = Config::get("_log_file_prefix");
  1155. $data['log_level'] = Config::get("_log_level");
  1156. $data['time_format'] = Config::get("_time_format");
  1157. $data['logs'] = array();
  1158. $data['logs_exist'] = FALSE;
  1159. $data['records_exist'] = FALSE;
  1160. $data['log_items'] = 0;
  1161. $data['load_date'] = Date::format("Y-m-d");
  1162. $data['log'] = array();
  1163. $data['filter'] = '';
  1164. $data['logs_writable'] = FALSE;
  1165. // determine actual path
  1166. $data['path'] = $data['raw_path'];
  1167. if (!in_array(substr($data['raw_path'], 0, 1), array("/", "."))) {
  1168. $data['path'] = BASE_PATH . DIRECTORY_SEPARATOR . $data['raw_path'];
  1169. }
  1170. // is log folder writable?
  1171. if (is_writable($data['path'])) {
  1172. $data['logs_writable'] = TRUE;
  1173. }
  1174. // do any logs exist here?
  1175. try {
  1176. $filename_regex = "/^" . $data['prefix'] . "_(\d{4})-(\d{2})-(\d{2})/i";
  1177. $dir = opendir($data['path']);
  1178. if (!$dir) {
  1179. throw new Exception("Directory not found");
  1180. }
  1181. while (FALSE !== ($file = readdir($dir))) {
  1182. if (!preg_match($filename_regex, $file, $matches)) {
  1183. // no match, nothing to see here
  1184. continue;
  1185. }
  1186. $data['logs'][$matches[1] . "-" . $matches[2] . "-" . $matches[3]] = array(
  1187. "date" => Date::format(Config::getDateFormat(), $matches[1] . "-" . $matches[2] . "-" . $matches[3]),
  1188. "raw_date" => $matches[1] . "-" . $matches[2] . "-" . $matches[3],
  1189. "filename" => $file,
  1190. "full_path" => $data['path'] . DIRECTORY_SEPARATOR . $file
  1191. );
  1192. // we have found at least one valid log
  1193. $data['logs_exist'] = TRUE;
  1194. }
  1195. closedir($dir);
  1196. // flip the order of logs
  1197. $data['logs'] = array_reverse($data['logs']);
  1198. } catch (Exception $e) {
  1199. // no logs exist
  1200. $data['logs_exist'] = FALSE;
  1201. }
  1202. // filter
  1203. $match = array('DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL');
  1204. $filter = filter_input(INPUT_GET, 'filter');
  1205. if ($filter) {
  1206. switch(strtolower($_GET['filter'])) {
  1207. case 'debug':
  1208. $match = array('DEBUG');
  1209. $data['filter'] = 'debug';
  1210. break;
  1211. case 'info':
  1212. $match =

Large files files are truncated, but you can click here to view the full file