diff options
| author | Jesús <heckyel@hyperbola.info> | 2019-08-18 21:14:58 -0500 |
|---|---|---|
| committer | Jesús <heckyel@hyperbola.info> | 2019-08-18 21:14:58 -0500 |
| commit | 2eed7b082f83630301e51f57ca8394de228a8605 (patch) | |
| tree | 1d19962d22d30f99317d9276e4bae7744fc93fc2 /public/admin/controller/common | |
| download | librecart-2eed7b082f83630301e51f57ca8394de228a8605.tar.lz librecart-2eed7b082f83630301e51f57ca8394de228a8605.tar.xz librecart-2eed7b082f83630301e51f57ca8394de228a8605.zip | |
first commit
Diffstat (limited to 'public/admin/controller/common')
| -rw-r--r-- | public/admin/controller/common/column_left.php | 698 | ||||
| -rw-r--r-- | public/admin/controller/common/dashboard.php | 98 | ||||
| -rw-r--r-- | public/admin/controller/common/developer.php | 113 | ||||
| -rw-r--r-- | public/admin/controller/common/filemanager.php | 415 | ||||
| -rw-r--r-- | public/admin/controller/common/footer.php | 14 | ||||
| -rw-r--r-- | public/admin/controller/common/forgotten.php | 71 | ||||
| -rw-r--r-- | public/admin/controller/common/header.php | 81 | ||||
| -rw-r--r-- | public/admin/controller/common/login.php | 92 | ||||
| -rw-r--r-- | public/admin/controller/common/logout.php | 10 | ||||
| -rw-r--r-- | public/admin/controller/common/profile.php | 211 | ||||
| -rw-r--r-- | public/admin/controller/common/reset.php | 101 | ||||
| -rw-r--r-- | public/admin/controller/common/security.php | 143 |
12 files changed, 2047 insertions, 0 deletions
diff --git a/public/admin/controller/common/column_left.php b/public/admin/controller/common/column_left.php new file mode 100644 index 0000000..54b1209 --- /dev/null +++ b/public/admin/controller/common/column_left.php @@ -0,0 +1,698 @@ +<?php +class ControllerCommonColumnLeft extends Controller { + public function index() { + if (isset($this->request->get['user_token']) && isset($this->session->data['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { + $this->load->language('common/column_left'); + + // Create a 3 level menu array + // Level 2 can not have children + + // Menu + $data['menus'][] = array( + 'id' => 'menu-dashboard', + 'icon' => 'fa-dashboard', + 'name' => $this->language->get('text_dashboard'), + 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + + // Catalog + $catalog = array(); + + if ($this->user->hasPermission('access', 'catalog/category')) { + $catalog[] = array( + 'name' => $this->language->get('text_category'), + 'href' => $this->url->link('catalog/category', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/product')) { + $catalog[] = array( + 'name' => $this->language->get('text_product'), + 'href' => $this->url->link('catalog/product', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/recurring')) { + $catalog[] = array( + 'name' => $this->language->get('text_recurring'), + 'href' => $this->url->link('catalog/recurring', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/filter')) { + $catalog[] = array( + 'name' => $this->language->get('text_filter'), + 'href' => $this->url->link('catalog/filter', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + // Attributes + $attribute = array(); + + if ($this->user->hasPermission('access', 'catalog/attribute')) { + $attribute[] = array( + 'name' => $this->language->get('text_attribute'), + 'href' => $this->url->link('catalog/attribute', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/attribute_group')) { + $attribute[] = array( + 'name' => $this->language->get('text_attribute_group'), + 'href' => $this->url->link('catalog/attribute_group', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($attribute) { + $catalog[] = array( + 'name' => $this->language->get('text_attribute'), + 'href' => '', + 'children' => $attribute + ); + } + + if ($this->user->hasPermission('access', 'catalog/option')) { + $catalog[] = array( + 'name' => $this->language->get('text_option'), + 'href' => $this->url->link('catalog/option', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/manufacturer')) { + $catalog[] = array( + 'name' => $this->language->get('text_manufacturer'), + 'href' => $this->url->link('catalog/manufacturer', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/download')) { + $catalog[] = array( + 'name' => $this->language->get('text_download'), + 'href' => $this->url->link('catalog/download', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/review')) { + $catalog[] = array( + 'name' => $this->language->get('text_review'), + 'href' => $this->url->link('catalog/review', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'catalog/information')) { + $catalog[] = array( + 'name' => $this->language->get('text_information'), + 'href' => $this->url->link('catalog/information', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($catalog) { + $data['menus'][] = array( + 'id' => 'menu-catalog', + 'icon' => 'fa-tags', + 'name' => $this->language->get('text_catalog'), + 'href' => '', + 'children' => $catalog + ); + } + + // Extension + $marketplace = array(); + + if ($this->user->hasPermission('access', 'marketplace/marketplace')) { + $marketplace[] = array( + 'name' => $this->language->get('text_marketplace'), + 'href' => $this->url->link('marketplace/marketplace', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketplace/installer')) { + $marketplace[] = array( + 'name' => $this->language->get('text_installer'), + 'href' => $this->url->link('marketplace/installer', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketplace/extension')) { + $marketplace[] = array( + 'name' => $this->language->get('text_extension'), + 'href' => $this->url->link('marketplace/extension', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketplace/modification')) { + $marketplace[] = array( + 'name' => $this->language->get('text_modification'), + 'href' => $this->url->link('marketplace/modification', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketplace/event')) { + $marketplace[] = array( + 'name' => $this->language->get('text_event'), + 'href' => $this->url->link('marketplace/event', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($marketplace) { + $data['menus'][] = array( + 'id' => 'menu-extension', + 'icon' => 'fa-puzzle-piece', + 'name' => $this->language->get('text_extension'), + 'href' => '', + 'children' => $marketplace + ); + } + + // Design + $design = array(); + + if ($this->user->hasPermission('access', 'design/layout')) { + $design[] = array( + 'name' => $this->language->get('text_layout'), + 'href' => $this->url->link('design/layout', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'design/theme')) { + $design[] = array( + 'name' => $this->language->get('text_theme'), + 'href' => $this->url->link('design/theme', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'design/translation')) { + $design[] = array( + 'name' => $this->language->get('text_language_editor'), + 'href' => $this->url->link('design/translation', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'design/banner')) { + $design[] = array( + 'name' => $this->language->get('text_banner'), + 'href' => $this->url->link('design/banner', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'design/seo_url')) { + $design[] = array( + 'name' => $this->language->get('text_seo_url'), + 'href' => $this->url->link('design/seo_url', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($design) { + $data['menus'][] = array( + 'id' => 'menu-design', + 'icon' => 'fa-television', + 'name' => $this->language->get('text_design'), + 'href' => '', + 'children' => $design + ); + } + + // Sales + $sale = array(); + + if ($this->user->hasPermission('access', 'sale/order')) { + $sale[] = array( + 'name' => $this->language->get('text_order'), + 'href' => $this->url->link('sale/order', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'sale/recurring')) { + $sale[] = array( + 'name' => $this->language->get('text_recurring'), + 'href' => $this->url->link('sale/recurring', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'sale/return')) { + $sale[] = array( + 'name' => $this->language->get('text_return'), + 'href' => $this->url->link('sale/return', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + // Voucher + $voucher = array(); + + if ($this->user->hasPermission('access', 'sale/voucher')) { + $voucher[] = array( + 'name' => $this->language->get('text_voucher'), + 'href' => $this->url->link('sale/voucher', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'sale/voucher_theme')) { + $voucher[] = array( + 'name' => $this->language->get('text_voucher_theme'), + 'href' => $this->url->link('sale/voucher_theme', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($voucher) { + $sale[] = array( + 'name' => $this->language->get('text_voucher'), + 'href' => '', + 'children' => $voucher + ); + } + + if ($sale) { + $data['menus'][] = array( + 'id' => 'menu-sale', + 'icon' => 'fa-shopping-cart', + 'name' => $this->language->get('text_sale'), + 'href' => '', + 'children' => $sale + ); + } + + // Customer + $customer = array(); + + if ($this->user->hasPermission('access', 'customer/customer')) { + $customer[] = array( + 'name' => $this->language->get('text_customer'), + 'href' => $this->url->link('customer/customer', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'customer/customer_group')) { + $customer[] = array( + 'name' => $this->language->get('text_customer_group'), + 'href' => $this->url->link('customer/customer_group', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'customer/customer_approval')) { + $customer[] = array( + 'name' => $this->language->get('text_customer_approval'), + 'href' => $this->url->link('customer/customer_approval', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'customer/custom_field')) { + $customer[] = array( + 'name' => $this->language->get('text_custom_field'), + 'href' => $this->url->link('customer/custom_field', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($customer) { + $data['menus'][] = array( + 'id' => 'menu-customer', + 'icon' => 'fa-user', + 'name' => $this->language->get('text_customer'), + 'href' => '', + 'children' => $customer + ); + } + + // Marketing + $marketing = array(); + + if ($this->user->hasPermission('access', 'marketing/marketing')) { + $marketing[] = array( + 'name' => $this->language->get('text_marketing'), + 'href' => $this->url->link('marketing/marketing', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketing/coupon')) { + $marketing[] = array( + 'name' => $this->language->get('text_coupon'), + 'href' => $this->url->link('marketing/coupon', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'marketing/contact')) { + $marketing[] = array( + 'name' => $this->language->get('text_contact'), + 'href' => $this->url->link('marketing/contact', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($marketing) { + $data['menus'][] = array( + 'id' => 'menu-marketing', + 'icon' => 'fa-share-alt', + 'name' => $this->language->get('text_marketing'), + 'href' => '', + 'children' => $marketing + ); + } + + // System + $system = array(); + + if ($this->user->hasPermission('access', 'setting/setting')) { + $system[] = array( + 'name' => $this->language->get('text_setting'), + 'href' => $this->url->link('setting/store', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + // Users + $user = array(); + + if ($this->user->hasPermission('access', 'user/user')) { + $user[] = array( + 'name' => $this->language->get('text_users'), + 'href' => $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'user/user_permission')) { + $user[] = array( + 'name' => $this->language->get('text_user_group'), + 'href' => $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'user/api')) { + $user[] = array( + 'name' => $this->language->get('text_api'), + 'href' => $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($user) { + $system[] = array( + 'name' => $this->language->get('text_users'), + 'href' => '', + 'children' => $user + ); + } + + // Localisation + $localisation = array(); + + if ($this->user->hasPermission('access', 'localisation/location')) { + $localisation[] = array( + 'name' => $this->language->get('text_location'), + 'href' => $this->url->link('localisation/location', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/language')) { + $localisation[] = array( + 'name' => $this->language->get('text_language'), + 'href' => $this->url->link('localisation/language', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/currency')) { + $localisation[] = array( + 'name' => $this->language->get('text_currency'), + 'href' => $this->url->link('localisation/currency', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/stock_status')) { + $localisation[] = array( + 'name' => $this->language->get('text_stock_status'), + 'href' => $this->url->link('localisation/stock_status', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/order_status')) { + $localisation[] = array( + 'name' => $this->language->get('text_order_status'), + 'href' => $this->url->link('localisation/order_status', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + // Returns + $return = array(); + + if ($this->user->hasPermission('access', 'localisation/return_status')) { + $return[] = array( + 'name' => $this->language->get('text_return_status'), + 'href' => $this->url->link('localisation/return_status', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/return_action')) { + $return[] = array( + 'name' => $this->language->get('text_return_action'), + 'href' => $this->url->link('localisation/return_action', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/return_reason')) { + $return[] = array( + 'name' => $this->language->get('text_return_reason'), + 'href' => $this->url->link('localisation/return_reason', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($return) { + $localisation[] = array( + 'name' => $this->language->get('text_return'), + 'href' => '', + 'children' => $return + ); + } + + if ($this->user->hasPermission('access', 'localisation/country')) { + $localisation[] = array( + 'name' => $this->language->get('text_country'), + 'href' => $this->url->link('localisation/country', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/zone')) { + $localisation[] = array( + 'name' => $this->language->get('text_zone'), + 'href' => $this->url->link('localisation/zone', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/geo_zone')) { + $localisation[] = array( + 'name' => $this->language->get('text_geo_zone'), + 'href' => $this->url->link('localisation/geo_zone', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + // Tax + $tax = array(); + + if ($this->user->hasPermission('access', 'localisation/tax_class')) { + $tax[] = array( + 'name' => $this->language->get('text_tax_class'), + 'href' => $this->url->link('localisation/tax_class', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/tax_rate')) { + $tax[] = array( + 'name' => $this->language->get('text_tax_rate'), + 'href' => $this->url->link('localisation/tax_rate', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($tax) { + $localisation[] = array( + 'name' => $this->language->get('text_tax'), + 'href' => '', + 'children' => $tax + ); + } + + if ($this->user->hasPermission('access', 'localisation/length_class')) { + $localisation[] = array( + 'name' => $this->language->get('text_length_class'), + 'href' => $this->url->link('localisation/length_class', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'localisation/weight_class')) { + $localisation[] = array( + 'name' => $this->language->get('text_weight_class'), + 'href' => $this->url->link('localisation/weight_class', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($localisation) { + $system[] = array( + 'name' => $this->language->get('text_localisation'), + 'href' => '', + 'children' => $localisation + ); + } + + // Tools + $maintenance = array(); + + if ($this->user->hasPermission('access', 'tool/backup')) { + $maintenance[] = array( + 'name' => $this->language->get('text_backup'), + 'href' => $this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'tool/upload')) { + $maintenance[] = array( + 'name' => $this->language->get('text_upload'), + 'href' => $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'tool/log')) { + $maintenance[] = array( + 'name' => $this->language->get('text_log'), + 'href' => $this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($maintenance) { + $system[] = array( + 'id' => 'menu-maintenance', + 'icon' => 'fa-cog', + 'name' => $this->language->get('text_maintenance'), + 'href' => '', + 'children' => $maintenance + ); + } + + + if ($system) { + $data['menus'][] = array( + 'id' => 'menu-system', + 'icon' => 'fa-cog', + 'name' => $this->language->get('text_system'), + 'href' => '', + 'children' => $system + ); + } + + $report = array(); + + if ($this->user->hasPermission('access', 'report/report')) { + $report[] = array( + 'name' => $this->language->get('text_reports'), + 'href' => $this->url->link('report/report', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'report/online')) { + $report[] = array( + 'name' => $this->language->get('text_online'), + 'href' => $this->url->link('report/online', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + if ($this->user->hasPermission('access', 'report/statistics')) { + $report[] = array( + 'name' => $this->language->get('text_statistics'), + 'href' => $this->url->link('report/statistics', 'user_token=' . $this->session->data['user_token'], true), + 'children' => array() + ); + } + + $data['menus'][] = array( + 'id' => 'menu-report', + 'icon' => 'fa-bar-chart-o', + 'name' => $this->language->get('text_reports'), + 'href' => '', + 'children' => $report + ); + + // Stats + $this->load->model('sale/order'); + + $order_total = $this->model_sale_order->getTotalOrders(); + + $this->load->model('report/statistics'); + + $complete_total = $this->model_report_statistics->getValue('order_complete'); + + if ((float)$complete_total && $order_total) { + $data['complete_status'] = round(($complete_total / $order_total) * 100); + } else { + $data['complete_status'] = 0; + } + + $processing_total = $this->model_report_statistics->getValue('order_processing'); + + if ((float)$processing_total && $order_total) { + $data['processing_status'] = round(($processing_total / $order_total) * 100); + } else { + $data['processing_status'] = 0; + } + + $other_total = $this->model_report_statistics->getValue('order_other'); + + if ((float)$other_total && $order_total) { + $data['other_status'] = round(($other_total / $order_total) * 100); + } else { + $data['other_status'] = 0; + } + + return $this->load->view('common/column_left', $data); + } + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/dashboard.php b/public/admin/controller/common/dashboard.php new file mode 100644 index 0000000..87de219 --- /dev/null +++ b/public/admin/controller/common/dashboard.php @@ -0,0 +1,98 @@ +<?php +class ControllerCommonDashboard extends Controller { + public function index() { + $this->load->language('common/dashboard'); + + $this->document->setTitle($this->language->get('heading_title')); + + $data['user_token'] = $this->session->data['user_token']; + + $data['breadcrumbs'] = array(); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('text_home'), + 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true) + ); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('heading_title'), + 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true) + ); + + // Check install directory exists + if (is_dir(DIR_APPLICATION . 'install')) { + $data['error_install'] = $this->language->get('error_install'); + } else { + $data['error_install'] = ''; + } + + // Dashboard Extensions + $dashboards = array(); + + $this->load->model('setting/extension'); + + // Get a list of installed modules + $extensions = $this->model_setting_extension->getInstalled('dashboard'); + + // Add all the modules which have multiple settings for each module + foreach ($extensions as $code) { + if ($this->config->get('dashboard_' . $code . '_status') && $this->user->hasPermission('access', 'extension/dashboard/' . $code)) { + $output = $this->load->controller('extension/dashboard/' . $code . '/dashboard'); + + if ($output) { + $dashboards[] = array( + 'code' => $code, + 'width' => $this->config->get('dashboard_' . $code . '_width'), + 'sort_order' => $this->config->get('dashboard_' . $code . '_sort_order'), + 'output' => $output + ); + } + } + } + + $sort_order = array(); + + foreach ($dashboards as $key => $value) { + $sort_order[$key] = $value['sort_order']; + } + + array_multisort($sort_order, SORT_ASC, $dashboards); + + // Split the array so the columns width is not more than 12 on each row. + $width = 0; + $column = array(); + $data['rows'] = array(); + + foreach ($dashboards as $dashboard) { + $column[] = $dashboard; + + $width = ($width + $dashboard['width']); + + if ($width >= 12) { + $data['rows'][] = $column; + + $width = 0; + $column = array(); + } + } + + if (DIR_STORAGE == DIR_SYSTEM . 'storage/') { + $data['security'] = $this->load->controller('common/security'); + } else { + $data['security'] = ''; + } + + $data['header'] = $this->load->controller('common/header'); + $data['column_left'] = $this->load->controller('common/column_left'); + $data['footer'] = $this->load->controller('common/footer'); + + // Run currency update + if ($this->config->get('config_currency_auto')) { + $this->load->model('localisation/currency'); + + $this->model_localisation_currency->refresh(); + } + + $this->response->setOutput($this->load->view('common/dashboard', $data)); + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/developer.php b/public/admin/controller/common/developer.php new file mode 100644 index 0000000..30663dc --- /dev/null +++ b/public/admin/controller/common/developer.php @@ -0,0 +1,113 @@ +<?php +class ControllerCommonDeveloper extends Controller { + public function index() { + $this->load->language('common/developer'); + + $data['user_token'] = $this->session->data['user_token']; + + $data['developer_theme'] = $this->config->get('developer_theme'); + $data['developer_sass'] = $this->config->get('developer_sass'); + + $eval = false; + + $eval = '$eval = true;'; + + eval($eval); + + if ($eval === true) { + $data['eval'] = true; + } else { + $this->load->model('setting/setting'); + + $this->model_setting_setting->editSetting('developer', array('developer_theme' => 1), 0); + + $data['eval'] = false; + } + + $this->response->setOutput($this->load->view('common/developer', $data)); + } + + public function edit() { + $this->load->language('common/developer'); + + $json = array(); + + if (!$this->user->hasPermission('modify', 'common/developer')) { + $json['error'] = $this->language->get('error_permission'); + } else { + $this->load->model('setting/setting'); + + $this->model_setting_setting->editSetting('developer', $this->request->post, 0); + + $json['success'] = $this->language->get('text_success'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function theme() { + $this->load->language('common/developer'); + + $json = array(); + + if (!$this->user->hasPermission('modify', 'common/developer')) { + $json['error'] = $this->language->get('error_permission'); + } else { + $directories = glob(DIR_CACHE . '*', GLOB_ONLYDIR); + + if ($directories) { + foreach ($directories as $directory) { + $files = glob($directory . '/*'); + + foreach ($files as $file) { + if (is_file($file)) { + unlink($file); + } + } + + if (is_dir($directory)) { + rmdir($directory); + } + } + } + + $json['success'] = sprintf($this->language->get('text_cache'), $this->language->get('text_theme')); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function sass() { + $this->load->language('common/developer'); + + $json = array(); + + if (!$this->user->hasPermission('modify', 'common/developer')) { + $json['error'] = $this->language->get('error_permission'); + } else { + // Before we delete we need to make sure there is a sass file to regenerate the css + $file = DIR_APPLICATION . 'view/stylesheet/bootstrap.css'; + + if (is_file($file) && is_file(DIR_APPLICATION . 'view/stylesheet/sass/_bootstrap.scss')) { + unlink($file); + } + + $files = glob(DIR_CATALOG . 'view/theme/*/stylesheet/sass/_bootstrap.scss'); + + foreach ($files as $file) { + $file = substr($file, 0, -21) . '/bootstrap.css'; + + if (is_file($file)) { + unlink($file); + } + } + + $json['success'] = sprintf($this->language->get('text_cache'), $this->language->get('text_sass')); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/filemanager.php b/public/admin/controller/common/filemanager.php new file mode 100644 index 0000000..2b63851 --- /dev/null +++ b/public/admin/controller/common/filemanager.php @@ -0,0 +1,415 @@ +<?php +class ControllerCommonFileManager extends Controller { + public function index() { + $this->load->language('common/filemanager'); + + // Find which protocol to use to pass the full image link back + if ($this->request->server['HTTPS']) { + $server = HTTPS_CATALOG; + } else { + $server = HTTP_CATALOG; + } + + if (isset($this->request->get['filter_name'])) { + $filter_name = rtrim(str_replace(array('*', '/', '\\'), '', $this->request->get['filter_name']), '/'); + } else { + $filter_name = ''; + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . str_replace('*', '', $this->request->get['directory']), '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + if (isset($this->request->get['page'])) { + $page = $this->request->get['page']; + } else { + $page = 1; + } + + $directories = array(); + $files = array(); + + $data['images'] = array(); + + $this->load->model('tool/image'); + + if (substr(str_replace('\\', '/', realpath($directory) . '/' . $filter_name), 0, strlen(DIR_IMAGE . 'catalog')) == str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + // Get directories + $directories = glob($directory . '/' . $filter_name . '*', GLOB_ONLYDIR); + + if (!$directories) { + $directories = array(); + } + + // Get files + $files = glob($directory . '/' . $filter_name . '*.{jpg,jpeg,png,gif,JPG,JPEG,PNG,GIF}', GLOB_BRACE); + + if (!$files) { + $files = array(); + } + } + + // Merge directories and files + $images = array_merge($directories, $files); + + // Get total number of files and directories + $image_total = count($images); + + // Split the array based on current page number and max number of items per page of 10 + $images = array_splice($images, ($page - 1) * 16, 16); + + foreach ($images as $image) { + $name = str_split(basename($image), 14); + + if (is_dir($image)) { + $url = ''; + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['images'][] = array( + 'thumb' => '', + 'name' => implode(' ', $name), + 'type' => 'directory', + 'path' => utf8_substr($image, utf8_strlen(DIR_IMAGE)), + 'href' => $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . '&directory=' . urlencode(utf8_substr($image, utf8_strlen(DIR_IMAGE . 'catalog/'))) . $url, true) + ); + } elseif (is_file($image)) { + $data['images'][] = array( + 'thumb' => $this->model_tool_image->resize(utf8_substr($image, utf8_strlen(DIR_IMAGE)), 100, 100), + 'name' => implode(' ', $name), + 'type' => 'image', + 'path' => utf8_substr($image, utf8_strlen(DIR_IMAGE)), + 'href' => $server . 'image/' . utf8_substr($image, utf8_strlen(DIR_IMAGE)) + ); + } + } + + $data['user_token'] = $this->session->data['user_token']; + + if (isset($this->request->get['directory'])) { + $data['directory'] = urlencode($this->request->get['directory']); + } else { + $data['directory'] = ''; + } + + if (isset($this->request->get['filter_name'])) { + $data['filter_name'] = $this->request->get['filter_name']; + } else { + $data['filter_name'] = ''; + } + + // Return the target ID for the file manager to set the value + if (isset($this->request->get['target'])) { + $data['target'] = $this->request->get['target']; + } else { + $data['target'] = ''; + } + + // Return the thumbnail for the file manager to show a thumbnail + if (isset($this->request->get['thumb'])) { + $data['thumb'] = $this->request->get['thumb']; + } else { + $data['thumb'] = ''; + } + + // Parent + $url = ''; + + if (isset($this->request->get['directory'])) { + $pos = strrpos($this->request->get['directory'], '/'); + + if ($pos) { + $url .= '&directory=' . urlencode(substr($this->request->get['directory'], 0, $pos)); + } + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['parent'] = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url, true); + + // Refresh + $url = ''; + + if (isset($this->request->get['directory'])) { + $url .= '&directory=' . urlencode($this->request->get['directory']); + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['refresh'] = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url, true); + + $url = ''; + + if (isset($this->request->get['directory'])) { + $url .= '&directory=' . urlencode(html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8')); + } + + if (isset($this->request->get['filter_name'])) { + $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8')); + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $pagination = new Pagination(); + $pagination->total = $image_total; + $pagination->page = $page; + $pagination->limit = 16; + $pagination->url = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true); + + $data['pagination'] = $pagination->render(); + + $this->response->setOutput($this->load->view('common/filemanager', $data)); + } + + public function upload() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . $this->request->get['directory'], '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + // Check its a directory + if (!is_dir($directory) || substr(str_replace('\\', '/', realpath($directory)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_directory'); + } + + if (!$json) { + // Check if multiple files are uploaded or just one + $files = array(); + + if (!empty($this->request->files['file']['name']) && is_array($this->request->files['file']['name'])) { + foreach (array_keys($this->request->files['file']['name']) as $key) { + $files[] = array( + 'name' => $this->request->files['file']['name'][$key], + 'type' => $this->request->files['file']['type'][$key], + 'tmp_name' => $this->request->files['file']['tmp_name'][$key], + 'error' => $this->request->files['file']['error'][$key], + 'size' => $this->request->files['file']['size'][$key] + ); + } + } + + foreach ($files as $file) { + if (is_file($file['tmp_name'])) { + // Sanitize the filename + $filename = basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8')); + + // Validate the filename length + if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 255)) { + $json['error'] = $this->language->get('error_filename'); + } + + // Allowed file extension types + $allowed = array( + 'jpg', + 'jpeg', + 'gif', + 'png' + ); + + if (!in_array(utf8_strtolower(utf8_substr(strrchr($filename, '.'), 1)), $allowed)) { + $json['error'] = $this->language->get('error_filetype'); + } + + // Allowed file mime types + $allowed = array( + 'image/jpeg', + 'image/pjpeg', + 'image/png', + 'image/x-png', + 'image/gif' + ); + + if (!in_array($file['type'], $allowed)) { + $json['error'] = $this->language->get('error_filetype'); + } + + // Return any upload error + if ($file['error'] != UPLOAD_ERR_OK) { + $json['error'] = $this->language->get('error_upload_' . $file['error']); + } + } else { + $json['error'] = $this->language->get('error_upload'); + } + + if (!$json) { + move_uploaded_file($file['tmp_name'], $directory . '/' . $filename); + } + } + } + + if (!$json) { + $json['success'] = $this->language->get('text_uploaded'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function folder() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . $this->request->get['directory'], '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + // Check its a directory + if (!is_dir($directory) || substr(str_replace('\\', '/', realpath($directory)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_directory'); + } + + if ($this->request->server['REQUEST_METHOD'] == 'POST') { + // Sanitize the folder name + $folder = basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8')); + + // Validate the filename length + if ((utf8_strlen($folder) < 3) || (utf8_strlen($folder) > 128)) { + $json['error'] = $this->language->get('error_folder'); + } + + // Check if directory already exists or not + if (is_dir($directory . '/' . $folder)) { + $json['error'] = $this->language->get('error_exists'); + } + } + + if (!isset($json['error'])) { + mkdir($directory . '/' . $folder, 0777); + chmod($directory . '/' . $folder, 0777); + + @touch($directory . '/' . $folder . '/' . 'index.html'); + + $json['success'] = $this->language->get('text_directory'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function delete() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + if (isset($this->request->post['path'])) { + $paths = $this->request->post['path']; + } else { + $paths = array(); + } + + // Loop through each path to run validations + foreach ($paths as $path) { + // Check path exsists + if ($path == DIR_IMAGE . 'catalog' || substr(str_replace('\\', '/', realpath(DIR_IMAGE . $path)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_delete'); + + break; + } + } + + if (!$json) { + // Loop through each path + foreach ($paths as $path) { + $path = rtrim(DIR_IMAGE . $path, '/'); + + // If path is just a file delete it + if (is_file($path)) { + unlink($path); + + // If path is a directory beging deleting each file and sub folder + } elseif (is_dir($path)) { + $files = array(); + + // Make path into an array + $path = array($path); + + // While the path array is still populated keep looping through + while (count($path) != 0) { + $next = array_shift($path); + + foreach (glob($next) as $file) { + // If directory add to path array + if (is_dir($file)) { + $path[] = $file . '/*'; + } + + // Add the file to the files to be deleted array + $files[] = $file; + } + } + + // Reverse sort the file array + rsort($files); + + foreach ($files as $file) { + // If file just delete + if (is_file($file)) { + unlink($file); + + // If directory use the remove directory function + } elseif (is_dir($file)) { + rmdir($file); + } + } + } + } + + $json['success'] = $this->language->get('text_delete'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/footer.php b/public/admin/controller/common/footer.php new file mode 100644 index 0000000..ae6a2ab --- /dev/null +++ b/public/admin/controller/common/footer.php @@ -0,0 +1,14 @@ +<?php +class ControllerCommonFooter extends Controller { + public function index() { + $this->load->language('common/footer'); + + if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { + $data['text_version'] = sprintf($this->language->get('text_version'), VERSION); + } else { + $data['text_version'] = ''; + } + + return $this->load->view('common/footer', $data); + } +} diff --git a/public/admin/controller/common/forgotten.php b/public/admin/controller/common/forgotten.php new file mode 100644 index 0000000..7f147ce --- /dev/null +++ b/public/admin/controller/common/forgotten.php @@ -0,0 +1,71 @@ +<?php +class ControllerCommonForgotten extends Controller { + private $error = array(); + + public function index() { + if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { + $this->response->redirect($this->url->link('common/dashboard', '', true)); + } + + if (!$this->config->get('config_password')) { + $this->response->redirect($this->url->link('common/login', '', true)); + } + + $this->load->language('common/forgotten'); + + $this->document->setTitle($this->language->get('heading_title')); + + $this->load->model('user/user'); + + if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) { + $this->model_user_user->editCode($this->request->post['email'], token(40)); + + $this->session->data['success'] = $this->language->get('text_success'); + + $this->response->redirect($this->url->link('common/login', '', true)); + } + + if (isset($this->error['warning'])) { + $data['error_warning'] = $this->error['warning']; + } else { + $data['error_warning'] = ''; + } + + $data['breadcrumbs'] = array(); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('text_home'), + 'href' => $this->url->link('common/dashboard', '', true) + ); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('heading_title'), + 'href' => $this->url->link('common/forgotten', 'user_token=' . '', true) + ); + + $data['action'] = $this->url->link('common/forgotten', '', true); + + $data['cancel'] = $this->url->link('common/login', '', true); + + if (isset($this->request->post['email'])) { + $data['email'] = $this->request->post['email']; + } else { + $data['email'] = ''; + } + + $data['header'] = $this->load->controller('common/header'); + $data['footer'] = $this->load->controller('common/footer'); + + $this->response->setOutput($this->load->view('common/forgotten', $data)); + } + + protected function validate() { + if (!isset($this->request->post['email'])) { + $this->error['warning'] = $this->language->get('error_email'); + } elseif (!$this->model_user_user->getTotalUsersByEmail($this->request->post['email'])) { + $this->error['warning'] = $this->language->get('error_email'); + } + + return !$this->error; + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/header.php b/public/admin/controller/common/header.php new file mode 100644 index 0000000..a0eb58a --- /dev/null +++ b/public/admin/controller/common/header.php @@ -0,0 +1,81 @@ +<?php +class ControllerCommonHeader extends Controller { + public function index() { + $data['title'] = $this->document->getTitle(); + + if ($this->request->server['HTTPS']) { + $data['base'] = HTTPS_SERVER; + } else { + $data['base'] = HTTP_SERVER; + } + + $data['description'] = $this->document->getDescription(); + $data['keywords'] = $this->document->getKeywords(); + $data['links'] = $this->document->getLinks(); + $data['styles'] = $this->document->getStyles(); + $data['scripts'] = $this->document->getScripts(); + $data['lang'] = $this->language->get('code'); + $data['direction'] = $this->language->get('direction'); + + $this->load->language('common/header'); + + $data['text_logged'] = sprintf($this->language->get('text_logged'), $this->user->getUserName()); + + if (!isset($this->request->get['user_token']) || !isset($this->session->data['user_token']) || ($this->request->get['user_token'] != $this->session->data['user_token'])) { + $data['logged'] = ''; + + $data['home'] = $this->url->link('common/dashboard', '', true); + } else { + $data['logged'] = true; + + $data['home'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); + $data['logout'] = $this->url->link('common/logout', 'user_token=' . $this->session->data['user_token'], true); + $data['profile'] = $this->url->link('common/profile', 'user_token=' . $this->session->data['user_token'], true); + + $this->load->model('user/user'); + + $this->load->model('tool/image'); + + $user_info = $this->model_user_user->getUser($this->user->getId()); + + if ($user_info) { + $data['firstname'] = $user_info['firstname']; + $data['lastname'] = $user_info['lastname']; + $data['username'] = $user_info['username']; + $data['user_group'] = $user_info['user_group']; + + if (is_file(DIR_IMAGE . $user_info['image'])) { + $data['image'] = $this->model_tool_image->resize($user_info['image'], 45, 45); + } else { + $data['image'] = $this->model_tool_image->resize('profile.png', 45, 45); + } + } else { + $data['firstname'] = ''; + $data['lastname'] = ''; + $data['user_group'] = ''; + $data['image'] = ''; + } + + // Online Stores + $data['stores'] = array(); + + $data['stores'][] = array( + 'name' => $this->config->get('config_name'), + 'href' => HTTP_CATALOG + ); + + $this->load->model('setting/store'); + + $results = $this->model_setting_store->getStores(); + + foreach ($results as $result) { + $data['stores'][] = array( + 'name' => $result['name'], + 'href' => $result['url'] + ); + } + } + + return $this->load->view('common/header', $data); + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/login.php b/public/admin/controller/common/login.php new file mode 100644 index 0000000..0b84158 --- /dev/null +++ b/public/admin/controller/common/login.php @@ -0,0 +1,92 @@ +<?php +class ControllerCommonLogin extends Controller { + private $error = array(); + + public function index() { + $this->load->language('common/login'); + + $this->document->setTitle($this->language->get('heading_title')); + + if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { + $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)); + } + + if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) { + $this->session->data['user_token'] = token(32); + + if (isset($this->request->post['redirect']) && (strpos($this->request->post['redirect'], HTTP_SERVER) === 0 || strpos($this->request->post['redirect'], HTTPS_SERVER) === 0)) { + $this->response->redirect($this->request->post['redirect'] . '&user_token=' . $this->session->data['user_token']); + } else { + $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)); + } + } + + if ((isset($this->session->data['user_token']) && !isset($this->request->get['user_token'])) || ((isset($this->request->get['user_token']) && (isset($this->session->data['user_token']) && ($this->request->get['user_token'] != $this->session->data['user_token']))))) { + $this->error['warning'] = $this->language->get('error_token'); + } + + if (isset($this->error['warning'])) { + $data['error_warning'] = $this->error['warning']; + } else { + $data['error_warning'] = ''; + } + + if (isset($this->session->data['success'])) { + $data['success'] = $this->session->data['success']; + + unset($this->session->data['success']); + } else { + $data['success'] = ''; + } + + $data['action'] = $this->url->link('common/login', '', true); + + if (isset($this->request->post['username'])) { + $data['username'] = $this->request->post['username']; + } else { + $data['username'] = ''; + } + + if (isset($this->request->post['password'])) { + $data['password'] = $this->request->post['password']; + } else { + $data['password'] = ''; + } + + if (isset($this->request->get['route'])) { + $route = $this->request->get['route']; + + unset($this->request->get['route']); + unset($this->request->get['user_token']); + + $url = ''; + + if ($this->request->get) { + $url .= http_build_query($this->request->get); + } + + $data['redirect'] = $this->url->link($route, $url, true); + } else { + $data['redirect'] = ''; + } + + if ($this->config->get('config_password')) { + $data['forgotten'] = $this->url->link('common/forgotten', '', true); + } else { + $data['forgotten'] = ''; + } + + $data['header'] = $this->load->controller('common/header'); + $data['footer'] = $this->load->controller('common/footer'); + + $this->response->setOutput($this->load->view('common/login', $data)); + } + + protected function validate() { + if (!isset($this->request->post['username']) || !isset($this->request->post['password']) || !$this->user->login($this->request->post['username'], html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8'))) { + $this->error['warning'] = $this->language->get('error_login'); + } + + return !$this->error; + } +} diff --git a/public/admin/controller/common/logout.php b/public/admin/controller/common/logout.php new file mode 100644 index 0000000..d12ddf1 --- /dev/null +++ b/public/admin/controller/common/logout.php @@ -0,0 +1,10 @@ +<?php +class ControllerCommonLogout extends Controller { + public function index() { + $this->user->logout(); + + unset($this->session->data['user_token']); + + $this->response->redirect($this->url->link('common/login', '', true)); + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/profile.php b/public/admin/controller/common/profile.php new file mode 100644 index 0000000..45c63c1 --- /dev/null +++ b/public/admin/controller/common/profile.php @@ -0,0 +1,211 @@ +<?php +class ControllerCommonProfile extends Controller { + private $error = array(); + + public function index() { + $this->load->language('common/profile'); + + $this->document->setTitle($this->language->get('heading_title')); + + $this->load->model('user/user'); + + if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) { + $user_data = array_merge($this->request->post, array( + 'user_group_id' => $this->user->getGroupId(), + 'status' => 1, + )); + + $this->model_user_user->editUser($this->user->getId(), $user_data); + + $this->session->data['success'] = $this->language->get('text_success'); + + $this->response->redirect($this->url->link('common/profile', 'user_token=' . $this->session->data['user_token'], true)); + } + + if (isset($this->session->data['success'])) { + $data['success'] = $this->session->data['success']; + + unset($this->session->data['success']); + } else { + $data['success'] = ''; + } + + if (isset($this->error['warning'])) { + $data['error_warning'] = $this->error['warning']; + } else { + $data['error_warning'] = ''; + } + + if (isset($this->error['username'])) { + $data['error_username'] = $this->error['username']; + } else { + $data['error_username'] = ''; + } + + if (isset($this->error['password'])) { + $data['error_password'] = $this->error['password']; + } else { + $data['error_password'] = ''; + } + + if (isset($this->error['confirm'])) { + $data['error_confirm'] = $this->error['confirm']; + } else { + $data['error_confirm'] = ''; + } + + if (isset($this->error['firstname'])) { + $data['error_firstname'] = $this->error['firstname']; + } else { + $data['error_firstname'] = ''; + } + + if (isset($this->error['lastname'])) { + $data['error_lastname'] = $this->error['lastname']; + } else { + $data['error_lastname'] = ''; + } + + if (isset($this->error['email'])) { + $data['error_email'] = $this->error['email']; + } else { + $data['error_email'] = ''; + } + + $data['breadcrumbs'] = array(); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('text_home'), + 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true) + ); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('heading_title'), + 'href' => $this->url->link('common/profile', 'user_token=' . $this->session->data['user_token'], true) + ); + + $data['action'] = $this->url->link('common/profile', 'user_token=' . $this->session->data['user_token'], true); + + $data['cancel'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); + + if ($this->request->server['REQUEST_METHOD'] != 'POST') { + $user_info = $this->model_user_user->getUser($this->user->getId()); + } + + if (isset($this->request->post['username'])) { + $data['username'] = $this->request->post['username']; + } elseif (!empty($user_info)) { + $data['username'] = $user_info['username']; + } else { + $data['username'] = ''; + } + + if (isset($this->request->post['password'])) { + $data['password'] = $this->request->post['password']; + } else { + $data['password'] = ''; + } + + if (isset($this->request->post['confirm'])) { + $data['confirm'] = $this->request->post['confirm']; + } else { + $data['confirm'] = ''; + } + + if (isset($this->request->post['firstname'])) { + $data['firstname'] = $this->request->post['firstname']; + } elseif (!empty($user_info)) { + $data['firstname'] = $user_info['firstname']; + } else { + $data['firstname'] = ''; + } + + if (isset($this->request->post['lastname'])) { + $data['lastname'] = $this->request->post['lastname']; + } elseif (!empty($user_info)) { + $data['lastname'] = $user_info['lastname']; + } else { + $data['lastname'] = ''; + } + + if (isset($this->request->post['email'])) { + $data['email'] = $this->request->post['email']; + } elseif (!empty($user_info)) { + $data['email'] = $user_info['email']; + } else { + $data['email'] = ''; + } + + if (isset($this->request->post['image'])) { + $data['image'] = $this->request->post['image']; + } elseif (!empty($user_info)) { + $data['image'] = $user_info['image']; + } else { + $data['image'] = ''; + } + + $this->load->model('tool/image'); + + if (isset($this->request->post['image']) && is_file(DIR_IMAGE . $this->request->post['image'])) { + $data['thumb'] = $this->model_tool_image->resize($this->request->post['image'], 100, 100); + } elseif (!empty($user_info) && $user_info['image'] && is_file(DIR_IMAGE . $user_info['image'])) { + $data['thumb'] = $this->model_tool_image->resize($user_info['image'], 100, 100); + } else { + $data['thumb'] = $this->model_tool_image->resize('no_image.png', 100, 100); + } + + $data['placeholder'] = $this->model_tool_image->resize('no_image.png', 100, 100); + + $data['header'] = $this->load->controller('common/header'); + $data['column_left'] = $this->load->controller('common/column_left'); + $data['footer'] = $this->load->controller('common/footer'); + + $this->response->setOutput($this->load->view('common/profile', $data)); + } + + protected function validateForm() { + if (!$this->user->hasPermission('modify', 'common/profile')) { + $this->error['warning'] = $this->language->get('error_permission'); + } + + if ((utf8_strlen($this->request->post['username']) < 3) || (utf8_strlen($this->request->post['username']) > 20)) { + $this->error['username'] = $this->language->get('error_username'); + } + + $user_info = $this->model_user_user->getUserByUsername($this->request->post['username']); + + if ($user_info && ($this->user->getId() != $user_info['user_id'])) { + $this->error['warning'] = $this->language->get('error_exists_username'); + } + + if ((utf8_strlen(trim($this->request->post['firstname'])) < 1) || (utf8_strlen(trim($this->request->post['firstname'])) > 32)) { + $this->error['firstname'] = $this->language->get('error_firstname'); + } + + if ((utf8_strlen(trim($this->request->post['lastname'])) < 1) || (utf8_strlen(trim($this->request->post['lastname'])) > 32)) { + $this->error['lastname'] = $this->language->get('error_lastname'); + } + + if ((utf8_strlen($this->request->post['email']) > 96) || !filter_var($this->request->post['email'], FILTER_VALIDATE_EMAIL)) { + $this->error['email'] = $this->language->get('error_email'); + } + + $user_info = $this->model_user_user->getUserByEmail($this->request->post['email']); + + if ($user_info && ($this->user->getId() != $user_info['user_id'])) { + $this->error['warning'] = $this->language->get('error_exists_email'); + } + + if ($this->request->post['password']) { + if ((utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) < 4) || (utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) > 40)) { + $this->error['password'] = $this->language->get('error_password'); + } + + if ($this->request->post['password'] != $this->request->post['confirm']) { + $this->error['confirm'] = $this->language->get('error_confirm'); + } + } + + return !$this->error; + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/reset.php b/public/admin/controller/common/reset.php new file mode 100644 index 0000000..e8248b4 --- /dev/null +++ b/public/admin/controller/common/reset.php @@ -0,0 +1,101 @@ +<?php +class ControllerCommonReset extends Controller { + private $error = array(); + + public function index() { + if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { + $this->response->redirect($this->url->link('common/dashboard', '', true)); + } + + if (!$this->config->get('config_password')) { + $this->response->redirect($this->url->link('common/login', '', true)); + } + + if (isset($this->request->get['code'])) { + $code = $this->request->get['code']; + } else { + $code = ''; + } + + $this->load->model('user/user'); + + $user_info = $this->model_user_user->getUserByCode($code); + + if ($user_info) { + $this->load->language('common/reset'); + + $this->document->setTitle($this->language->get('heading_title')); + + if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) { + $this->model_user_user->editPassword($user_info['user_id'], $this->request->post['password']); + + $this->session->data['success'] = $this->language->get('text_success'); + + $this->response->redirect($this->url->link('common/login', '', true)); + } + + $data['breadcrumbs'] = array(); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('text_home'), + 'href' => $this->url->link('common/dashboard', '', true) + ); + + $data['breadcrumbs'][] = array( + 'text' => $this->language->get('heading_title'), + 'href' => $this->url->link('common/reset', '', true) + ); + + if (isset($this->error['password'])) { + $data['error_password'] = $this->error['password']; + } else { + $data['error_password'] = ''; + } + + if (isset($this->error['confirm'])) { + $data['error_confirm'] = $this->error['confirm']; + } else { + $data['error_confirm'] = ''; + } + + $data['action'] = $this->url->link('common/reset', 'code=' . $code, true); + + $data['cancel'] = $this->url->link('common/login', '', true); + + if (isset($this->request->post['password'])) { + $data['password'] = $this->request->post['password']; + } else { + $data['password'] = ''; + } + + if (isset($this->request->post['confirm'])) { + $data['confirm'] = $this->request->post['confirm']; + } else { + $data['confirm'] = ''; + } + + $data['header'] = $this->load->controller('common/header'); + $data['footer'] = $this->load->controller('common/footer'); + + $this->response->setOutput($this->load->view('common/reset', $data)); + } else { + $this->load->model('setting/setting'); + + $this->model_setting_setting->editSettingValue('config', 'config_password', '0'); + + return new Action('common/login'); + } + } + + protected function validate() { + if ((utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) < 4) || (utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) > 40)) { + $this->error['password'] = $this->language->get('error_password'); + } + + if ($this->request->post['confirm'] != $this->request->post['password']) { + $this->error['confirm'] = $this->language->get('error_confirm'); + } + + return !$this->error; + } +}
\ No newline at end of file diff --git a/public/admin/controller/common/security.php b/public/admin/controller/common/security.php new file mode 100644 index 0000000..07cfb9f --- /dev/null +++ b/public/admin/controller/common/security.php @@ -0,0 +1,143 @@ +<?php +class ControllerCommonSecurity extends Controller { + public function index() { + $this->load->language('common/security'); + + $data['text_instruction'] = $this->language->get('text_instruction'); + + $data['user_token'] = $this->session->data['user_token']; + + $data['storage'] = DIR_SYSTEM . 'storage/'; + + $path = ''; + + $data['paths'] = array(); + + $parts = explode('/', str_replace('\\', '/', rtrim(DIR_SYSTEM, '/'))); + + foreach ($parts as $part) { + $path .= $part . '/'; + + $data['paths'][] = $path; + } + + rsort($data['paths']); + + $data['document_root'] = str_replace('\\', '/', realpath($this->request->server['DOCUMENT_ROOT'] . '/../') . '/'); + + return $this->load->view('common/security', $data); + } + + public function move() { + $this->load->language('common/security'); + + $json = array(); + + if ($this->request->post['path']) { + $path = $this->request->post['path']; + } else { + $path = ''; + } + + if ($this->request->post['directory']) { + $directory = $this->request->post['directory']; + } else { + $directory = ''; + } + + if (!$this->user->hasPermission('modify', 'common/developer')) { + $json['error'] = $this->language->get('error_permission'); + } else { + if (DIR_STORAGE != DIR_SYSTEM . 'storage/') { + $data['error'] = $this->language->get('error_path'); + } + + if (!$path || str_replace('\\', '/', realpath($path)) . '/' != str_replace('\\', '/', substr(DIR_SYSTEM, 0, strlen($path)))) { + $json['error'] = $this->language->get('error_path'); + } + + if (!$directory || !preg_match('/^[a-zA-Z0-9_-]+$/', $directory)) { + $json['error'] = $this->language->get('error_directory'); + } + + if (is_dir($path . $directory)) { + $json['error'] = $this->language->get('error_exists'); + } + + if (!is_writable(realpath(DIR_APPLICATION . '/../') . '/config.php') || !is_writable(DIR_APPLICATION . 'config.php')) { + $json['error'] = $this->language->get('error_writable'); + } + + if (!$json) { + $files = array(); + + // Make path into an array + $source = array(DIR_SYSTEM . 'storage/'); + + // While the path array is still populated keep looping through + while (count($source) != 0) { + $next = array_shift($source); + + foreach (glob($next) as $file) { + // If directory add to path array + if (is_dir($file)) { + $source[] = $file . '/*'; + } + + // Add the file to the files to be deleted array + $files[] = $file; + } + } + + // Create the new storage folder + if (!is_dir($path . $directory)) { + mkdir($path . $directory, 0777); + } + + // Copy the + foreach ($files as $file) { + $destination = $path . $directory . substr($file, strlen(DIR_SYSTEM . 'storage/')); + + if (is_dir($file) && !is_dir($destination)) { + mkdir($destination, 0777); + } + + if (is_file($file)) { + copy($file, $destination); + } + } + + // Modify the config files + $files = array( + DIR_APPLICATION . 'config.php', + realpath(DIR_APPLICATION . '/../') . '/config.php' + ); + + foreach ($files as $file) { + $output = ''; + + $lines = file($file); + + foreach ($lines as $line_id => $line) { + if (strpos($line, 'define(\'DIR_STORAGE') !== false) { + $output .= 'define(\'DIR_STORAGE\', \'' . $path . $directory . '/\');' . "\n"; + } else { + $output .= $line; + } + } + + $file = fopen($file, 'w'); + + fwrite($file, $output); + + fclose($file); + } + + $json['success'] = $this->language->get('text_success'); + } + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } +} |