104 lines
3.7 KiB
PHP
104 lines
3.7 KiB
PHP
<?php
|
|
/**
|
|
* Project: astat - simple site engine
|
|
* File: /inc/admin.class.php
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*
|
|
* @link http://www.astat.org SVN: $URL: http://svn.astat.org/astat/trunk/inc/admin.class.php $
|
|
* @copyright 2009 becast.at
|
|
* @author Bernhard Jaud <bernhard at becast dot at>
|
|
* @package astat core
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
|
* @version $Id: admin.class.php 57 2009-07-10 19:34:56Z genuineparts $
|
|
*/
|
|
|
|
$module["admin"]["name"]="Admin Class";
|
|
$module["admin"]["ver"]="0.2.4";
|
|
class admin {
|
|
|
|
var $module_=array();
|
|
|
|
function create_admin_nav(){
|
|
global $config, $db, $panel, $core, $session;
|
|
$root = $_SERVER['DOCUMENT_ROOT'] . $config["path"];
|
|
include_once dirname(dirname(__FILE__)).'/class_templates/admin_module.template.php';
|
|
foreach($core->mod_ as $key=>$val){
|
|
if(file_exists($root."/modules/".$val["file"]."/" . $val["file"] . ".module.php")){
|
|
include_once $root.'/modules/'.$val["file"].'/' . $val["file"]. '.module.php';
|
|
$class="module_".$val["file"];
|
|
if(class_exists($class)){
|
|
$this->module_[$val["file"]] = new $class();
|
|
if(is_array($this->module_[$val["file"]]->admin_panels())){
|
|
if($session->userdata[$val["file"].'_admin']==1){
|
|
$panel->menu_item("group_only",$val["name"]);
|
|
foreach($this->module_[$val["file"]]->admin_panels() as $key => $val){
|
|
if(isset($val[2])){
|
|
$panel->menu_item($val[0],$val[1],$val[2]);
|
|
}else{
|
|
$panel->menu_item($val[0],$val[1]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
function get_panel($task){
|
|
global $config, $panel, $userinfo, $tpl, $error, $session, $meta, $mod;
|
|
$root = $_SERVER['DOCUMENT_ROOT'] . $config["path"];
|
|
if (strpos($task, '://') !== FALSE || strpos($task, '../') !== FALSE){
|
|
$panel->content="Unser System hat festgestellt das ein XSS Versuch erfolgt ist.<br />Wir haben alle Daten geloggt und eine E-Mail an den Administrator wurde versandt.<br />Im übrigen kannst du deine Versuche aufgeben XSS und SQL-Injections werden IMMER abgefangen.";
|
|
$panel->title="Fehler.";
|
|
$panel->parse_page();
|
|
return;
|
|
}else{
|
|
$module=explode("_",$task,2);
|
|
if(isset($module[1]) && $module[1]!=""){
|
|
$right=$module[1];
|
|
$include=$root."/modules/".$module[1]."/admin/" . $module[0] . ".apnl.php";
|
|
}else{
|
|
$right=$task;
|
|
$include=$root."/admin/".$task . ".apnl.php";
|
|
}
|
|
if($session->userdata[$right.'_admin']==1){
|
|
if(file_exists($include)){
|
|
include $include;
|
|
include_once dirname(dirname(__FILE__)).'/class_templates/admin_module.template.php';
|
|
$class=$task."_panel";
|
|
if(class_exists($class)){
|
|
$content = new $class();
|
|
$content->output();
|
|
$panel->meta.= $content->meta();
|
|
$panel->parse_page();
|
|
}
|
|
}else{
|
|
$panel->content="Das Panel konnte nicht gefunden werden.";
|
|
$panel->title="Fehler.";
|
|
$panel->parse_page();
|
|
}
|
|
}else{
|
|
$panel->content="You have not the necessary rights to view this page.";
|
|
$panel->title="Error.";
|
|
$panel->parse_page();
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
?>
|