. */ define('PATH', BASE_PATH . '/pages/'); // Because parse_ini_file sucks function parse_ini_file_quotes_safe($file) { if (!file_exists($file)) return array(); $file = file($file); $section = false; $out = array(); $values = array(); foreach ($file as $line) { $line = trim($line); $match = false; if (preg_match('/^\[([^\]]+)\]$/', $line, $match)) { if(!empty($section)) { $out[$section] = $values; $values = array(); } $section = $match[1]; continue; } if (preg_match('/^([0-9a-zA-Z_-]+)\s*=\s*(["]?.*["]?)$/', $line, $match)) { $match[2] = preg_replace('/^"(.*)"$/', '\1', $match[2]); if ($section) $values[$match[1]] = str_replace('\n', "\n", $match[2]); else $out[$match[1]] = str_replace('\n', "\n", $match[2]); continue; } } if(!empty($section)) $out[$section] = $values; return $out; } // Because there is no write ini file in php function write_ini_file($file, $contents) { $out = ''; $sections = ''; foreach ($contents as $key => $item) { if (is_array($item)) { $sections.= '['.$key."]\n"; foreach ($item as $s_key => $s_item) { if (is_numeric($s_item) || is_bool($s_item)) $sections.= $s_key.' = '.$s_item."\n"; else { $s_item = str_replace("\r", '', $s_item); $sections.= $s_key.' = "'.str_replace("\n", '\\n', $s_item)."\"\n"; } } $sections.= "\n"; } else { if (is_numeric($item) || is_bool($item)) $out.= $key.' = '.$item."\n"; else { $item = str_replace("\r", '', $item); $out.= $key.' = "'.str_replace("\n", '\\n', $item)."\"\n"; } //$out.= "\n"; } } $out.= $sections; $fp = fopen($file, 'w'); if(!$fp) return false; fputs($fp, $out); fclose($fp); return true; } class NanoKubbe { private $version = '0.3.0'; private $sessions_started = false; private $currentPage = array(); public $webPath = false; public $allowed_html = array( // Inline 'strong'=> array('class'), 'em' => array('class'), 'sup' => array('class'), 'sub' => array('class'), 'span' => array('class'), 'abbr' => array('class', 'title'), 'acronym' => array('class', 'title'), 'a' => array('class', 'href', 'title'), 'code' => array('class'), 'cite' => array('class'), 'del' => array('class'), 'ins' => array('class'), 'kbd' => array('class'), 'samp' => array('class'), 'br' => array(), // Block 'div' => array('class', 'id'), 'p' => array('class'), 'blockquote' => array('class'), 'ul' => array('class'), 'li' => array('class'), 'ol' => array('class'), 'h1' => array('class', 'id'), 'h2' => array('class', 'id'), 'h3' => array('class', 'id'), 'h4' => array('class'), 'h5' => array('class'), 'h6' => array('class'), 'pre' => array('class'), 'dl' => array('class'), 'dt' => array('class'), 'dd' => array('class'), 'hr' => array('class'), // Table elements 'table' => array('class'), 'caption' => array('class'), 'thead' => array('class'), 'tbody' => array('class'), 'tfoot' => array('class'), 'tr' => array('class'), 'td' => array('class', 'rowspan', 'colspan'), 'th' => array('class', 'rowspan', 'colspan'), // Media elements 'img' => array('class', 'src', 'alt', 'width', 'height', 'title'), 'object'=> array('class', 'width', 'height', 'title', 'type', 'data'), 'param' => array('name', 'value'), 'embed' => array('src', 'type', 'width', 'height'), ); public function __construct() { $this->setWebPath(false); } public function setWebPath($admin=false) { $web_path = dirname($_SERVER['SCRIPT_NAME']); if ($admin) $web_path = dirname($web_path); $web_path = preg_replace('/\/+$/', '', trim($web_path)); $web_path .= '/'; $this->webPath = $web_path; $this->webDocumentsPath = $web_path . 'datas/documents/'; } private function _startSession() { if(!$this->sessions_started) { @session_start(); $this->sessions_started = true; } } public function login($login, $password) { if($login != USER_LOGIN) return false; if($password != USER_PASSWORD) return false; $this->_startSession(); $_SESSION['is_logged'] = true; return true; } public function is_logged() { $this->_startSession(); if(!empty($_SESSION['is_logged'])) return true; return false; } public function logout() { $this->_startSession(); $_SESSION = array(); session_write_close(); return true; } public function checkPageName($page) { // Les répertoires internes ne sont pas des pages valides dans tous les cas if (preg_match('/^(datas|cache|admin|include)\//', $page)) return false; if (!preg_match('/^(([a-z0-9A-Z_-]+[\/]?)+)$/', $page)) return false; return true; } public function getValidPageName($page) { if (!$this->checkPageName($page)) return false; $page = preg_replace('!/$!', '', $page); return $page; } public function pageExists($page) { return @file_exists(DATA_PATH . '/pages/' . $page . '.html'); } public function pageHaveMetas($page) { return @file_exists(DATA_PATH . '/pages/' . $page . '.ini'); } public function getPage($page) { if (!$this->checkPageName($page)) return false; $content = file_get_contents(DATA_PATH . '/pages/' . $page . '.html'); return $content; } public function getPageModifiedTimestamp($page) { return @filemtime(DATA_PATH . '/pages/' . $page . '.html'); } public function savePage($page, $content, $metas=array()) { if (!$this->checkPageName($page)) return false; $dir = dirname($page); if ($dir != '.') { if (!file_exists(DATA_PATH . '/pages/' . $dir) || !is_dir(DATA_PATH . '/pages/' . $dir)) { while ($dir != '.') { if (file_exists(DATA_PATH . '/pages/' . $dir) && !is_dir(DATA_PATH . '/pages/' . $dir)) { die(DATA_PATH . '/pages/' . $dir . " est un fichier mais on attends un répertoire ?!"); } if (!file_exists(DATA_PATH . '/pages/' . $dir)) { mkdir(DATA_PATH . '/pages/' . $dir); } $dir = dirname($dir); } } } if (!@file_put_contents(DATA_PATH . '/pages/' . $page . '.html', $content)) die('Unable to write to '.PATH.$page.'.html please check permissions !'); if (!empty($metas)) { $metas['no_cache'] = false; foreach ($this->listAvailableMetas() as $name=>$meta) { if ((strpos($meta['title'], '(NO_CACHE)') !== false) && !empty($metas[$name])) { $metas['no_cache'] = true; break; } } write_ini_file(DATA_PATH . '/pages/' . $page . '.ini', $metas); } return true; } public function deletePage($page) { if (!$this->checkPageName($page)) return false; if (file_exists(DATA_PATH . '/pages/' . $page . '.html')) { @unlink(DATA_PATH . '/pages/' . $page . '.html'); if (file_exists(DATA_PATH . '/pages/' . $page . '.ini')) @unlink(DATA_PATH . '/pages/' . $page . '.ini'); } return true; } public function renamePage($page, $new_name) { $new_name = $this->getValidPageName($new_name); $page = $this->getValidPageName($page); if (!$page || !$new_name) return false; if (file_exists(DATA_PATH . '/pages/' . $new_name . '.html')) return false; if (copy( DATA_PATH . '/pages/' . $page . '.html', DATA_PATH . '/pages/' . $new_name . '.html')) { @unlink(DATA_PATH . '/pages/' . $page . '.html'); } if (file_exists(DATA_PATH . '/pages/' . $page . '.ini')) { if (copy( DATA_PATH . '/pages/' . $page . '.ini', DATA_PATH . '/pages/' . $new_name . '.ini')) { @unlink(DATA_PATH . '/pages/' . $page . '.ini'); } } return $new_name; } public function deletePageDir($dir) { $dir = $this->getValidPageName($dir); if (!$dir) return false; $handle = dir(DATA_PATH . '/pages/' . $dir); while ($file = $handle->read()) { if ($file{0} != '.') return false; } $handle->close(); return @rmdir(DATA_PATH . '/pages/' . $dir); } public function getPageURI($page) { $uri = $this->webPath . $page; $uri = str_replace('//', '/', $uri); return $uri; } public function getPagesList($base) { if (file_exists(DATA_PATH . '/pages/' . $base)) { $base = '/' . $base . '/'; } else { $base = dirname($base); if ($base == '.') $base = ''; else $base = $base . '/'; } $dir = dir(DATA_PATH . '/pages/' . $base); $dirs = array(); $pages = array(); while ($file = $dir->read()) { if ($file{0} == '.') continue; if (strpos($file, '.html')) { $name = substr($file, 0, -5); if (file_exists(DATA_PATH . '/pages/' . $base . $name)) $dirs[] = array('name' => $name, 'path' => $base . $name, 'is_dir' => true); else $pages[] = array('name' => $name, 'path' => $base . $name, 'is_dir' => false); } } $dir->close(); sort($dirs); sort($pages); return array_merge($dirs, $pages); } public function getPageMetas($page) { return parse_ini_file_quotes_safe(DATA_PATH . '/pages/' . $page . '.ini'); } public function listAvailableMetas() { return parse_ini_file_quotes_safe(DATA_PATH . '/plugins/metas.ini'); } public function saveAvailableMetas($metas) { write_ini_file(DATA_PATH . '/plugins/metas.ini', $metas); } function admListPages($base) { $base = dirname($base); if ($base == '.') $base = ''; else $base = $base . '/'; if (!file_exists(DATA_PATH . '/pages/' . $base)) return false; $dir = dir(DATA_PATH . '/pages/' . $base); $pages = array(); $dirs = array(); while ($file = $dir->read()) { if ($file{0} == '.') continue; if (is_dir(DATA_PATH . '/pages/' . $base . $file)) { $dirs[] = array('name' => $file, 'path' => $base . $file, 'is_dir' => true); } elseif (strpos($file, '.ini')) { $name = substr($file, 0, -4); $pages[$name]['metas'] = true; } else { $name = substr($file, 0, -5); $pages[$name] = array('metas' => false, 'name' => $name, 'path' => $base . $name, 'is_dir' => false, 'lastEdit' => @filemtime(DATA_PATH . '/pages/' . $base . $file)); } } $dir->close(); sort($dirs); sort($pages); return array_merge($dirs, $pages); } public function getMimeType($ext) { switch ($ext) { case 'css': return 'text/css'; case 'csv': return 'text/comma-separated-values'; case 'html': case 'htm': case 'xhtml': case 'tpl': return 'text/html'; case 'jpeg': case 'jpe': case 'jpg': return 'image/jpeg'; case 'gif': return 'image/gif'; case 'png': return 'image/png'; case 'mng': return 'image/mng'; case 'svg': return 'image/svg+xml'; case 'php': case 'php3': case 'phtml': return 'text/plain'; case 'mp3': return 'audio/mp3'; case 'ogg': return 'audio/x-ogg'; case 'ogm': return 'application/x-ogg'; case 'avi': return 'video/avi'; case 'pdf': return 'application/pdg'; case 'txt': return 'text/plain'; case 'js': return 'text/javascript'; default: return 'unknown'; } } public function admListDocuments($base) { if (!$this->isValidDocumentPath($base)) return false; $base = dirname($base); if ($base == '.') $base = ''; else $base = $base . '/'; if (!file_exists(DATA_PATH . '/documents/' . $base)) return false; $dir = dir(DATA_PATH . '/documents/' . $base); $files = array(); $dirs = array(); while ($file = $dir->read()) { if ($file{0} == '.') continue; if (is_dir(DATA_PATH . '/documents/' . $base . $file)) { $dirs[] = array('name' => $file, 'path' => $base . $file, 'is_dir' => true); } else { $ext = strtolower(preg_replace('/^.*\.([a-z0-9]+)$/i', '\\1', $file)); $files[] = array('name' => $file, 'path' => $base . $file, 'type' => $this->getMimeType($ext), 'size' => @filesize(DATA_PATH . '/documents/' . $base . $file), 'is_dir' => false, 'lastEdit' => @filemtime(DATA_PATH . '/documents/' . $base . $file)); } } $dir->close(); sort($files); sort($dirs); return array_merge($dirs, $files); } public function isValidDocumentPath($path) { if (!preg_match('/^[a-z0-9_.\/-]+$/i', $path)) return false; if (preg_match('/\.\./', $path)) return false; return true; } public function createDocumentDir($base, $dirname) { if (!$this->isValidDocumentPath($dirname)) return false; $base = dirname($base); if ($base == '.') $base = ''; else $base = $base . '/'; if (!file_exists(DATA_PATH . '/documents/' . $base . $dirname)) mkdir(DATA_PATH . '/documents/' . $base . $dirname); return true; } public function deleteDocumentDir($dir) { if (!$this->isValidDocumentPath($dir)) return false; $handle = dir(DATA_PATH . '/documents/' . $dir); while ($file = $handle->read()) { if ($file{0} != '.') return false; } $handle->close(); return @rmdir(DATA_PATH . '/documents/' . $dir); } public function deleteFile($file) { if (!$this->isValidDocumentPath($file)) return false; if (!file_exists(DATA_PATH . '/' . $file)) return true; @unlink(DATA_PATH . '/' . $file); return true; } public function renameDocument($file, $new_name) { if (!$this->isValidDocumentPath($file)) return false; if (!$this->isValidDocumentPath($new_name)) return false; if (file_exists(DATA_PATH . '/documents/' . $new_name)) return false; if (copy( DATA_PATH . '/documents/' . $file, DATA_PATH . '/documents/' . $new_name)) { @unlink(DATA_PATH . '/documents/' . $file); } return true; } public function uploadDocument($base, $handler) { if (!$this->isValidDocumentPath($base)) return false; $base = dirname($base); if ($base == '.') $base = ''; else $base = $base . '/'; if (empty($handler['tmp_name']) || empty($handler['name']) || empty($handler['size'])) return false; if ($handler['size'] > (1024 * 1024 * 10)) return false; $file_name = preg_replace('/[^a-z0-9A-Z_\.-]+/', '', $handler['name']); if (file_exists(DATA_PATH . '/documents/' . $base . $file_name)) return false; if (!@move_uploaded_file($handler['tmp_name'], DATA_PATH . '/documents/' . $base . $file_name)) return false; return true; } public function getFile($file) { if (!$this->isValidDocumentPath($file)) return false; if (file_exists(DATA_PATH . '/' . $file)) return file_get_contents(DATA_PATH . '/' . $file); else return ''; } public function saveFile($file, $content) { if (!$this->isValidDocumentPath($file)) return false; file_put_contents(DATA_PATH . '/' . $file, $content); return true; } public function admListFiles($dir) { $handle = dir(DATA_PATH . '/' . $dir); $files = array(); while ($file = $handle->read()) { if ($file{0} != '.') $files[] = $file; } $handle->close(); sort($files); return $files; } public function setCurrentPage($page) { $this->currentPage[] = $page; } public function getCurrentPage($page=0) { if (isset($this->currentPage[$page])) return $this->currentPage[$page]; else return false; } } ?>