cx/cx.php

   1 <?php
   2
   3 function cx_require(...$segments) {
   4         array_unshift($segments, CX_PATH);
   5         require_once(join(DIRECTORY_SEPARATOR, $segments));
   6 }
   7
   8 define('CX_PATH', __DIR__);
   9
  10 cx_require('lib', 'admin.php');
  11 cx_require('lib', 'form.php');
  12 cx_require('lib', 'http.php');
  13 cx_require('lib', 'images.php');
  14 cx_require('lib', 'posts.php');
  15 cx_require('lib', 'sessions.php');
  16 cx_require('lib', 'setup.php');
  17 cx_require('lib', 'site.php');
  18 cx_require('lib', 'system.php');
  19 cx_require('lib', 'template.php');
  20 cx_require('lib', 'url.php');
  21 cx_require('lib', 'user_data.php');
  22 cx_require('lib', 'users.php');
  23
  24 function cx($db_path, $data_folder_path, $public_data_folder_path) {
  25         define('CX_DATABASE_FILE', $db_path);
  26         define('CX_USER_DATA_PATH', $data_folder_path);
  27         define('CX_PUBLIC_USER_DATA_PATH', $public_data_folder_path);
  28
  29         if (cx_setup_required()) {
  30                 cx_setup_run();
  31
  32                 require('../setup.php');
  33                 $new_author = cx_users_add_user(CX_SETUP_USER, CX_SETUP_PASSWORD);
  34                 $new_site = cx_sites_add_site(CX_SETUP_URL, CX_SETUP_TITLE, CX_SETUP_BYLINE, CX_SETUP_COPYRIGHT);
  35                 cx_sites_site_add_user($new_site, $new_author, true);
  36
  37                 exit;
  38         }
  39
  40         $path = '/';
  41
  42         if (isset($_SERVER['REQUEST_URI'])) {
  43                 $route_details = parse_url($_SERVER['REQUEST_URI']);
  44                 if (isset($route_details['path'])) {
  45                         $path = $route_details['path'];
  46                 }
  47         }
  48
  49         $script_name = $_SERVER['SCRIPT_NAME'];
  50         $script_name_len = strlen($script_name);
  51         if (substr_compare($path, $script_name, 0, $script_name_len) == 0) {
  52                 $path = substr($path, $script_name_len);
  53         }
  54
  55         cx_route($path);
  56 }
  57
  58 function cx_route($path) {
  59         $path_components = explode('/', $path, 10);
  60         $path_components = array_filter($path_components);
  61         $path_components = array_values($path_components); // re-index
  62
  63         $template = null;
  64         $template_class = 'public';
  65         $template_variables = [];
  66
  67         if (count($path_components) == 0) {
  68                 $template = 'list';
  69         } else if (count($path_components) >= 1 && $path_components[0] == 'feed') {
  70                 header('Content-type: application/atom+xml;');
  71                 $template = 'atom';
  72         } else if (count($path_components) >= 1 && $path_components[0] == 'cx') {
  73                 if (count($path_components) >= 2 && $path_components[1] == 'login') {
  74                         if (cx_admin_logged_in()) {
  75                                 cx_http_redirect(cx_url_admin('/'));
  76                                 exit(0);
  77                         } else {
  78                                 $username = cx_form_input_sanitized('id');
  79                                 $password = cx_form_input_sanitized('password');
  80
  81                                 if ($username != null && $password != null && cx_admin_login($username, $password)) {
  82                                         cx_http_redirect(cx_url_admin('/'));
  83                                         exit(0);
  84                                 }
  85
  86                                 $template_class = 'admin';
  87                                 $template = 'login';
  88                         }
  89                 } else {
  90                         if (cx_admin_logged_in() == false) {
  91                                 cx_http_redirect(cx_url_admin('/login/'));
  92                                 exit(0);
  93                         } else {
  94                                 if (count($path_components) >= 2 && $path_components[1] == 'logout') {
  95                                         cx_admin_logout();
  96                                         cx_http_redirect(cx_url_admin('/'));
  97                                         exit(0);
  98                                 } else if (count($path_components) >= 3 && $path_components[1] == 'posts' && $path_components[2] == 'add') {
  99                                         $template_variables['post_id'] = '0';
 100                                         $template_variables['post_title'] = '';
 101                                         $template_variables['post_slug'] = '';
 102                                         $template_variables['post_date'] = '';
 103                                         $template_variables['post_data'] = '';
 104                                         $template_variables['post_is_draft'] = true;
 105
 106
 107                                         $template_class = 'admin';
 108                                         $template = 'post';
 109                                 } else if (count($path_components) >= 3 && $path_components[1] == 'posts' && $path_components[2] == 'edit') {
 110                                         $post = cx_posts_find_post($_GET['id']);
 111
 112                                         $template_variables['post_id'] = $post->id;
 113                                         $template_variables['post_title'] = $post->title;
 114                                         $template_variables['post_slug'] = $post->slug;
 115                                         $template_variables['post_date'] = $post->date;
 116                                         $template_variables['post_data'] = $post->data;
 117                                         $template_variables['post_is_draft'] = $post->is_draft;
 118
 119                                         $template_class = 'admin';
 120                                         $template = 'post';
 121                                 } else if (count($path_components) >= 3 && $path_components[1] == 'posts' && $path_components[2] == 'update') {
 122                                         $title = cx_form_input_sanitized('post_title');
 123                                         $slug = cx_form_input_sanitized('post_slug');
 124                                         if (isset($slug) == false) $slug = null;
 125                                         $date = cx_form_input_sanitized_date_time('post_date');
 126                                         if (isset($date) == false) $date = null;
 127                                         $draft = cx_form_input_sanitized('post_is_draft') == 'draft';
 128                                         $data = cx_form_input_sanitized_allowing_html('post_data');
 129
 130                                         if (isset($_GET['id']) == false or $_GET['id'] == 0) {
 131                                                 cx_posts_add_post(1, $title, $slug, $date, $draft, $data);
 132                                         } else {
 133                                                 $id = $_GET['id'];
 134                                                 cx_posts_update_post($id, $title, $slug, $date, $draft, $data);
 135                                         }
 136
 137                                         cx_http_redirect(cx_url_admin('/'));
 138                                         exit(0);
 139                                 } else if (count($path_components) >= 3 && $path_components[1] == 'posts' && $path_components[2] == 'delete') {
 140                                         cx_posts_delete_post($_GET['id']);
 141                                         cx_http_redirect(cx_url_admin('/'));
 142                                         exit(0);
 143                                 } else if (count($path_components) >= 3 && $path_components[1] == 'images' && $path_components[2] == 'add') {
 144                                         $template_variables['image_id'] = '0';
 145                                         $template_variables['image_alt_text'] = '';
 146
 147                                         $template_class = 'admin';
 148                                         $template = 'image';
 149                                 } else if (count($path_components) >= 3 && $path_components[1] == 'images' && $path_components[2] == 'update') {
 150                                         $alt_text = cx_form_input_sanitized('image_alt_text');
 151
 152                                         $filename = $_FILES['image_file']['tmp_name'];
 153                                         $original_filename = $_FILES['image_file']['name'];
 154
 155                                         cx_images_add_image(1, $alt_text, $filename, $original_filename);
 156
 157                                         cx_http_redirect(cx_url_admin('/'));
 158                                         exit(0);
 159                                 } else {
 160                                         $template_class = 'admin';
 161                                         $template = 'main';
 162                                 }
 163                         }
 164                 }
 165         } else if (count($path_components) >= 3) { // FIXME sometime, needs more flexibility...
 166                 $year = $path_components[0];
 167                 $month = $path_components[1];
 168                 $slug = $path_components[2];
 169
 170                 $template = 'post';
 171                 $template_variables['post_id'] = cx_posts_find_post_id($slug);
 172         }
 173
 174         if ($template != null) {
 175                 $output = cx_template_render($template_class, $template, $template_variables);
 176                 echo($output);
 177         } else {
 178                 http_response_code(404);
 179                 exit(0);
 180         }
 181 }