Refactor code structure for improved readability and maintainability
This commit is contained in:
@@ -4,6 +4,17 @@
|
|||||||
<?
|
<?
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
|
$upload_token = bin2hex( random_bytes(24) );
|
||||||
|
$_SESSION['upload_tokens'][$upload_token] = [
|
||||||
|
'user_id' => $this -> user['id'],
|
||||||
|
'expires' => time() + 60*20
|
||||||
|
];
|
||||||
|
|
||||||
|
$_SESSION['rfm_akey'] = bin2hex(random_bytes(16));
|
||||||
|
$_SESSION['rfm_akey_expires'] = time() + 20*60;
|
||||||
|
$_SESSION['can_use_rfm'] = true;
|
||||||
|
$rfmAkeyJS = $_SESSION['rfm_akey'];
|
||||||
|
|
||||||
ob_start();
|
ob_start();
|
||||||
?>
|
?>
|
||||||
<div id="settings-tabs">
|
<div id="settings-tabs">
|
||||||
@@ -95,7 +106,11 @@ ob_start();
|
|||||||
$( function() {
|
$( function() {
|
||||||
$( '#text_<?= $lg['id'];?>, #entry_<?= $lg['id'];?>, #table_of_contents_<?= $lg['id'];?>' ).ckeditor( {
|
$( '#text_<?= $lg['id'];?>, #entry_<?= $lg['id'];?>, #table_of_contents_<?= $lg['id'];?>' ).ckeditor( {
|
||||||
toolbar : 'MyToolbar',
|
toolbar : 'MyToolbar',
|
||||||
height:'250'
|
height:'250',
|
||||||
|
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
@@ -401,6 +416,9 @@ echo $grid -> draw();
|
|||||||
|
|
||||||
$( "#images-uploader" ).pluploadQueue(
|
$( "#images-uploader" ).pluploadQueue(
|
||||||
{
|
{
|
||||||
|
multipart_params: {
|
||||||
|
upload_token: '<?= $upload_token ?>',
|
||||||
|
},
|
||||||
runtimes: 'html5,flash,html4',
|
runtimes: 'html5,flash,html4',
|
||||||
init:
|
init:
|
||||||
{
|
{
|
||||||
@@ -453,6 +471,9 @@ echo $grid -> draw();
|
|||||||
|
|
||||||
$( "#files-uploader" ).pluploadQueue(
|
$( "#files-uploader" ).pluploadQueue(
|
||||||
{
|
{
|
||||||
|
multipart_params: {
|
||||||
|
upload_token: '<?= $upload_token ?>',
|
||||||
|
},
|
||||||
runtimes: 'html5,flash,html4',
|
runtimes: 'html5,flash,html4',
|
||||||
init:
|
init:
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -4,6 +4,17 @@
|
|||||||
<?
|
<?
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
|
$upload_token = bin2hex( random_bytes(24) );
|
||||||
|
$_SESSION['upload_tokens'][$upload_token] = [
|
||||||
|
'user_id' => $this -> user['id'],
|
||||||
|
'expires' => time() + 60*20
|
||||||
|
];
|
||||||
|
|
||||||
|
$_SESSION['rfm_akey'] = bin2hex(random_bytes(16));
|
||||||
|
$_SESSION['rfm_akey_expires'] = time() + 20*60;
|
||||||
|
$_SESSION['can_use_rfm'] = true;
|
||||||
|
$rfmAkeyJS = $_SESSION['rfm_akey'];
|
||||||
|
|
||||||
ob_start();
|
ob_start();
|
||||||
?>
|
?>
|
||||||
|
|
||||||
@@ -119,7 +130,11 @@ ob_start();
|
|||||||
$(function() {
|
$(function() {
|
||||||
$('#short_description_<?= $lg['id']; ?>, #description_<?= $lg['id']; ?>').ckeditor({
|
$('#short_description_<?= $lg['id']; ?>, #description_<?= $lg['id']; ?>').ckeditor({
|
||||||
toolbar: 'MyToolbar',
|
toolbar: 'MyToolbar',
|
||||||
height: '250'
|
height: '250',
|
||||||
|
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
@@ -208,7 +223,11 @@ ob_start();
|
|||||||
$(function() {
|
$(function() {
|
||||||
$('#tab_description_1_<?= $lg['id']; ?>, #tab_description_2_<?= $lg['id']; ?>').ckeditor({
|
$('#tab_description_1_<?= $lg['id']; ?>, #tab_description_2_<?= $lg['id']; ?>').ckeditor({
|
||||||
toolbar: 'MyToolbar',
|
toolbar: 'MyToolbar',
|
||||||
height: '250'
|
height: '250',
|
||||||
|
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
|
||||||
|
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
@@ -826,6 +845,9 @@ echo $grid->draw();
|
|||||||
});
|
});
|
||||||
|
|
||||||
$("#images-uploader").pluploadQueue({
|
$("#images-uploader").pluploadQueue({
|
||||||
|
multipart_params: {
|
||||||
|
upload_token: '<?= $upload_token ?>',
|
||||||
|
},
|
||||||
runtimes: 'html5,flash,html4',
|
runtimes: 'html5,flash,html4',
|
||||||
init: {
|
init: {
|
||||||
Refresh: function(up) {
|
Refresh: function(up) {
|
||||||
@@ -874,6 +896,9 @@ echo $grid->draw();
|
|||||||
});
|
});
|
||||||
|
|
||||||
$("#files-uploader").pluploadQueue({
|
$("#files-uploader").pluploadQueue({
|
||||||
|
multipart_params: {
|
||||||
|
upload_token: '<?= $upload_token ?>',
|
||||||
|
},
|
||||||
runtimes: 'html5,flash,html4',
|
runtimes: 'html5,flash,html4',
|
||||||
init: {
|
init: {
|
||||||
Refresh: function(up) {
|
Refresh: function(up) {
|
||||||
|
|||||||
@@ -39,19 +39,24 @@ class Articles
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function article_edit()
|
public static function article_edit() {
|
||||||
{
|
global $user;
|
||||||
|
|
||||||
|
if ( !$user ) {
|
||||||
|
header( 'Location: /admin/' );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
\admin\factory\Articles::delete_nonassigned_images();
|
\admin\factory\Articles::delete_nonassigned_images();
|
||||||
\admin\factory\Articles::delete_nonassigned_files();
|
\admin\factory\Articles::delete_nonassigned_files();
|
||||||
|
|
||||||
return \admin\view\Articles::article_edit(
|
return \Tpl::view( 'articles/article-edit', [
|
||||||
\admin\factory\Articles::article_details(
|
'article' => \admin\factory\Articles::article_details( (int)\S::get( 'id' ) ),
|
||||||
\S::get( 'id' )
|
'menus' => \admin\factory\Pages::menus_list(),
|
||||||
),
|
'languages' => \admin\factory\Languages::languages_list(),
|
||||||
\admin\factory\Pages::menus_list(),
|
'layouts' => \admin\factory\Layouts::layouts_list(),
|
||||||
\admin\factory\Languages::languages_list(),
|
'user' => $user
|
||||||
\admin\factory\Layouts::layouts_list()
|
] );
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function view_list()
|
public static function view_list()
|
||||||
|
|||||||
@@ -229,22 +229,29 @@ class ShopProduct
|
|||||||
}
|
}
|
||||||
|
|
||||||
// edycja produktu
|
// edycja produktu
|
||||||
public static function product_edit()
|
public static function product_edit() {
|
||||||
{
|
global $user;
|
||||||
|
|
||||||
|
if ( !$user ) {
|
||||||
|
header( 'Location: /admin/' );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
\admin\factory\ShopProduct::delete_nonassigned_images();
|
\admin\factory\ShopProduct::delete_nonassigned_images();
|
||||||
\admin\factory\ShopProduct::delete_nonassigned_files();
|
\admin\factory\ShopProduct::delete_nonassigned_files();
|
||||||
|
|
||||||
return \Tpl::view( 'shop-product/product-edit', [
|
return \Tpl::view( 'shop-product/product-edit', [
|
||||||
'product' => \admin\factory\ShopProduct::product_details( (int) \S::get( 'id' ) ),
|
'product' => \admin\factory\ShopProduct::product_details( (int) \S::get( 'id' ) ),
|
||||||
'languages' => \admin\factory\Languages::languages_list(),
|
'languages' => \admin\factory\Languages::languages_list(),
|
||||||
'categories' => \admin\factory\ShopCategory::subcategories( null ),
|
'categories' => \admin\factory\ShopCategory::subcategories( null ),
|
||||||
'layouts' => \admin\factory\Layouts::layouts_list(),
|
'layouts' => \admin\factory\Layouts::layouts_list(),
|
||||||
'products' => \admin\factory\ShopProduct::products_list(),
|
'products' => \admin\factory\ShopProduct::products_list(),
|
||||||
'dlang' => \front\factory\Languages::default_language(),
|
'dlang' => \front\factory\Languages::default_language(),
|
||||||
'sets' => \shop\ProductSet::sets_list(),
|
'sets' => \shop\ProductSet::sets_list(),
|
||||||
'producers' => \admin\factory\ShopProducer::all(),
|
'producers' => \admin\factory\ShopProducer::all(),
|
||||||
'units' => \admin\factory\Dictionaries::all_units()
|
'units' => \admin\factory\Dictionaries::all_units(),
|
||||||
] );
|
'user' => $user
|
||||||
|
] );
|
||||||
}
|
}
|
||||||
|
|
||||||
// ajax_load_products ARCHIVE
|
// ajax_load_products ARCHIVE
|
||||||
|
|||||||
@@ -24,15 +24,5 @@ class Articles
|
|||||||
$tpl = new \Tpl;
|
$tpl = new \Tpl;
|
||||||
return $tpl -> render( 'articles/articles-list' );
|
return $tpl -> render( 'articles/articles-list' );
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function article_edit( $article, $menus, $languages, $layouts )
|
|
||||||
{
|
|
||||||
$tpl = new \Tpl;
|
|
||||||
$tpl -> article = $article;
|
|
||||||
$tpl -> menus = $menus;
|
|
||||||
$tpl -> languages = $languages;
|
|
||||||
$tpl -> layouts = $layouts;
|
|
||||||
return $tpl -> render( 'articles/article-edit' );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@@ -1,4 +1,20 @@
|
|||||||
<?php
|
<?php
|
||||||
|
session_start();
|
||||||
|
$user = $_SESSION['user'];
|
||||||
|
if ( !$user ) {
|
||||||
|
header('HTTP/1.1 403 Forbidden');
|
||||||
|
exit('Access denied');
|
||||||
|
}
|
||||||
|
|
||||||
|
$akey = $_GET['akey'] ?? $_POST['akey'] ?? '';
|
||||||
|
if (
|
||||||
|
empty($_SESSION['rfm_akey']) ||
|
||||||
|
$akey !== $_SESSION['rfm_akey'] ||
|
||||||
|
(($_SESSION['rfm_akey_expires'] ?? 0) < time())
|
||||||
|
) {
|
||||||
|
header('HTTP/1.1 403 Forbidden');
|
||||||
|
exit('Invalid key');
|
||||||
|
}
|
||||||
|
|
||||||
$time = time();
|
$time = time();
|
||||||
|
|
||||||
|
|||||||
@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
|
|||||||
date_default_timezone_set( 'Europe/Warsaw' );
|
date_default_timezone_set( 'Europe/Warsaw' );
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
|
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||||
|
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||||
|
if ( $tokenData['expires'] < time() ) {
|
||||||
|
unset( $_SESSION['upload_tokens'][$upload_token] );
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Token wygasł'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
$mdb = new medoo( [
|
$mdb = new medoo( [
|
||||||
'database_type' => 'mysql',
|
'database_type' => 'mysql',
|
||||||
'database_name' => $database['name'],
|
'database_name' => $database['name'],
|
||||||
|
|||||||
@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
|
|||||||
date_default_timezone_set( 'Europe/Warsaw' );
|
date_default_timezone_set( 'Europe/Warsaw' );
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
|
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||||
|
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||||
|
if ( $tokenData['expires'] < time() ) {
|
||||||
|
unset( $_SESSION['upload_tokens'][$upload_token] );
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Token wygasł'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
$mdb = new medoo( [
|
$mdb = new medoo( [
|
||||||
'database_type' => 'mysql',
|
'database_type' => 'mysql',
|
||||||
'database_name' => $database['name'],
|
'database_name' => $database['name'],
|
||||||
|
|||||||
@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
|
|||||||
date_default_timezone_set( 'Europe/Warsaw' );
|
date_default_timezone_set( 'Europe/Warsaw' );
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
|
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||||
|
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||||
|
if ( $tokenData['expires'] < time() ) {
|
||||||
|
unset( $_SESSION['upload_tokens'][$upload_token] );
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Token wygasł'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
$mdb = new medoo( [
|
$mdb = new medoo( [
|
||||||
'database_type' => 'mysql',
|
'database_type' => 'mysql',
|
||||||
'database_name' => $database['name'],
|
'database_name' => $database['name'],
|
||||||
|
|||||||
@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
|
|||||||
date_default_timezone_set( 'Europe/Warsaw' );
|
date_default_timezone_set( 'Europe/Warsaw' );
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
|
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||||
|
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||||
|
if ( $tokenData['expires'] < time() ) {
|
||||||
|
unset( $_SESSION['upload_tokens'][$upload_token] );
|
||||||
|
http_response_code(403);
|
||||||
|
echo json_encode( ['error' => 'Token wygasł'] );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
$mdb = new medoo( [
|
$mdb = new medoo( [
|
||||||
'database_type' => 'mysql',
|
'database_type' => 'mysql',
|
||||||
'database_name' => $database['name'],
|
'database_name' => $database['name'],
|
||||||
|
|||||||
BIN
updates/0.20/ver_0.230.zip
Normal file
BIN
updates/0.20/ver_0.230.zip
Normal file
Binary file not shown.
@@ -1,3 +1,6 @@
|
|||||||
|
<b>ver. 0.230</b><br />
|
||||||
|
- FIX - poprawki bezpieczeństwa
|
||||||
|
<hr>
|
||||||
<b>ver. 0.229</b><br />
|
<b>ver. 0.229</b><br />
|
||||||
- NEW - pola dodatkowe z opcją wymagane/niewymagane
|
- NEW - pola dodatkowe z opcją wymagane/niewymagane
|
||||||
<hr>
|
<hr>
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
<?
|
<?
|
||||||
$current_ver = 229;
|
$current_ver = 230;
|
||||||
|
|
||||||
for ($i = 1; $i <= $current_ver; $i++)
|
for ($i = 1; $i <= $current_ver; $i++)
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user