nucleus/index.php

   1 <?php
   2 /*
   3  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
   4  * Copyright (C) 2002-2012 The Nucleus Group
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public License
   8  * as published by the Free Software Foundation; either version 2
   9  * of the License, or (at your option) any later version.
  10  * (see nucleus/documentation/index.html#license for more info)
  11  */
  12         // we are using admin stuff:
  13         $CONF = array();
  14         $CONF['UsingAdminArea'] = 1;
  15
  16         // include the admin code
  17         require_once('../config.php');
  18
  19         if ($CONF['alertOnSecurityRisk'] == 1)
  20         {
  21                 // check if files exist and generate an error if so
  22                 $aFiles = array(
  23                  '../install' => _ERRORS_INSTALLDIR,
  24                         'upgrades'       => _ERRORS_UPGRADESDIR,\r
  25                         'convert'        => _ERRORS_CONVERTDIR\r
  26                 );
  27                 $aFound = array();
  28                 foreach($aFiles as $fileName => $fileDesc)
  29                 {
  30                         if (@file_exists($fileName))
  31                                 array_push($aFound, $fileDesc);
  32                 }
  33                 if (@is_writable('../config.php')) {
  34                         array_push($aFound, _ERRORS_CONFIGPHP);
  35                 }
  36                 if (sizeof($aFound) > 0)
  37                 {
  38                         startUpError(
  39                                 _ERRORS_STARTUPERROR1. implode($aFound, '</li><li>')._ERRORS_STARTUPERROR2,\r
  40                                 _ERRORS_STARTUPERROR3\r
  41                         );
  42                 }
  43         }
  44
  45         $bNeedsLogin   = false;
  46         $bIsActivation = in_array($action, array('activate', 'activatesetpwd'));
  47
  48         if ($action == 'logout')
  49                 $bNeedsLogin = true;\r
  50
  51         if (!$member->isLoggedIn() && !$bIsActivation)
  52                 $bNeedsLogin = true;\r
  53
  54         // show error if member cannot login to admin
  55         if ($member->isLoggedIn() && !$member->canLogin() && !$bIsActivation) {
  56                 $error       = _ERROR_LOGINDISALLOWED;
  57                 $bNeedsLogin = true;
  58         }
  59
  60         if ($bNeedsLogin)
  61         {
  62                 setOldAction($action);  // see ADMIN::login() (sets old action in POST vars)
  63                 $action = 'showlogin';
  64         }
  65
  66         sendContentType('text/html', 'admin-' . $action);
  67
  68         $admin = new ADMIN();
  69         $admin->action($action);
  70 ?>