-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
74 lines (61 loc) · 2.4 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
/**
* WeeCMS
*
* @version 1.0
* @author Peter Oberlaender (peteee) aka W00L | Way out of Line
* @link http://wayoutofline.net
* @license http://opensource.org/licenses/MIT MIT License
*/
// load php-login class
require_once("classes/Login.php");
// the login object will do all login/logout stuff automatically
// so this single line handles the entire login process.
$login = new Login();
// C M S here
require_once('classes/Pages.php');
$page = new Pages();
$page_id = @$_GET['page_id'];
// Token security...
$_form_token = md5(uniqid(rand(), TRUE));
define("FORMTOKEN", $_form_token);
//$_form_token = FORMTOKEN;
$_SESSION['form_token'] = $_form_token;
$_SESSION['form_token_time'] = time();
include('views/_header.php');
// show the registration form
if (isset($_GET['register']) && ! $login->isRegistrationSuccessful() &&
(ALLOW_USER_REGISTRATION || (ALLOW_ADMIN_TO_REGISTER_NEW_USER && $_SESSION['user_access_level'] == 255))) {
include('views/register.php');
// show the request-a-password-reset or type-your-new-password form
} else if (isset($_GET['password_reset']) && ! $login->isPasswordResetSuccessful()) {
if (isset($_REQUEST['user_name']) && isset($_REQUEST['verification_code']) && $login->isPasswordResetLinkValid()) {
// reset link is correct: ask for the new password
include("views/password_reset.php");
} else {
// no data from a password-reset-mail has been provided,
// we show the request-a-password-reset form
include('views/password_reset_request.php');
}
// show the edit form to modify username, email or password
} else if (isset($_GET['edit']) && $login->isUserLoggedIn()) {
include('views/edit.php');
} else if (isset($_GET['edit-page']) && $login->isUserLoggedIn()) {
// if(isset($_SESSION['user_id'])) //&& $_SESSION['user_id'] == 1
include("views/editpage.php");
// else
// header("location: /");
//include("views/logged_in.php");
} else if (isset($_GET['new-page']) && $login->isUserLoggedIn()) {
include('views/newpage.php');
// the user is logged in, we show informations about the current user
} else if ($login->isUserLoggedIn()) {
include('views/logged_in.php');
} else if (isset($_GET['cms']) && !$login->isUserLoggedIn()) {
include('views/cms.php');
// the user is not logged in, we show the login form
} else {
// uncomment if you need a global login protection...
//include('views/login.php');
}
include('views/_footer.php');