mirror of https://github.com/Mowie/Mowie
When performing critical operations (such as user deletion) the system now asks you to confirm your password
This commit is contained in:
parent
b365dc88ed
commit
4ce47c209f
|
@ -1373,6 +1373,59 @@ header .stream{
|
|||
display: block;
|
||||
}
|
||||
|
||||
/*Confirm Window*/
|
||||
.overlay {
|
||||
position: fixed;
|
||||
left: 0;
|
||||
right: 0;
|
||||
top: 0;
|
||||
bottom: 0;
|
||||
background: rgba(0, 0, 0, 0.4);
|
||||
z-index: 99;
|
||||
}
|
||||
|
||||
.window-confirm, .window-confirm .head {
|
||||
text-align: center;
|
||||
left: calc(50vw - 175px);
|
||||
width: 100%;
|
||||
max-width: 350px;
|
||||
top: 40px;
|
||||
background: #fff;
|
||||
padding: 10px 10px 20px;
|
||||
box-shadow: 0 2px 2px 0 rgba(0, 0, 0, .14), 0 3px 1px -2px rgba(0, 0, 0, .2), 0 1px 5px 0 rgba(0, 0, 0, .12);
|
||||
z-index: 1;
|
||||
border-radius: 2px;
|
||||
position: fixed;
|
||||
overflow: auto;
|
||||
max-height: calc(100vh - 80px);
|
||||
height: auto;
|
||||
}
|
||||
|
||||
.window-confirm .head {
|
||||
margin: -10px -10px 10px 0;
|
||||
text-align: left;
|
||||
padding: 10px 10px;
|
||||
background: #eaeaea;
|
||||
border-radius: 2px 2px 0 0;
|
||||
-moz-user-select: -moz-none;
|
||||
-webkit-user-select: none;
|
||||
user-select: none;
|
||||
cursor: default;
|
||||
position: fixed;
|
||||
}
|
||||
|
||||
.window-confirm .head .closeMsg {
|
||||
color: #212121;
|
||||
}
|
||||
|
||||
.window-confirm .head .closeMsg:hover {
|
||||
color: #5d5d5d;
|
||||
}
|
||||
|
||||
.window-confirm #content {
|
||||
margin-top: 30px;
|
||||
}
|
||||
|
||||
@media screen and (max-width: 450px) {
|
||||
header .options span.usr_info {
|
||||
display: none;
|
||||
|
|
|
@ -87,7 +87,6 @@ tinymce();
|
|||
$appUri = '../apps/';
|
||||
foreach ($apps->getApps() as $app => $appconf)
|
||||
{
|
||||
|
||||
require $appUri . $app . '/config.php';
|
||||
if (isset($_CONF['general_conf']) && $_CONF['general_conf'] != '' && file_exists($appUri . $app . '/' . $_CONF['general_conf']))
|
||||
{
|
||||
|
|
|
@ -88,6 +88,14 @@ $lang['general_database'] = 'Datenbank';
|
|||
$lang['general_create_backup'] = 'Datenbank Backup erstellen';
|
||||
$lang['general_go_phpmyadmin'] = 'Zu phpmyadmin';
|
||||
|
||||
//Legitimation
|
||||
$lang['legitimate_title'] = 'Legitimierung benötigt';
|
||||
$lang['legitimate_text'] = 'Dieser Vorgang benötigt eine Passwortbestätigung.';
|
||||
$lang['legitimate_confirm'] = 'Bestätigen';
|
||||
$lang['legitimate_abort'] = 'Abbrechen';
|
||||
$lang['legitimate_error'] = 'Beim Legitimieren ist ein Fehler aufgetreten.';
|
||||
$lang['legitimate_fail'] = 'Falsches Passwort.';
|
||||
|
||||
/*
|
||||
* Manage Admins
|
||||
*/
|
||||
|
|
155
admin/login.php
155
admin/login.php
|
@ -5,78 +5,109 @@ require_once '../inc/config.php';
|
|||
require_once '../inc/libs/password.php';
|
||||
require_once '../inc/libs/functions.php';
|
||||
|
||||
$db->setCol('system_admins');
|
||||
$db->data['username'] = $_POST['username'];
|
||||
$db->get();
|
||||
if($db->data[0]['id'] != '')
|
||||
if(isset($_POST['username']))
|
||||
{
|
||||
if(password_verify($_POST['pw'], $db->data[0]['pass']))
|
||||
$db->setCol('system_admins');
|
||||
$db->data['username'] = $_POST['username'];
|
||||
$db->get();
|
||||
if (isset($db->data[0]) && $db->data[0]['id'] != '')
|
||||
{
|
||||
session_regenerate_id();
|
||||
$uid = $db->data[0]['id'];
|
||||
|
||||
//Token
|
||||
$token = random(64);
|
||||
$_SESSION['token'] = $token;
|
||||
$db->clear();
|
||||
$db->setCol('system_loggedin');
|
||||
$db->data['user'] = $uid;
|
||||
$db->data['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
|
||||
$db->data['ip'] = $_SERVER['REMOTE_ADDR'];
|
||||
$db->data['time'] = time();
|
||||
$db->data['token'] = $token;
|
||||
//if($db->insert()) echo 'token'; else echo 'hm';
|
||||
$db->insert();
|
||||
//echo $token;
|
||||
|
||||
$db->clear();
|
||||
$db->setCol('system_admins');
|
||||
$db->data['id'] = $uid;
|
||||
$db->get();
|
||||
if($db->data[0]['secret'] != '')
|
||||
if (password_verify($_POST['pw'], $db->data[0]['pass']))
|
||||
{
|
||||
if(isset($_POST['2fa']) && $_POST['2fa'] == '')
|
||||
{
|
||||
echo '2fa';
|
||||
exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once '../inc/libs/2fa.php';
|
||||
$authenticator = new php2FA();
|
||||
session_regenerate_id();
|
||||
$uid = $db->data[0]['id'];
|
||||
|
||||
if($authenticator->verifyCode($db->data[0]['secret'], $_POST['2fa'], 3))
|
||||
//Token
|
||||
$token = random(64);
|
||||
$_SESSION['token'] = $token;
|
||||
$db->clear();
|
||||
$db->setCol('system_loggedin');
|
||||
$db->data['user'] = $uid;
|
||||
$db->data['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
|
||||
$db->data['ip'] = $_SERVER['REMOTE_ADDR'];
|
||||
$db->data['time'] = time();
|
||||
$db->data['token'] = $token;
|
||||
//if($db->insert()) echo 'token'; else echo 'hm';
|
||||
$db->insert();
|
||||
//echo $token;
|
||||
|
||||
$db->clear();
|
||||
$db->setCol('system_admins');
|
||||
$db->data['id'] = $uid;
|
||||
$db->get();
|
||||
if ($db->data[0]['secret'] != '')
|
||||
{
|
||||
if (isset($_POST['2fa']) && $_POST['2fa'] == '')
|
||||
{
|
||||
echo 'success';
|
||||
stream_message('{user} has logged in.', 4);
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '2fafail';
|
||||
echo '2fa';
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo 'success';
|
||||
}
|
||||
} else
|
||||
{
|
||||
require_once '../inc/libs/2fa.php';
|
||||
$authenticator = new php2FA();
|
||||
|
||||
//Session
|
||||
$_SESSION['user'] = $db->data[0]['username'];
|
||||
$_SESSION['userid'] = $db->data[0]['id'];
|
||||
$_SESSION['lvl'] = $db->data[0]['lvl'];
|
||||
$_SESSION['mail'] = $db->data[0]['mail'];
|
||||
$_SESSION['guestview'] = 'true';
|
||||
|
||||
stream_message('{user} has logged in.', 4);
|
||||
}
|
||||
else
|
||||
if ($authenticator->verifyCode($db->data[0]['secret'], $_POST['2fa'], 3))
|
||||
{
|
||||
echo 'success';
|
||||
stream_message('{user} has logged in.', 4);
|
||||
} else
|
||||
{
|
||||
echo '2fafail';
|
||||
exit;
|
||||
}
|
||||
}
|
||||
} else
|
||||
{
|
||||
echo 'success';
|
||||
}
|
||||
|
||||
//Session
|
||||
$_SESSION['user'] = $db->data[0]['username'];
|
||||
$_SESSION['userid'] = $db->data[0]['id'];
|
||||
$_SESSION['lvl'] = $db->data[0]['lvl'];
|
||||
$_SESSION['mail'] = $db->data[0]['mail'];
|
||||
$_SESSION['guestview'] = 'true';
|
||||
|
||||
stream_message('{user} has logged in.', 4);
|
||||
} else
|
||||
{
|
||||
echo 'fail';
|
||||
}
|
||||
} else
|
||||
{
|
||||
echo 'fail';
|
||||
}
|
||||
}
|
||||
else
|
||||
|
||||
//Check for password - needed for user's confirmation
|
||||
if(isset($_GET['checkPassword']))
|
||||
{
|
||||
echo 'fail';
|
||||
if(is_loggedin())
|
||||
{
|
||||
if(isset($_POST['pw']))
|
||||
{
|
||||
$db->setCol('system_admins');
|
||||
$db->data['id'] = $_SESSION['userid'];
|
||||
$db->get();
|
||||
if (isset($db->data[0]) && $db->data[0]['id'] != '')
|
||||
{
|
||||
if (password_verify($_POST['pw'], $db->data[0]['pass']))
|
||||
{
|
||||
echo 'success';
|
||||
}
|
||||
else
|
||||
{
|
||||
echo 'fail';
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo 'fail';
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo 'login first.';
|
||||
}
|
||||
}
|
|
@ -50,6 +50,7 @@ if (hasPerm('manage_admins'))
|
|||
<div class="main">
|
||||
<div class="form">
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" method="POST">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<p><span><?php echo $lang->get('admins_cn_username'); ?>:</span><input type="text" name="userN"/>
|
||||
</p>
|
||||
<p><span><?php echo $lang->get('admins_cn_password'); ?>:</span><input type="password" name="pw1"/>
|
||||
|
|
|
@ -35,7 +35,7 @@ if (hasPerm('edit_permissions'))
|
|||
}
|
||||
} else
|
||||
{
|
||||
echo '<div class="main"><form action="'.$_SERVER['REQUEST_URI'].'" method="post">';
|
||||
echo '<div class="main"><form action="'.$_SERVER['REQUEST_URI'].'" method="post"><input type="hidden" name="askPW" value="askPW">';
|
||||
//Admin Groups
|
||||
$db->get();
|
||||
$role_names = [];
|
||||
|
|
|
@ -42,6 +42,7 @@ if (hasPerm('manage_groups'))
|
|||
?>
|
||||
<div class="main" style="text-align: center">
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" method="post">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<p><?php echo $lang->get('admins_roles_delete_confirm');?></p>
|
||||
<input type="submit" name="del" value="<?php echo $lang->get('general_yes');?>"/>
|
||||
<a href="roles.php?members=<?php echo $_GET['members']; ?>" class="button btn_del"><?php echo $lang->get('general_no');?></a>
|
||||
|
@ -69,6 +70,7 @@ if (hasPerm('manage_groups'))
|
|||
?>
|
||||
<div class="main" style="text-align: center">
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" method="post">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<p><?php echo $lang->get('admins_roles_user_delete_confirm');?></p>
|
||||
<input type="submit" name="del" value="<?php echo $lang->get('general_yes');?>"/>
|
||||
<a href="roles.php?members=<?php echo $_GET['members']; ?>" class="button btn_del"><?php echo $lang->get('general_no');?></a>
|
||||
|
@ -133,6 +135,7 @@ if (hasPerm('manage_groups'))
|
|||
{
|
||||
?>
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" method="post">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<?php echo $lang->get('admins_roles_add_user');?>:
|
||||
<select name="user">
|
||||
<?php
|
||||
|
@ -173,6 +176,7 @@ if (hasPerm('manage_groups'))
|
|||
<div class="main">
|
||||
<h2><?php echo $lang->get('admins_roles_create_group');?></h2>
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" method="post">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<input type="text" name="group_name" placeholder="<?php echo $lang->get('admins_roles_group_name');?>"/><br/>
|
||||
<input type="submit" name="submit" value="<?php echo $lang->get('admins_roles_create_group');?>"/>
|
||||
</form>
|
||||
|
|
|
@ -275,6 +275,7 @@ if (hasPerm('manage_admins') || $uid == $_SESSION['userid'])
|
|||
?>
|
||||
<div class="main">
|
||||
<form action="<?php echo $_SERVER['REQUEST_URI']?>" class="form" method="post">
|
||||
<input type="hidden" name="askPW" value="askPW">
|
||||
<p><span><?php echo $lang->get('username'); ?>:</span><input name="username"
|
||||
value="<?php echo $db->data[0]['username'] ?>"/>
|
||||
</p>
|
||||
|
|
377
inc/footer.php
377
inc/footer.php
|
@ -4,203 +4,252 @@ if (!isset($_GET['direct']))
|
|||
?>
|
||||
|
||||
|
||||
</div>
|
||||
<div id="showMsg"></div>
|
||||
<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/bootstrap.min.js"></script>
|
||||
<script>
|
||||
$(document).ready(function(){
|
||||
$('[data-toggle="tooltip"]').tooltip();
|
||||
});
|
||||
</script>
|
||||
</div>
|
||||
<div id="showMsg"></div>
|
||||
<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/bootstrap.min.js"></script>
|
||||
<script>
|
||||
$(document).ready(function () {
|
||||
$('[data-toggle="tooltip"]').tooltip();
|
||||
});
|
||||
</script>
|
||||
|
||||
<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/moment.js"></script>
|
||||
<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/moment.js"></script>
|
||||
|
||||
<!--<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/page.js"></script>
|
||||
<!--<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/page.js"></script>
|
||||
<script src="<?php echo $MCONF['web_uri'] ?>admin/assets/js/page.bodyparser.js"></script>-->
|
||||
<script>
|
||||
moment.locale('de');
|
||||
<script>
|
||||
moment.locale('de');
|
||||
|
||||
//Msg
|
||||
function showMsg(msg) {
|
||||
$('#showMsg').html('<div class="snackbar"><a onclick="closeMsg();" class="closeMsg"><i class="fa fa-close"></i> </a><p>' + msg + '</p></div>');
|
||||
}
|
||||
//Msg
|
||||
function showMsg(msg) {
|
||||
$('#showMsg').html('<div class="snackbar"><a onclick="closeMsg();" class="closeMsg"><i class="fa fa-close"></i> </a><p>' + msg + '</p></div>');
|
||||
}
|
||||
|
||||
function closeMsg() {
|
||||
$('#showMsg').html('');
|
||||
}
|
||||
function closeMsg() {
|
||||
$('#showMsg').html('');
|
||||
}
|
||||
|
||||
//Show Loader
|
||||
function showTopLoader() {
|
||||
$('.loader-overlay').fadeIn(150);
|
||||
$('.toploading').animate({height: "8px"}, 150);
|
||||
}
|
||||
//Show Loader
|
||||
function showTopLoader() {
|
||||
$('.loader-overlay').fadeIn(150);
|
||||
$('.toploading').animate({height: "8px"}, 150);
|
||||
}
|
||||
|
||||
function hideTopLoader() {
|
||||
$('.loader-overlay').fadeOut(150);
|
||||
$('.toploading').animate({height: "0"}, 150);
|
||||
}
|
||||
function hideTopLoader() {
|
||||
$('.loader-overlay').fadeOut(150);
|
||||
$('.toploading').animate({height: "0"}, 150);
|
||||
}
|
||||
|
||||
//Change current Language
|
||||
$('#langselectbtn').click(function () {
|
||||
$('.langs').fadeToggle(100);
|
||||
});
|
||||
//Change current Language
|
||||
$('#langselectbtn').click(function () {
|
||||
$('.langs').fadeToggle(100);
|
||||
});
|
||||
|
||||
function changeLang(lang) {
|
||||
showTopLoader();
|
||||
$.get('<?php echo $MCONF['home_uri'];?>admin/lang.php?set=' + lang, function (data) {
|
||||
console.log(data);
|
||||
if(data == 1){
|
||||
location.reload();
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
})
|
||||
}
|
||||
function changeLang(lang) {
|
||||
showTopLoader();
|
||||
$.get('<?php echo $MCONF['home_uri'];?>admin/lang.php?set=' + lang, function (data) {
|
||||
console.log(data);
|
||||
if (data == 1) {
|
||||
location.reload();
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
//showStream
|
||||
function showStream()
|
||||
{
|
||||
$('#streamContent').fadeToggle(100,function() {
|
||||
if($('#streamContent').is(":visible")) {
|
||||
$.getJSON('<?php echo $MCONF['home_uri'];?>admin/stream.php?getStream&limit=10', function (streamData) {
|
||||
$('#streamContent').html('');
|
||||
$.each(streamData, function (key, val) {
|
||||
$('#streamContent').append('<p>' + val.message + ' (' + moment(val.time * 1000).fromNow() + ')</p>');
|
||||
});
|
||||
$('#streamContent').append('<a href="<?php echo $MCONF['home_uri'];?>admin/stream.php" class="button">Mehr</a>');
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
//showStream
|
||||
function showStream() {
|
||||
$('#streamContent').fadeToggle(100, function () {
|
||||
if ($('#streamContent').is(":visible")) {
|
||||
$.getJSON('<?php echo $MCONF['home_uri'];?>admin/stream.php?getStream&limit=10', function (streamData) {
|
||||
$('#streamContent').html('');
|
||||
$.each(streamData, function (key, val) {
|
||||
$('#streamContent').append('<p>' + val.message + ' (' + moment(val.time * 1000).fromNow() + ')</p>');
|
||||
});
|
||||
$('#streamContent').append('<a href="<?php echo $MCONF['home_uri'];?>admin/stream.php" class="button">Mehr</a>');
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
$(document).ready(function () {
|
||||
function closeW() {
|
||||
$('.overlay').fadeOut(200);
|
||||
$('.overlay').html('');
|
||||
}
|
||||
|
||||
//Router
|
||||
$('#topnav').addClass('no-transition');
|
||||
function sendPost(ctx, requestData) {
|
||||
$.ajax({
|
||||
url: ctx.canonicalPath,
|
||||
type: 'POST',
|
||||
cache: false,
|
||||
data: requestData,
|
||||
beforeSend: function () {
|
||||
showTopLoader();
|
||||
},
|
||||
complete: function () {
|
||||
hideTopLoader();
|
||||
},
|
||||
success: function (result) {
|
||||
$("#loader").html(result);
|
||||
},
|
||||
error: function (xhr, status, error) {
|
||||
console.log(status, error);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
page('*', findPage);
|
||||
page();
|
||||
$(document).ready(function () {
|
||||
|
||||
pageBodyParser();
|
||||
//Router
|
||||
$('#topnav').addClass('no-transition');
|
||||
|
||||
function findPage(ctx, next) {
|
||||
if(!ctx.init) {
|
||||
if (ctx.body) { //If POST-Request, send Post via ajax
|
||||
page('*', findPage);
|
||||
page();
|
||||
|
||||
var isAjax = false;
|
||||
var requestData = 'direct=true';
|
||||
var editorname = '';
|
||||
//console.log(typeof(tinyMCE));
|
||||
if (typeof(tinyMCE) != "undefined" && tinyMCE.activeEditor != null) {editorname = $('#' + tinyMCE.activeEditor.id).attr("name");}//Get the new Content, not the old
|
||||
pageBodyParser();
|
||||
|
||||
for (var key in ctx.body) {
|
||||
if (!ctx.body.hasOwnProperty(key)) continue;
|
||||
function findPage(ctx, next) {
|
||||
if (!ctx.init) {
|
||||
if (ctx.body) { //If POST-Request, send Post via ajax
|
||||
|
||||
//If we have content edited with tinymce, we want the new content to be passed with the POST-Request
|
||||
if(key == editorname) {
|
||||
console.log(tinyMCE);
|
||||
requestData += '&' + key + '=' + encodeURIComponent(tinyMCE.activeEditor.getContent());
|
||||
} else {
|
||||
requestData += '&' + key + '=' + encodeURIComponent(ctx.body[key]);
|
||||
}
|
||||
if(key == 'ajax') isAjax = true;
|
||||
}
|
||||
var isAjax = false;
|
||||
var requestData = 'direct=true';
|
||||
var editorname = '';
|
||||
var needsPwConfirm = false;
|
||||
//console.log(typeof(tinyMCE));
|
||||
if (typeof(tinyMCE) != "undefined" && tinyMCE.activeEditor != null) {
|
||||
editorname = $('#' + tinyMCE.activeEditor.id).attr("name");
|
||||
}//Get the new Content, not the old
|
||||
|
||||
console.log(requestData);
|
||||
for (var key in ctx.body) {
|
||||
if (!ctx.body.hasOwnProperty(key)) continue;
|
||||
|
||||
if(!isAjax) {
|
||||
$.ajax({
|
||||
url: ctx.canonicalPath,
|
||||
type: 'POST',
|
||||
cache: false,
|
||||
data: requestData,
|
||||
beforeSend: function () {
|
||||
showTopLoader();
|
||||
},
|
||||
complete: function () {
|
||||
hideTopLoader();
|
||||
},
|
||||
success: function (result) {
|
||||
$("#loader").html(result);
|
||||
},
|
||||
error: function (xhr, status, error) {
|
||||
console.log(status, error);
|
||||
}
|
||||
});
|
||||
}
|
||||
} else {//Otherwise display Contents
|
||||
//Check users password
|
||||
if (key == 'askPW') {
|
||||
needsPwConfirm = true;
|
||||
}
|
||||
|
||||
showTopLoader();
|
||||
//Load Title
|
||||
var title = '';
|
||||
var query = '';
|
||||
if (ctx.querystring != '') {
|
||||
query += '&' + ctx.querystring;
|
||||
}
|
||||
$.get(ctx.pathname + '?title' + query, function (data) {
|
||||
title = data;
|
||||
}).fail(function (e) {
|
||||
if (e.status == 404) {
|
||||
showMsg('<?php echo $lang->get('404_not_found');?> (' + e.statusText + ')');
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
});
|
||||
//If we have content edited with tinymce, we want the new content to be passed with the POST-Request
|
||||
if (key == editorname) {
|
||||
console.log(tinyMCE);
|
||||
requestData += '&' + key + '=' + encodeURIComponent(tinyMCE.activeEditor.getContent());
|
||||
} else {
|
||||
requestData += '&' + key + '=' + encodeURIComponent(ctx.body[key]);
|
||||
}
|
||||
if (key == 'ajax') isAjax = true;
|
||||
}
|
||||
|
||||
//Load Content
|
||||
$.get(ctx.pathname + '?direct' + query, function (data) {
|
||||
hideTopLoader();
|
||||
if (data == 'Login First.') {
|
||||
location.reload();
|
||||
} else {
|
||||
$("#loader").html(data);
|
||||
//Confirm user password
|
||||
if (needsPwConfirm) {
|
||||
$('#showMsg').html('<div class="overlay" style="display:none;"><div class="window-confirm"><div class="head"><?php echo $lang->get('legitimate_title')?><a onclick="closeW();" class="closeMsg"><i class="fa fa-close"></i></a></div><div id="content"></div></div></div>');
|
||||
$('#content').append('<p><?php echo $lang->get('legitimate_text')?></p><p><input type="password" placeholder="<?php echo $lang->get('password')?>" id="password_legitimate" autofocus/><input type="submit" value="<?php echo $lang->get('legitimate_confirm')?>" id="legitimateSmbt"/><a onclick="closeW();" class="button btn_del"><?php echo $lang->get('legitimate_abort')?></a></p><span id="sendMsg"></span>');
|
||||
$('#password_legitimate').focus();
|
||||
$(".overlay").fadeIn(250);
|
||||
|
||||
//Set Title
|
||||
$("#title").html(title);
|
||||
document.title = title + ' | <?php echo $lang->get('admin_title') . ' | ' . $MCONF['title']?>';
|
||||
$('#legitimateSmbt').click(function () {
|
||||
$.ajax({
|
||||
url: 'login.php?checkPassword',
|
||||
type: 'POST',
|
||||
cache: false,
|
||||
data: 'pw=' + $('#password_legitimate').val(),
|
||||
success: function (result) { // On success, display a message...
|
||||
if (result == 'success') {
|
||||
closeW();
|
||||
|
||||
//Update Menu
|
||||
$('li').each(function (index) {
|
||||
$(this).removeClass('active');
|
||||
});
|
||||
//Send the request
|
||||
if (!isAjax) {
|
||||
sendPost(ctx, requestData);
|
||||
}
|
||||
} else if (result == 'fail') {
|
||||
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_fail')?></p>');
|
||||
} else {
|
||||
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_error')?></p>');
|
||||
}
|
||||
},
|
||||
error: function (xhr, status, error) {
|
||||
console.log(status, error);
|
||||
showMsg('<?php echo $lang->get('legitimate_error')?>');
|
||||
}
|
||||
});
|
||||
});
|
||||
} else {
|
||||
if (!isAjax) {
|
||||
sendPost(ctx, requestData);
|
||||
}
|
||||
}
|
||||
} else {//Otherwise display Contents
|
||||
|
||||
//Find Class & Parent for menu
|
||||
var menuitem = 'mw-menu-' + ctx.path.replace(/\//g, '-').replace('.php', '').replace('?', '').replace('&', '').replace('=', '');
|
||||
//console.log(menuitem);
|
||||
$('#' + menuitem).addClass('active');
|
||||
showTopLoader();
|
||||
//Load Title
|
||||
var title = '';
|
||||
var query = '';
|
||||
if (ctx.querystring != '') {
|
||||
query += '&' + ctx.querystring;
|
||||
}
|
||||
$.get(ctx.pathname + '?title' + query, function (data) {
|
||||
title = data;
|
||||
}).fail(function (e) {
|
||||
if (e.status == 404) {
|
||||
showMsg('<?php echo $lang->get('404_not_found');?> (' + e.statusText + ')');
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
});
|
||||
|
||||
//Find Top item
|
||||
var topitems = menuitem.split('-');
|
||||
//console.log(topitems);
|
||||
$('#' + 'mw-menu-' + topitems[2] + '-' + topitems[3] + '-top').addClass('active');
|
||||
if (topitems[3] == 'roles' || topitems[3] == 'users' || topitems[3] == 'permissions' || topitems[3] == 'new_user') {
|
||||
$('#' + 'mw-menu-admin-users-top').addClass('active');
|
||||
}
|
||||
//Load Content
|
||||
$.get(ctx.pathname + '?direct' + query, function (data) {
|
||||
hideTopLoader();
|
||||
if (data == 'Login First.') {
|
||||
location.reload();
|
||||
} else {
|
||||
$("#loader").html(data);
|
||||
|
||||
//Get CSS
|
||||
//Set Title
|
||||
$("#title").html(title);
|
||||
document.title = title + ' | <?php echo $lang->get('admin_title') . ' | ' . $MCONF['title']?>';
|
||||
|
||||
//Update Menu
|
||||
$('li').each(function (index) {
|
||||
$(this).removeClass('active');
|
||||
});
|
||||
|
||||
//Find Class & Parent for menu
|
||||
var menuitem = 'mw-menu-' + ctx.path.replace(/\//g, '-').replace('.php', '').replace('?', '').replace('&', '').replace('=', '');
|
||||
//console.log(menuitem);
|
||||
$('#' + menuitem).addClass('active');
|
||||
|
||||
//Find Top item
|
||||
var topitems = menuitem.split('-');
|
||||
//console.log(topitems);
|
||||
$('#' + 'mw-menu-' + topitems[2] + '-' + topitems[3] + '-top').addClass('active');
|
||||
if (topitems[3] == 'roles' || topitems[3] == 'users' || topitems[3] == 'permissions' || topitems[3] == 'new_user') {
|
||||
$('#' + 'mw-menu-admin-users-top').addClass('active');
|
||||
}
|
||||
|
||||
//Get CSS
|
||||
$('#addedCss').remove(); // Remove old CSS
|
||||
$.get(ctx.pathname + '?css' + query, function (data) {
|
||||
if(data.css) {
|
||||
for(var i = 0; i < data.css_files.length; i++) {
|
||||
if (data.css) {
|
||||
for (var i = 0; i < data.css_files.length; i++) {
|
||||
var cssFile = data.css_files[i];
|
||||
$('head').append('<link rel="stylesheet" href="' + data.fullUri + cssFile + '" type="text/css" id="addedCss">');
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
}).fail(function (e) {
|
||||
if (e.status == 404) {
|
||||
showMsg('<?php echo $lang->get('404_not_found');?> (' + e.statusText + ')');
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
}
|
||||
}).fail(function (e) {
|
||||
if (e.status == 404) {
|
||||
showMsg('<?php echo $lang->get('404_not_found');?> (' + e.statusText + ')');
|
||||
} else {
|
||||
showMsg('Error.');
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
}
|
Loading…
Reference in New Issue