<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2006 The Nucleus Group
+ * Copyright (C) 2002-2011 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
*/
/**
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2006 The Nucleus Group
- * @version $Id: index.php,v 1.7 2006-07-17 20:01:39 kimitake Exp $
- * $NucleusJP: index.php,v 1.6 2005/08/13 07:33:45 kimitake Exp $
+ * @copyright Copyright (C) 2002-2011 The Nucleus Group
+ * @version $Id$
+ * $NucleusJP: index.php,v 1.8.2.1 2007/09/07 07:36:09 kimitake Exp $
*/
// we are using admin stuff:
$CONF = array();
$CONF['UsingAdminArea'] = 1;
// include the admin code
- include('../config.php');
+ require_once('../config.php');
if ($CONF['alertOnSecurityRisk'] == 1)
{
// check if files exist and generate an error if so
$aFiles = array(
- '../install.sql' => 'install.sql should be deleted',
- '../install.php' => 'install.php should be deleted',
- 'upgrades' => 'nucleus/upgrades directory should be deleted',
- 'convert' => 'nucleus/convert directory should be deleted'
+ '../install' => _ERRORS_INSTALLDIR,
+ 'upgrades' => _ERRORS_UPGRADESDIR,\r
+ 'convert' => _ERRORS_CONVERTDIR\r
);
$aFound = array();
foreach($aFiles as $fileName => $fileDesc)
array_push($aFound, $fileDesc);
}
if (@is_writable('../config.php')) {
- array_push($aFound, 'config.php should be non-writable (chmod to 444)');
+ array_push($aFound, _ERRORS_CONFIGPHP);
}
if (sizeof($aFound) > 0)
{
startUpError(
- '<p>One or more of the Nucleus installation files are still present on the webserver, or are writable.</p><p>You should remove these files or change their permissions to ensure security. Here are the files that were found by Nucleus</p> <ul><li>'. implode($aFound, '</li><li>').'</li></ul><p>If you don\'t want to see this error message again, without solving the problem, set <code>$CONF[\'alertOnSecurityRisk\']</code> in <code>globalfunctions.php</code> to <code>0</code>, or do this at the end of <code>config.php</code>.</p>',
- 'Security Risk'
+ _ERRORS_STARTUPERROR1. implode($aFound, '</li><li>')._ERRORS_STARTUPERROR2,\r
+ _ERRORS_STARTUPERROR3\r
);
}
}
- $bNeedsLogin = false;
+ $bNeedsLogin = false;
$bIsActivation = in_array($action, array('activate', 'activatesetpwd'));
if ($action == 'logout')
- $bNeedsLogin = true;
+ $bNeedsLogin = true;\r
if (!$member->isLoggedIn() && !$bIsActivation)
- $bNeedsLogin = true;
+ $bNeedsLogin = true;\r
// show error if member cannot login to admin
if ($member->isLoggedIn() && !$member->canLogin() && !$bIsActivation) {
- $error = _ERROR_LOGINDISALLOWED;
+ $error = _ERROR_LOGINDISALLOWED;
$bNeedsLogin = true;
}
$action = 'showlogin';
}
- sendContentType('application/xhtml+xml', 'admin-' . $action);
+ sendContentType('text/html', 'admin-' . $action);
$admin = new ADMIN();
$admin->action($action);