-<?php\r
-/*\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
- * Copyright (C) 2002-2005 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- */\r
-/**\r
- * @license http://nucleuscms.org/license.txt GNU General Public License\r
- * @copyright Copyright (C) 2002-2005 The Nucleus Group\r
- * @version $Id: index.php,v 1.6 2005-08-13 07:33:45 kimitake Exp $\r
- * $NucleusJP: index.php,v 1.5 2005/03/16 07:55:05 kimitake Exp $\r
- */\r
- // we are using admin stuff:\r
- $CONF = array();\r
- $CONF['UsingAdminArea'] = 1;\r
-\r
- // include the admin code\r
- include('../config.php');\r
-\r
- if ($CONF['alertOnSecurityRisk'] == 1)\r
- {\r
- // check if files exist and generate an error if so\r
- $aFiles = array(\r
- '../install.sql' => 'install.sql should be deleted',\r
- '../install.php' => 'install.php should be deleted',\r
- 'upgrades' => 'nucleus/upgrades directory should be deleted',\r
- 'convert' => 'nucleus/convert directory should be deleted'\r
- );\r
- $aFound = array();\r
- foreach($aFiles as $fileName => $fileDesc)\r
- {\r
- if (@file_exists($fileName))\r
- array_push($aFound, $fileDesc);\r
- }\r
- if (@is_writable('../config.php')) {\r
- array_push($aFound, 'config.php should be non-writable (chmod to 444)');\r
- }\r
- if (sizeof($aFound) > 0)\r
- {\r
- startUpError(\r
- '<p>One or more of the Nucleus installation files are still present on the webserver, or are writable.</p><p>You should remove these files or change their permissions to ensure security. Here are the files that were found by Nucleus</p> <ul><li>'. implode($aFound, '</li><li>').'</li></ul><p>If you don\'t want to see this error message again, without solving the problem, set <code>$CONF[\'alertOnSecurityRisk\']</code> in <code>globalfunctions.php</code> to <code>0</code>, or do this at the end of <code>config.php</code>.</p>',\r
- 'Security Risk'\r
- );\r
- }\r
- }\r
-\r
- $bNeedsLogin = false;\r
- $bIsActivation = in_array($action, array('activate', 'activatesetpwd'));\r
- \r
- if ($action == 'logout') \r
- $bNeedsLogin = true; \r
- \r
- if (!$member->isLoggedIn() && !$bIsActivation)\r
- $bNeedsLogin = true;\r
-\r
- // show error if member cannot login to admin\r
- if ($member->isLoggedIn() && !$member->canLogin() && !$bIsActivation) {\r
- $error = _ERROR_LOGINDISALLOWED;\r
- $bNeedsLogin = true;\r
- }\r
- \r
- if ($bNeedsLogin)\r
- {\r
- setOldAction($action); // see ADMIN::login() (sets old action in POST vars)\r
- $action = 'showlogin';\r
- }\r
-\r
- sendContentType('application/xhtml+xml', 'admin-' . $action);\r
- \r
- $admin = new ADMIN();\r
- $admin->action($action);\r
-?>\r
+<?php
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2007 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @version $Id: index.php,v 1.9 2008-02-08 09:31:22 kimitake Exp $
+ * $NucleusJP: index.php,v 1.8.2.1 2007/09/07 07:36:09 kimitake Exp $
+ */
+ // we are using admin stuff:
+ $CONF = array();
+ $CONF['UsingAdminArea'] = 1;
+
+ // include the admin code
+ include('../config.php');
+
+ if ($CONF['alertOnSecurityRisk'] == 1)
+ {
+ // check if files exist and generate an error if so
+ $aFiles = array(
+ '../install.sql' => 'install.sql should be deleted',
+ '../install.php' => 'install.php should be deleted',
+ 'upgrades' => 'nucleus/upgrades directory should be deleted',
+ 'convert' => 'nucleus/convert directory should be deleted'
+ );
+ $aFound = array();
+ foreach($aFiles as $fileName => $fileDesc)
+ {
+ if (@file_exists($fileName))
+ array_push($aFound, $fileDesc);
+ }
+ if (@is_writable('../config.php')) {
+ array_push($aFound, 'config.php should be non-writable (chmod to 444)');
+ }
+ if (sizeof($aFound) > 0)
+ {
+ startUpError(
+ '<p>One or more of the Nucleus installation files are still present on the webserver, or are writable.</p><p>You should remove these files or change their permissions to ensure security. Here are the files that were found by Nucleus</p> <ul><li>'. implode($aFound, '</li><li>').'</li></ul><p>If you don\'t want to see this error message again, without solving the problem, set <code>$CONF[\'alertOnSecurityRisk\']</code> in <code>globalfunctions.php</code> to <code>0</code>, or do this at the end of <code>config.php</code>.</p>',
+ 'Security Risk'
+ );
+ }
+ }
+
+ $bNeedsLogin = false;
+ $bIsActivation = in_array($action, array('activate', 'activatesetpwd'));
+
+ if ($action == 'logout')
+ $bNeedsLogin = true;
+
+ if (!$member->isLoggedIn() && !$bIsActivation)
+ $bNeedsLogin = true;
+
+ // show error if member cannot login to admin
+ if ($member->isLoggedIn() && !$member->canLogin() && !$bIsActivation) {
+ $error = _ERROR_LOGINDISALLOWED;
+ $bNeedsLogin = true;
+ }
+
+ if ($bNeedsLogin)
+ {
+ setOldAction($action); // see ADMIN::login() (sets old action in POST vars)
+ $action = 'showlogin';
+ }
+
+ sendContentType('text/html', 'admin-' . $action);
+
+ $admin = new ADMIN();
+ $admin->action($action);
+?>
\ No newline at end of file