Updates mostly to /user/ templates. v0.7.9

modusinternet · Dec 16, 2023 · 43d09e4 · 43d09e4
1 parent d700dda
commit 43d09e4
Show file tree

Hide file tree

Showing 39 changed files with 1,412 additions and 851 deletions.
diff --git a/ccms-setup-db.sql b/ccms-setup-db.sql
@@ -61,8 +61,7 @@ INSERT INTO `ccms_headers` (`id`, `status`, `name`, `value`, `note`) VALUES
 (6, 1, 'X-UA-Compatible', 'IE=Edge', 'Use this to force IE to hide that annoying browser compatibility button in the address bar.<br>\nIE=edge means IE should use the latest (edge) version of its rendering engine.'),
 (7, 1, 'Strict-Transport-Security', 'max-age=31536000; includeSubDomains', 'HSTS (HTTP Strict Transport Security) header to ensure all communication from a browser is sent over HTTPS (HTTP Secure).'),
 (8, 1, 'Referrer-Policy', 'strict-origin-when-cross-origin', 'Setting the referrer to \'strict-origin-when-cross-origin\' means, requests for resource hosted somewhere else, like a Content Delivery Network (CDN), don\'t include anything else in the URI other than the protocol and the domain name. ie: https://example.com'),
-(9, 1, 'Expect-CT', 'enforce, max-age=43200', 'A new header still in experimental status is to instruct the browser to validate the connection with web servers for certificate transparency (CT). This project aims to fix some of the flaws in the SSL/TLS certificate system.<br>\nhttps://certificate.transparency.dev/<br>\nhttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT<br>\nhttps://docs.report-uri.com/setup/ect/'),
-(10, 1, 'Content-Security-Policy', 'base-uri \'none\'; connect-src \'self\' https: *.cloudfront.net *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; form-action \'self\'; frame-ancestors \'self\'; img-src \'self\' data: https: *.cloudfront.net *.doubleclick.net *.gstatic.com *.google-analytics.com *.googleapis.com *.googleusercontent.com *.googletagmanager.com *.google.com *.gravatar.com; object-src \'none\'; worker-src \'self\'; script-src \'self\' https: \'nonce-{NONCE}\' \'strict-dynamic\' \'unsafe-inline\'{UNSAFE-EVAL}; script-src-attr \'nonce-{NONCE}\' \'strict-dynamic\';', '');
+(9, 1, 'Content-Security-Policy', 'base-uri \'none\'; connect-src \'self\' https: *.cloudfront.net *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com; form-action \'self\'; frame-ancestors \'self\'; img-src \'self\' data: https: *.cloudfront.net *.doubleclick.net *.gstatic.com *.google-analytics.com *.googleapis.com *.googleusercontent.com *.googletagmanager.com *.google.com *.gravatar.com; object-src \'none\'; worker-src \'self\'; script-src \'self\' https: \'nonce-{NONCE}\' \'strict-dynamic\' \'unsafe-inline\'{UNSAFE-EVAL}; script-src-attr \'nonce-{NONCE}\' \'strict-dynamic\';', '');
 
 -- --------------------------------------------------------
 

diff --git a/ccms-setup.php b/ccms-setup.php
@@ -630,7 +630,7 @@
 					*/
 					$options = ['cost' => 10];
 					$hash = password_hash($_REQUEST["password"], PASSWORD_BCRYPT, $options);
-					$priv = '{"dashboard":2,"admin":{"rw":1,"sub":{"blacklist_settings":2,"github":2,"language_support":2,"other_controls":2,"user_privileges":2}},"content_groups":1,"content_manager":{"rw":1,"sub":{"ar":2,"bn":2,"de":2,"de-at":2,"de-ch":2,"de-de":2,"de-li":2,"de-lu":2,"en":2,"en-au":2,"en-bz":2,"en-ca":2,"en-gb":2,"en-ie":2,"en-jm":2,"en-nz":2,"en-ph":2,"en-tt":2,"en-us":2,"en-za":2,"en-zw":2,"es":2,"es-ar":2,"es-bo":2,"es-cl":2,"es-co":2,"es-cr":2,"es-do":2,"es-ec":2,"es-es":2,"es-gt":2,"es-hn":2,"es-mx":2,"es-ni":2,"es-pa":2,"es-pe":2,"es-pr":2,"es-py":2,"es-sv":2,"es-uy":2,"es-ve":2,"fr":2,"fr-be":2,"fr-ca":2,"fr-ch":2,"fr-fr":2,"fr-lu":2,"fr-mc":2,"he":2,"hi":2,"ja":2,"ko":2,"ko-kp":2,"ko-kr":2,"ms":2,"nb-no":2,"pt":2,"ru":2,"vi":2,"zh":2,"zh-cn":2,"zh-tw":2}}}';
+					$priv = '{"dashboard":2,"admin":{"rw":1,"sub":{"backup_restore":2,"blacklist":2,"github":2,"language_support":2,"other_controls":2,"user_privileges":2}},"content_groups":1,"content_manager":{"rw":1,"sub":{"ar":2,"bn":2,"de":2,"de-at":2,"de-ch":2,"de-de":2,"de-li":2,"de-lu":2,"en":2,"en-au":2,"en-bz":2,"en-ca":2,"en-gb":2,"en-ie":2,"en-jm":2,"en-nz":2,"en-ph":2,"en-tt":2,"en-us":2,"en-za":2,"en-zw":2,"es":2,"es-ar":2,"es-bo":2,"es-cl":2,"es-co":2,"es-cr":2,"es-do":2,"es-ec":2,"es-es":2,"es-gt":2,"es-hn":2,"es-mx":2,"es-ni":2,"es-pa":2,"es-pe":2,"es-pr":2,"es-py":2,"es-sv":2,"es-uy":2,"es-ve":2,"fr":2,"fr-be":2,"fr-ca":2,"fr-ch":2,"fr-fr":2,"fr-lu":2,"fr-mc":2,"he":2,"hi":2,"ja":2,"ko":2,"ko-kp":2,"ko-kr":2,"ms":2,"nb-no":2,"pt":2,"ru":2,"vi":2,"zh":2,"zh-cn":2,"zh-tw":2}}}';
 					$qry = $CFG["DBH"]->prepare("INSERT INTO `ccms_user` (`id`, `email`, `hash`, `status`, `alias`, `super`, `priv`, `firstname`, `lastname`, `position`, `phone1`, `phone2`, `facebook`, `skype`, `note`, `address1`, `address2`, `prov_state`, `country`, `post_zip`, `nav_toggle`, `2fa_secret`) VALUES (NULL, :email, :hash, '1', :alias, '1', :priv, '', '', '', '', '', '', '', '', '', '', '', '', '', '1', :2fa_secret);");
 					$qry->execute(array(':email' => $_REQUEST["email"], ':hash' => $hash, ':alias' => $_REQUEST["alias"], ':priv' => $priv, ':2fa_secret' => $_REQUEST["2fa_secret"]));
 				}

diff --git a/ccmslib/_default.php b/ccmslib/_default.php
@@ -1,4 +1,78 @@
 <?php
+/*
+$aws_flag = if not null append AWS link.
+$lng_flag = if not null append language code to link.
+$path = a variable found in the config file that represents a partial pathway to the style sheet. (Not including details about AWS, language code, or language direction.)
+$dir_flag = if not null append language direction to link
+$ver_numb, this is very helpful when trying to update files like css and js that don't get called by serviceWorker after they are stored. (empty = do not append '?v=some_number' to the URL.)
+Example: {CCMS_LIB:_default.php;FUNC:ccms_build_js_link("","","JS-01","","1")}
+*/
+function ccms_build_js_link($aws_flag, $lng_flag, $path, $dir_flag, $ver_numb){
+	global $CFG;
+	/* If $path is not found in the config.php file then do nothing. */
+	if(!isset($CFG["RES"][$path])) return;
+	$url = "";
+	if($aws_flag){
+		if($CFG["RES"]["AWS"]){
+			$url .= $CFG["RES"]["AWS"];
+		}
+	}
+	/* We do this for safety to help just incase the script calling this function requests the AWS code and the language code by accident.  We never ask for language code ones things are located on AWS. */
+	if($lng_flag){
+		if(!$aws_flag){
+			$url .= "/" . ccms_lng_ret();
+		}
+	}
+	$url .= $CFG["RES"][$path];
+	if($dir_flag){
+		$url .= "-" . ccms_lng_dir_ret();
+	}
+	$url .= '.js';
+	if($ver_numb){
+		$url .= "?v=" . $ver_numb;
+	}
+	echo $url;
+}
+
+
+/*
+$aws_flag = if not null append AWS link
+$lng_flag = if not null append language code to link
+$path = a variable found in the config file that represents a partial pathway to the style sheet, not including and details about AWS, language code, or language direction)
+$dir_flag = if not null append language direction to link
+$ver_numb, this is very helpful when trying to update files like css and js that don't get called by serviceWorker after they are stored. (empty = do not append '?v=some_number' to the URL.)
+Example: {CCMS_LIB:_default.php;FUNC:ccms_build_css_link("","","CSS-01","1", "1")}
+*/
+function ccms_build_css_link($aws_flag, $lng_flag, $path, $dir_flag, $ver_numb){
+	global $CFG;
+	/* If $path is not found in the config.php file then do nothing. */
+	if(!isset($CFG["RES"][$path])) return;
+	$buff = 'var l=document.createElement("link");l.rel="stylesheet";l.href="';
+	$url = "";
+	if($aws_flag){
+		if($CFG["RES"]["AWS"]){
+			$url .= $CFG["RES"]["AWS"];
+		}
+	}
+	/* We do this for safety to help just incase the script calling this function requests the AWS code and the language code by accident.  We never ask for language code ones things are located on AWS. */
+	if($lng_flag){
+		if(!$aws_flag){
+			$url .= "/" . ccms_lng_ret();
+		}
+	}
+	$url .= $CFG["RES"][$path];
+	if($dir_flag){
+		$url .= "-" . ccms_lng_dir_ret();
+	}
+	$url .= '.css';
+	if($ver_numb){
+		$url .= "?v=" . $ver_numb;
+	}
+	$buff .= $url . '";';
+	echo $buff .= 'var h=document.getElementsByTagName("head")[0];h.parentNode.insertBefore(l,h);';
+}
+
+
 function ccms_cfgDomain() {
 	global $CFG;
 	echo $CFG["DOMAIN"];
@@ -145,29 +219,32 @@ function ccms_user_admin_slider() {
 					<span class="slider round"></span>
 				</label>
 			</div>
+			<div style="cursor:help" title="Languages found in database which may or maynot currently be set live">
+				Language List:
+			</div>
 			<ul id="CCMSlng-list">
-		<?php
-		$tpl = htmlspecialchars(preg_replace('/^\/([\pL\pN-]*)\/?(.*)\z/i', '${2}', $_SERVER['REQUEST_URI']));
-		$qry = $CFG["DBH"]->prepare("SELECT * FROM `ccms_lng_charset` ORDER BY lngDesc ASC;");
-		if($qry->execute()) {
-			while($row = $qry->fetch()) {
-				if($json_a["content_manager"]["rw"] === 1 && $json_a["content_manager"]["sub"][$row["lng"]] !== 0) {
-					// So long as you do have 'content_manager' read privileges (1), and the language your trying to access is not flagged on your account as 'No Access' (0) then it should show up in the list.
-					if($row["ptrLng"]) {
-						echo '<li id="ccms_lng-' . $row["lng"] . '"><a href="/' . $row["ptrLng"] . '/' . $tpl . '" title="Points to lng code: ' . $row["ptrLng"] . '">' . $row["lngDesc"] . '</a></li>';
-					} else {
-						echo '<li id="ccms_lng-' . $row["lng"] . '"';
-
-						if($row["lng"] === $CLEAN["ccms_lng"]){
-							echo ' style="text-decoration:underline dashed"';
-						}
+<?php
+$tpl = htmlspecialchars(preg_replace('/^\/([\pL\pN-]*)\/?(.*)\z/i', '${2}', $_SERVER['REQUEST_URI']));
+$qry = $CFG["DBH"]->prepare("SELECT * FROM `ccms_lng_charset` ORDER BY lngDesc ASC;");
+if($qry->execute()) {
+	while($row = $qry->fetch()) {
+		if($json_a["content_manager"]["rw"] === 1 && $json_a["content_manager"]["sub"][$row["lng"]] !== 0) {
+			// So long as you do have 'content_manager' read privileges (1), and the language your trying to access is not flagged on your account as 'No Access' (0) then it should show up in the list.
+			if($row["ptrLng"]) {
+				echo '<li id="ccms_lng-' . $row["lng"] . '"><a href="/' . $row["ptrLng"] . '/' . $tpl . '" title="Points to lng code: ' . $row["ptrLng"] . '">' . $row["lngDesc"] . '</a></li>';
+			} else {
+				echo '<li id="ccms_lng-' . $row["lng"] . '"';
 
-						echo '><a href="/' . $row["lng"] . '/' . $tpl . '" title="lng code: ' . $row["lng"] . '">' . $row["lngDesc"] . '</a></li>';
-					}
+				if($row["lng"] === $CLEAN["ccms_lng"]){
+					echo ' style="text-decoration:underline dashed"';
 				}
+
+				echo '><a href="/' . $row["lng"] . '/' . $tpl . '" title="lng code: ' . $row["lng"] . '">' . $row["lngDesc"] . '</a></li>';
 			}
 		}
-		?>
+	}
+}
+?>
 			</ul>
 			<div>
 				<a href="/<?php echo $CLEAN["ccms_lng"]; ?>/user/" style="float:left" title="Dashboard">

diff --git a/ccmstpl/examples/_css/header.html b/ccmstpl/examples/_css/header.html
@@ -55,7 +55,7 @@
 	color:var(--cl1);
 	background-color:var(--cl0);
 	font:300 2.6rem/3.5rem "Open Sans",sans-serif;
-	opacity:0;
+	/*opacity:0;*/
 	padding:20px;
 }
 

diff --git a/ccmstpl/examples/_js/footer-js.html b/ccmstpl/examples/_js/footer-js.html
@@ -1,6 +1,8 @@
 if('serviceWorker' in navigator) {
 	window.addEventListener('load', function() {
-		navigator.serviceWorker.register('/serviceworker.php',{scope:'/'}).then(function(registration) {
+		navigator.serviceWorker.register('/serviceworker.php',{
+			scope:'/'
+		}).then(function(registration) {
 			console.log('SW registered.');
 		}, function(err) {
 			console.log('SW registration failed: ', err);
@@ -15,3 +17,15 @@
 }else if(window.attachEvent){
 	window.attachEvent("onload",loadJSResources);
 }else{window.onload=loadJSResources;}
+
+/* Loading Screen START */
+window.setTimeout(function(){
+	document.getElementById("loading_svg").style.opacity="0";
+	window.setTimeout(function(){
+		document.getElementById("loading_svg").style.display="none";
+	},500);
+},500);
+window.setTimeout(function(){
+	document.getElementsByTagName("body")[0].style.opacity="1";
+},100);
+/* Loading Screen END */
diff --git a/ccmstpl/examples/_js/main.js b/ccmstpl/examples/_js/main.js
@@ -1,4 +1,4 @@
-/* Loading Screen START */
+/* Loading Screen START
 window.setTimeout(function(){
 	document.getElementById("loading_svg").style.opacity="0";
 	window.setTimeout(function(){
@@ -8,21 +8,17 @@ window.setTimeout(function(){
 window.setTimeout(function(){
 	document.getElementsByTagName("body")[0].style.opacity="1";
 },250);
-/* Loading Screen END */
+Loading Screen END */
 
 
 /* Active link selector START */
 try{
-	activeArray_01.forEach(function(id){
-		var element = document.getElementById(id);
-		element.classList.add("active");
-	})
-	activeArray_02.forEach(function(id){
+	activeArray.forEach(function(id){
 		var element = document.getElementById(id);
 		element.classList.add("active");
 	})
 }catch(e){
-	/*console.log(e);*/
+	console.log(e);
 }
 /* Active link selector END */