Bug fixes

.gitignore

@@ -8,3 +8,4 @@ bl-plugins/discovery
 bl-kernel/bludit.pro.php
 bl-themes/docs
 bl-themes/docsx
+bl-themes/mediumish

bl-kernel/admin/controllers/content.php

@@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
 
-checkRole(array('admin', 'moderator'));
+checkRole(array('admin', 'editor'));
 
 // ============================================================================
 // Functions

bl-kernel/admin/controllers/edit-content.php

@@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
 
-if (!checkRole(array('admin','moderator'), false)) {
+if (!checkRole(array('admin','editor'), false)) {
 	try {
 		$pageKey = isset($_POST['key']) ? $_POST['key'] : $layout['parameters'];
 		$page = new PageX($pageKey);

bl-kernel/admin/controllers/login.php

@@ -31,6 +31,7 @@ function checkLogin($args)
 			Redirect::home();
 		}
 
+		// Other user without the role reader redirect to dashboard
 		Redirect::page('dashboard');
 		return true;
 	}
@@ -40,7 +41,6 @@ function checkLogin($args)
 
 	// Create alert
 	Alert::set($Language->g('Username or password incorrect'), ALERT_STATUS_FAIL);
-
 	return false;
 }
 

bl-kernel/admin/controllers/new-content.php

@@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
 
-checkRole(array('admin', 'moderator', 'editor'));
+checkRole(array('admin', 'editor'));
 
 // ============================================================================
 // Functions

bl-kernel/admin/themes/booty/html/sidebar.php

@@ -16,6 +16,13 @@
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'new-content' ?>"><span class="oi oi-plus"></span><?php $L->p('New content') ?></a>
 	</li>
 
+	<?php if (checkRole(array('editor'),false)): ?>
+
+	<li class="nav-item">
+		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'content' ?>"><span class="oi oi-layers"></span><?php $L->p('Content') ?></a>
+	</li>
+	<?php endif; ?>
+
 	<?php if (checkRole(array('admin'),false)): ?>
 
 	<li class="nav-item mt-3">
@@ -24,6 +31,7 @@
 	<li class="nav-item">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'content' ?>"><?php $L->p('Content') ?></a>
 	</li>
+
 	<li class="nav-item">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'categories' ?>"><?php $L->p('Categories') ?></a>
 	</li>
@@ -57,7 +65,6 @@
 				}
 			}
 		?>
-
 	<?php endif; ?>
 
 	<li class="nav-item mt-5">

bl-kernel/admin/views/content.php

@@ -57,9 +57,9 @@ function table($type) {
 	<table class="table mt-3">
 		<thead>
 			<tr>
-				<th class="border-0" scope="col">'.$Language->g('Title').'</th>
-				<th class="border-0 d-none d-lg-table-cell" scope="col">'.$Language->g('URL').'</th>
-				<th class="border-0 text-center d-none d-sm-table-cell" scope="col">'.( ((ORDER_BY=='position') || ($type!='published'))?$Language->g('Position'):$Language->g('Creation date')).'</th>
+				<th style="font-size: 0.8em;" class="border-0 text-uppercase text-muted" scope="col">'.$Language->g('Title').'</th>
+				<th style="font-size: 0.8em;" class="border-0 d-none d-lg-table-cell text-uppercase text-muted" scope="col">'.$Language->g('URL').'</th>
+				<th style="font-size: 0.8em;" class="border-0 text-center d-none d-sm-table-cell text-uppercase text-muted" scope="col">Actions</th>
 			</tr>
 		</thead>
 		<tbody>
@@ -111,16 +111,24 @@ function table($type) {
 			try {
 				$page = new PageX($pageKey);
 				echo '<tr>';
-				echo '<td>
-					<a href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">'
-					.($page->title()?$page->title():'<span class="label-empty-title">'.$Language->g('Empty title').'</span> ')
-					.'</a>
+				echo '<td class="pt-3">
+					<div>
+						<a style="font-size: 1.1em" href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">'
+						.($page->title()?$page->title():'<span class="label-empty-title">'.$Language->g('Empty title').'</span> ')
+						.'</a>
+					</div>
+					<div>
+						<p style="font-size: 0.8em" class="m-0 text-uppercase text-muted">'.( ((ORDER_BY=='position') || ($type!='published'))?'Position: '.$page->position():$page->relativeTime() ).'</p>
+					</div>
 				</td>';
 
 				$friendlyURL = Text::isEmpty($url->filters('page')) ? '/'.$page->key() : '/'.$url->filters('page').'/'.$page->key();
-				echo '<td class="d-none d-lg-table-cell"><a target="_blank" href="'.$page->permalink().'">'.$friendlyURL.'</a></td>';
+				echo '<td class="pt-3 d-none d-lg-table-cell"><a target="_blank" href="'.$page->permalink().'">'.$friendlyURL.'</a></td>';
 
-				echo '<td class="text-center d-none d-sm-table-cell">'.( ((ORDER_BY=='position') || ($type!='published'))?$page->position():$page->dateRaw(ADMIN_PANEL_DATE_FORMAT) ).'</td>';
+				echo '<td class="pt-3 text-center d-none d-sm-table-cell">'.PHP_EOL;
+				echo '<a type="button" class="btn btn-secondary btn-sm" href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">Edit</a>'.PHP_EOL;
+				echo '<button type="button" class="btn btn-secondary btn-sm deletePageButton" data-toggle="modal" data-target="#jsdeletePageModal" data-key="'.$page->key().'"><span class="oi oi-trash"></span> Delete</button>'.PHP_EOL;
+				echo '</td>';
 
 				echo '</tr>';
 			} catch (Exception $e) {
@@ -160,6 +168,7 @@ function table($type) {
 	<div class="tab-pane show active" id="pages" role="tabpanel">
 		<?php table('published'); ?>
 
+		<?php if (Paginator::amountOfPages() > 1): ?>
 		<!-- Paginator -->
 		<nav class="paginator">
 			<ul class="pagination flex-wrap justify-content-center">
@@ -186,6 +195,7 @@ function table($type) {
 
 			</ul>
 		</nav>
+		<?php endif; ?>
 	</div>
 
 	<!-- TABS STATIC -->
@@ -208,3 +218,49 @@ function table($type) {
 	<?php table('draft'); ?>
 	</div>
 </div>
+
+<!-- Modal for delete page -->
+<?php echo Bootstrap::modal(array(
+	'modalId'=>'jsdeletePageModal',
+	'modalTitle'=>'Delete content',
+	'modalText'=>'Are you sure you ?',
+	'buttonPrimary'=>'Delete',
+	'buttonPrimaryClass'=>'deletePageModalAcceptButton',
+	'buttonSecondary'=>'Cancel',
+	'buttonSecondaryClass'=>''
+));
+?>
+<script>
+$(document).ready(function() {
+	var key = false;
+
+	// Button for delete a page in the table
+	$(".deletePageButton").on("click", function() {
+		key = $(this).data('key');
+	});
+
+	// Event from button accept from the modal
+	$(".deletePageModalAcceptButton").on("click", function() {
+
+		var form = jQuery('<form>', {
+			'action': HTML_PATH_ADMIN_ROOT+'edit-content/'+key,
+			'method': 'post',
+			'target': '_top'
+		}).append(jQuery('<input>', {
+			'type': 'hidden',
+			'name': 'tokenCSRF',
+			'value': tokenCSRF
+		}).append(jQuery('<input>', {
+			'type': 'hidden',
+			'name': 'key',
+			'value': key
+		}).append(jQuery('<input>', {
+			'type': 'hidden',
+			'name': 'type',
+			'value': 'delete'
+		}))));
+
+		form.hide().appendTo("body").submit();
+	});
+});
+</script>

bl-kernel/admin/views/edit-content.php

@@ -138,10 +138,20 @@
 				<button type="button" class="jsbuttonSave btn btn-primary btn-sm"><?php echo ($page->draft()?$L->g('Publish'):$L->g('Update')) ?></button>
 				<button type="button" class="jsbuttonDraft btn btn-secondary btn-sm"><?php echo $L->g('Save as draft') ?></button>
 			</div>
-			<h4 class="mt-4 mb-4 font-weight-normal">Cover Image</h4>
+			<h4 class="mt-4 mb-4 font-weight-normal">General</h4>
 		</div>
 
 		<?php
+			// Username
+			echo Bootstrap::formInputText(array(
+				'name'=>'',
+				'label'=>'User',
+				'placeholder'=>'',
+				'value'=>$page->username(),
+				'tip'=>'',
+				'disabled'=>true
+			));
+
 			// Date
 			echo Bootstrap::formInputText(array(
 				'name'=>'date',

bl-kernel/admin/views/edit-user.php

@@ -1,9 +1,19 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
-echo Bootstrap::pageTitle(array('title'=>$L->g('Edit user'), 'icon'=>'person'));
-
 echo Bootstrap::formOpen(array());
 
+	echo '
+	<div>
+	<div class="float-right">
+		<button type="submit" class="btn btn-primary btn-sm" name="save">'.$L->g('Save').'</button>
+		<a class="btn btn-secondary btn-sm" href="'.HTML_PATH_ADMIN_ROOT.'users" role="button">'.$L->g('Cancel').'</a>
+	</div>
+	<h2 class="mt-0 mb-3">
+		<span class="oi oi-person" style="font-size: 0.7em;"></span> Edit user
+	</h2>
+	</div>
+	';
+
 	echo Bootstrap::formInputHidden(array(
 		'name'=>'tokenCSRF',
 		'value'=>$security->getTokenCSRF()
@@ -28,7 +38,7 @@
 		echo Bootstrap::formSelect(array(
 			'name'=>'role',
 			'label'=>$L->g('Role'),
-			'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'moderator'=>$L->g('Moderator'), 'admin'=>$L->g('Administrator')),
+			'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')),
 			'selected'=>$user->role(),
 			'class'=>'',
 			'tip'=>''
@@ -46,6 +56,15 @@
 
 	echo Bootstrap::formTitle(array('title'=>$L->g('Profile')));
 
+	echo Bootstrap::formInputText(array(
+		'name'=>'nickname',
+		'label'=>$L->g('Nickname'),
+		'value'=>$user->nickname(),
+		'class'=>'',
+		'placeholder'=>'',
+		'tip'=>'The nickname is almost used in the themes to display the author of the content'
+	));
+
 	echo Bootstrap::formInputText(array(
 		'name'=>'firstName',
 		'label'=>$L->g('First Name'),

bl-kernel/admin/views/new-user.php

@@ -41,7 +41,7 @@
 	echo Bootstrap::formSelect(array(
 		'name'=>'role',
 		'label'=>$L->g('Role'),
-		'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'moderator'=>$L->g('Moderator'), 'admin'=>$L->g('Administrator')),
+		'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')),
 		'selected'=>'reader',
 		'class'=>'',
 		'tip'=>''

bl-kernel/admin/views/users.php

@@ -36,8 +36,6 @@
 		echo '<td>'.($user->enabled()?'<b>'.$L->g('Enabled').'</b>':$L->g('Disabled')).'</td>';
 		if ($user->role()=='admin') {
 			echo '<td>'.$L->g('Administrator').'</td>';
-		} elseif ($user->role()=='moderator') {
-			echo '<td>'.$L->g('Moderator').'</td>';
 		} elseif ($user->role()=='editor') {
 			echo '<td>'.$L->g('Editor').'</td>';
 		} else {

bl-kernel/ajax/user-logged.php

@@ -21,4 +21,4 @@
 )));
 
 
-?>
+?>

bl-kernel/boot/rules/99.security.php

@@ -16,15 +16,15 @@
 // POST Method
 // ============================================================================
 
-if( $_SERVER['REQUEST_METHOD'] == 'POST' )
-{
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 	$token = isset($_POST['tokenCSRF']) ? Sanitize::html($_POST['tokenCSRF']) : false;
-	if( !$security->validateTokenCSRF($token) ) {
-		Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF. Token CSRF ID: '.$token);
+	if (!$security->validateTokenCSRF($token)) {
+		Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF.', ALERT_STATUS_FAIL);
+		Log::set(__FILE__.LOG_SEP.'Token via POST ['.$token.']', ALERT_STATUS_FAIL);
+
 		Session::destroy();
 		Redirect::page('login');
-	}
-	else {
+	} else {
 		unset( $_POST['tokenCSRF'] );
 	}
 }

bl-kernel/dbpages.class.php

@@ -57,7 +57,9 @@ public function add($args, $climode=false)
 
 		// Check values on args and set default values if not exists
 		foreach ($this->dbFields as $field=>$value) {
-			if (isset($args[$field])) {
+			if ($field=='tags') {
+				$finalValue = $this->generateTags($args['tags']);
+			} elseif (isset($args[$field])) {
 				// Sanitize if will be stored on database
 				$finalValue = Sanitize::html($args[$field]);
 			} else {
@@ -100,11 +102,6 @@ public function add($args, $climode=false)
 			$row['uuid'] = $this->generateUUID();
 		}
 
-		// Tags
-		if (!empty($row['tags'])) {
-			$row['tags'] = $this->generateTags($args['tags']);
-		}
-
 		// Validate date
 		if (!Valid::date($row['date'], DB_DATE_FORMAT)) {
 			$row['date'] = Date::current(DB_DATE_FORMAT);
@@ -150,7 +147,9 @@ public function edit($args, $climode=false)
 
 		// Check values on args or set default values
 		foreach ($this->dbFields as $field=>$value) {
-			if (isset($args[$field])) {
+			if ($field=='tags') {
+				$finalValue = $this->generateTags($args['tags']);
+			} elseif (isset($args[$field])) {
 				// Sanitize if will be stored on database
 				$finalValue = Sanitize::html($args[$field]);
 			} else {
@@ -794,23 +793,17 @@ private function stylingFieldsForFile($field, $value)
 	public function generateTags($tags)
 	{
 		$tmp = array();
-
 		$tags = trim($tags);
-
-		if(empty($tags)) {
+		if (empty($tags)) {
 			return $tmp;
 		}
 
-		// Make array
 		$tags = explode(',', $tags);
-
-		foreach($tags as $tag)
-		{
+		foreach ($tags as $tag) {
 			$tag = trim($tag);
 			$tagKey = Text::cleanUrl($tag);
 			$tmp[$tagKey] = $tag;
 		}
-
 		return $tmp;
 	}
 

bl-kernel/dbusers.class.php

@@ -5,7 +5,8 @@ class dbUsers extends dbJSON {
 	public $dbFields = array(
 		'firstName'=>'',
 		'lastName'=>'',
-		'role'=>'editor', // admin, moderator, editor, reader
+		'nickname'=>'',
+		'role'=>'editor', // admin, editor, reader
 		'password'=>'',
 		'salt'=>'!Pink Floyd!Welcome to the machine!',
 		'email'=>'',

bl-kernel/helpers/log.class.php

@@ -4,8 +4,11 @@ class Log {
 
 	public static function set($text, $type=LOG_TYPE_INFO)
 	{
-		$messageType = 0;
+		if (!DEBUG_MODE) {
+			return false;
+		}
 
+		$messageType = 0;
 		if (is_array($text) ) {
 			error_log('------------------------', $messageType);
 			error_log('Array', $messageType);