More modularization

Also changed from using extract on main json file for readability
Will make unconfigured installs prettier later

index.php

@@ -2,33 +2,40 @@
 <html dir="ltr" lang="en-US">
  <head>
   <?php
-   //SRSBIZNUSS below - you probably shouldn't edit this unless you know what you are doing
-   //GET validation/sanitation and parameter variable definitions below
-   if (!empty($_SERVER["HTTPS"])) {
-    $protocol = "http";
-   } else {
-    $protocol = "https";
-   }
-   if (empty($_GET['nav'])) {
-    $nav = '';
-   }
-   else {
-    $nav = $_GET['nav'];
-   }
-   if (empty($_GET['post'])) {
-    $post = '';
-   }
-   else {
-    $post = $_GET['post'];
-   }
+    //SRSBIZNUSS below - you probably shouldn't edit this unless you know what you are doing
+    //GET validation/sanitation and parameter variable definitions below
+    if (!empty($_SERVER["HTTPS"])) {
+      $protocol = "http";
+    } else {
+      $protocol = "https";
+    }
+    if (empty($_GET['nav'])) {
+      $nav = '';
+    }
+    else {
+      $nav = $_GET['nav'];
+    }
+    if (empty($_GET['post'])) {
+      $post = '';
+    }
+    else {
+      $post = $_GET['post'];
+    }
 
-   //input sanitization
-   $pwd=$post;
-   include 'sys/fileshare/sanitize.inc';
-   if ($san == 1) {
-    return(0);
-   };
-   extract(json_decode(file_get_contents('sys/admin/config/main.json'),true));
+    //input sanitization - XXX Why is this in the index? Should only be include in stuff that needs it
+    $pwd=$post;
+    include 'sys/fileshare/sanitize.inc';
+    if ($san == 1) {
+      return(0);
+    };
+    if(file_exists('sys/admin/config/main.json')) {
+      $config = json_decode(file_get_contents('sys/admin/config/main.json'),true);
+    } else {
+      # XXX Need to have manual be hosted in repo under sys/admin/manual
+      echo "</head><body>tCMS has not gone through initial configuration.<br />";
+      echo 'Please see the <a href="https://tcms.troglodyne.net/index.php?nav=5&post=fileshare/manual/Chapter%2000-Introduction.post">tCMS Manual</a> for how to accomplish this.';
+      die("</body></html>");
+    }
   ?>
   <meta charset="utf-8" />
   <meta name="description" content="A Simple CMS by teodesian.net"/>
@@ -48,17 +55,17 @@
    <link rel="stylesheet" type="text/css" href="css/compat/ie6.css">
   <![endif]-->
   <?php
-    if(file_exists($_SERVER['DOCUMENT_ROOT'].'/'.$basedir.'/css/custom/screen.css')) {
+    if(file_exists('/css/custom/screen.css')) {
       echo '<link rel="stylesheet" type="text/css" href="css/custom/screen.css" />';
     }
-    if(file_exists($_SERVER['DOCUMENT_ROOT'].'/'.$basedir.'/css/custom/print.css')) {
+    if(file_exists('css/custom/print.css')) {
       echo '<link rel="stylesheet" type="text/css" href="css/custom/print.css" />';
     }
   ?>
   <link rel="icon" type="image/vnd.microsoft.icon" href="img/icon/favicon.ico" />
   <title>
    <?php
-    echo $htmltitle;
+    echo $config['htmltitle'];
    ?>
   </title>
  </head>
@@ -66,7 +73,7 @@
   <div id="topkek">
    <?php
     //Site's Titlebar comes in here
-    include $toptitle;
+    include $config['toptitle'];
    ?>
   </div>
   <div id="littlemenu">
@@ -74,7 +81,7 @@
   <div id="kontainer">
    <div id="leftbar" class="kontained">
     <?php
-     include $leftbar;
+     include $config['leftbar'];
     ?>
    </div>
    <div id="kontent" class="kontained">
@@ -84,38 +91,38 @@
       elseif case then specify the next number in the nav index along with the
       corresponding file to include above.*/
       if (empty($nav)) {
-        $kontent = $home;
+        $kontent = $config['home'];
       }
       elseif ($nav == 1) {
-        $kontent = $fileshare;
+        $kontent = $config['fileshare'];
       }
       elseif ($nav == 2) {
-        $kontent = $microblog;
+        $kontent = $config['microblog'];
         $editable = 0;
       }
       elseif ($nav == 3) {
-        $kontent = $blog;
+        $kontent = $config['blog'];
       }
       elseif ($nav == 4) {
-        $kontent = $about;
+        $kontent = $config['about'];
       }
       elseif ($nav == 5) {
-        $kontent = $postloader;
+        $kontent = $config['postloader'];
       }
       elseif ($nav == 6) {
-        $kontent = $codeloader;
+        $kontent = $config['codeloader'];
       }
       elseif ($nav == 7) {
-        $kontent = $audioloader;
+        $kontent = $config['audioloader'];
       }
       elseif ($nav == 8) {
-        $kontent = $videoloader;
+        $kontent = $config['videoloader'];
       }
       elseif ($nav == 9) {
-        $kontent = $imgloader;
+        $kontent = $config['imgloader'];
       }
       elseif ($nav == 10) {
-        $kontent = $docloader;
+        $kontent = $config['docloader'];
       }
       //Main Content Display Frame goes below
       include $kontent;
@@ -123,13 +130,13 @@
    </div>
    <div id="rightbar" class="kontained">
     <?php
-     include $rightbar;
+     include $config['rightbar'];
     ?>
    </div>
   </div>
    <div id="footbar">
     <?php
-     include $footbar;
+     include $config['footbar'];
     ?>
    </div>
  </body>

sys/admin/bengine.inc

@@ -51,11 +51,11 @@
  /*Initialize vars, get directory contents*/
  $postincrementer = 0;
  $JSAIDS = "";
- $dir = $_SERVER['DOCUMENT_ROOT'].$basedir.'/'.$blogdir;
+ $dir = $_SERVER['DOCUMENT_ROOT'].$config['basedir'].'/'.$config['blogdir'];
  $postlisting = scandir($dir);
  rsort($postlisting, SORT_NUMERIC);
  /*Post Manipulation*/
- if ($_POST["id"] != "") {
+ if (!empty($_POST["id"])) {
   /*Post Deletion*/
   if ($_POST["mod"] == "Delete Post") {
    $fh = unlink($_POST["id"]);
@@ -90,7 +90,7 @@
   $postlisting = scandir($dir);
   rsort($postlisting, SORT_NUMERIC);
   foreach ($postlisting as $key=>$val) {
-    $id = $_SERVER["DOCUMENT_ROOT"].$basedir.$blogdir.basename($val);
+    $id = $_SERVER["DOCUMENT_ROOT"].$config['basedir'].$config['blogdir'].basename($val);
     $posttitle = strstr($val,'.', true);
   if (!empty($posttitle)) {
    $postincrementer++;
@@ -109,7 +109,7 @@
       <input type=\"submit\" name=\"mod\" value=\"Delete Post\" class=\"coolbutton\">
      </form>
     </div>";
-   $JSAIDS.="document.getElementById('link".$postincrementer."').addEventListener('click',function () {loadpost('/".$basedir.$blogdir.$val."','innerHTML".$postincrementer."',false);});\nwindow.postsLoaded['innerHTML".$postincrementer."'] = false;";
+   $JSAIDS.="document.getElementById('link".$postincrementer."').addEventListener('click',function () {loadpost('/".$config['basedir'].$config['blogdir'].$val."','innerHTML".$postincrementer."',false);});\nwindow.postsLoaded['innerHTML".$postincrementer."'] = false;";
   }
  }
 print "<script type=\"text/javascript\">\n

sys/admin/config/.gitignore

@@ -0,0 +1 @@
+*.json

sys/admin/config/main.json

@@ -1,13 +1,13 @@
 {
-    "toptitle" : "special/title.inc",
-    "leftbar" : "special/leftbar.inc",
-    "rightbar" : "special/rightbar.inc",
-    "footbar" : "special/footbar.inc",
+    "toptitle" : "templates/default/title.inc",
+    "leftbar" : "templates/default/leftbar.inc",
+    "rightbar" : "templates/default/rightbar.inc",
+    "footbar" : "templates/default/footbar.inc",
+    "about" : "templates/default/about.inc",
     "home" : "sys/blogroll.inc",
     "fileshare" : "sys/fileshare/showfiles.inc",
     "microblog" : "sys/microblog.inc",
     "blog" : "sys/blogroll.inc",
-    "about" : "special/about.inc",
     "postloader" : "sys/fileshare/showpost.inc",
     "codeloader" : "sys/fileshare/showcode.inc",
     "audioloader" : "sys/fileshare/showaudio.inc",

sys/admin/config/main.json.example

@@ -0,0 +1,27 @@
+{
+    "toptitle" : "templates/default/title.inc",
+    "leftbar" : "templates/default/leftbar.inc",
+    "rightbar" : "templates/default/rightbar.inc",
+    "footbar" : "templates/default/footbar.inc",
+    "about" : "templates/default/about.inc",
+    "home" : "sys/blogroll.inc",
+    "fileshare" : "sys/fileshare/showfiles.inc",
+    "microblog" : "sys/microblog.inc",
+    "blog" : "sys/blogroll.inc",
+    "postloader" : "sys/fileshare/showpost.inc",
+    "codeloader" : "sys/fileshare/showcode.inc",
+    "audioloader" : "sys/fileshare/showaudio.inc",
+    "videoloader" : "sys/fileshare/showvideo.inc",
+    "imgloader" : "sys/fileshare/showimg.inc",
+    "docloader" : "sys/fileshare/showdoc.inc",
+    "blogdir" : "blog/",
+    "microblogdir" : "microblog/",
+    "filesharedir" : "fileshare",
+    "rssdir" : "sys/rss/",
+    "icondir" : "img/mime/",
+    "basedir" : "",
+    "htmltitle" : "Unconfigured tCMS Website",
+    "blogtitle" : "Blog",
+    "microblogtitle" : "Linklog",
+    "timezone" : "America/Chicago"
+}

sys/admin/config/users.inc

@@ -1,5 +1,5 @@
 <?php
-if ($_SERVER['REMOTE_USER'] == "admin") {
+if (!empty($_SERVER['REMOTE_USER']) && $_SERVER['REMOTE_USER'] == "admin") {
     $poster = "admin";
 } else {
     $poster = "Nobody";

sys/admin/config/users.json.example

@@ -0,0 +1,12 @@
+{
+  "tcmsUsers" : {
+    "admin" : {
+      "fullName" : "The Administrator",
+      "email" : "admin@example.com"
+    },
+    "Nobody" : {
+      "fullName" : "Anonymous",
+      "email" : "dev@null.io"
+    }
+  }
+}

sys/admin/index.php

@@ -10,7 +10,7 @@
   <link rel="icon" type="image/vnd.microsoft.icon" href="../../img/icon/favicon.ico" />
   <title>tCMS Admin</title>
   <?php
-   extract(json_decode(file_get_contents('config/main.json'),true));
+   $config = json_decode(file_get_contents('config/main.json'),true);
   ?>
  </head>
  <body>
@@ -24,19 +24,18 @@
   </div>
   <div id="kontent" style="display: block;">
    <?php
-    if ($_SERVER["HTTPS"] != "") {
+    if (!empty($_SERVER["HTTPS"])) {
      $protocol = "https";
     } else {
      $protocol = "http";
     }
-    $nav = $_GET['nav'];
-    if (empty($nav)) {
+    if (empty($_GET['nav'])) {
      $kontent = "settings.inc";
     }
-    elseif ($nav == 1) {
+    elseif ($_GET['nav'] == 1) {
      $kontent = "bengine.inc";
     }
-    elseif ($nav == 2) {
+    elseif ($_GET['nav'] == 2) {
      $kontent = "mbengine.inc";
     }
     include $kontent;

sys/admin/mbengine.inc

@@ -102,7 +102,7 @@
  <div id="stories">
   <?php
    $editable = 1;
-   include $_SERVER["DOCUMENT_ROOT"].'/'.$basedir."sys/microblog.inc";
+   include $_SERVER["DOCUMENT_ROOT"].'/'.$config['basedir']."sys/microblog.inc";
   ?>
  </div>
 </div>

sys/blogroll.inc

@@ -1,7 +1,7 @@
 <p class="title">
  <a title="RSS" href="sys/rss/blog.php" class="rss"></a>
  <?php
-  echo $blogtitle;
+  echo $config['blogtitle'];
  ?>
  <hr />
 </p>

sys/fileshare/showfiles.inc

@@ -1,6 +1,5 @@
 <?php
- $dir = $_GET['dir'];
- $pwd = $dir;
+ $pwd = $_GET['dir'];
 
  //These variables are to check whether the directory we will link to exists, and to know what directory we are in 
  $check = @scandir($pwd.'/../', 1);
@@ -105,11 +104,11 @@
 					};
 				};
 			};
-			echo '<img class="icon" src='.$icondir.$ikon.' />';
+			echo '<img class="icon" src='.$config['icondir'].$ikon.' />';
 			echo '<a href="'.$link.$pwd.'/'.$ls[$n].'">'.$ls[$n].'</a><br />';
 		}
 		else {
-			echo '<img src="'.$icondir.'tsfolder.gif" />';
+			echo '<img src="'.$config['icondir'].'tsfolder.gif" />';
 			echo '<a href="index.php?nav=1&dir='.$pwd.'/'.$ls[$n].'">'.$ls[$n].'</a><br />'."\n";
 		}
 	}

sys/microblog.inc

@@ -13,14 +13,14 @@
         }
       </script>\n";
   }
-  echo '<p class="title"><a title="RSS" class="rss" href="/'.$basedir.$rssdir.'microblog.php"></a> '.$microblogtitle;
+  echo '<p class="title"><a title="RSS" class="rss" href="/'.$config['basedir'].$config['rssdir'].'microblog.php"></a> '.$config['microblogtitle'];
   //Set important times - $tdtime is today's date, $oldtime is the oldest known date a tCMS install had nuze for - defaults to today then searches microblog dir for entries to set date
-  $tdtime = new DateTime(null, new DateTimeZone($timezone));
+  $tdtime = new DateTime(null, new DateTimeZone($config['timezone']));
   $oldtime = clone $tdtime;
   //limit results of directory read to first entry -- much faster than doing it with PHP once you get a large filelist. 
-  exec("ls -tr1 ".$_SERVER["DOCUMENT_ROOT"].'/'.$basedir.$microblogdir." |head -1", $cmd_out);
+  exec("ls -tr1 ".$_SERVER["DOCUMENT_ROOT"].'/'.$config['basedir'].$config['microblogdir']." |head -1", $cmd_out);
   if(!empty($cmd_out[0])) {
-    $oldtime = $oldtime = DateTime::createFromFormat('m.d.y', $cmd_out[0], new DateTimeZone($timezone));
+    $oldtime = $oldtime = DateTime::createFromFormat('m.d.y', $cmd_out[0], new DateTimeZone($config['timezone']));
   }
   $oldtime->sub(new DateInterval('P1D'));
   /*$today and $tmrw refer to times relative to what is passed by GET params -
@@ -30,7 +30,7 @@
   $error = 0;
   $today = clone $tdtime;
   if(!empty($_GET["date"])) {
-    $today = DateTime::createFromFormat('m.d.y', $_GET["date"], new DateTimeZone ($timezone));
+    $today = DateTime::createFromFormat('m.d.y', $_GET["date"], new DateTimeZone ($config['timezone']));
     //Catch bogus input, set $tmwr to TRUE if $today was set to something other than today's date
     if (!filter_var($_GET["date"],FILTER_VALIDATE_REGEXP,array('options' => array('regexp' => "/^(0[1-9]|1[012])[.](0[1-9]|[12][0-9]|3[01])[.]\d\d/")))) {
       echo "</p>That's a funny looking date you provided there, mister.\n";
@@ -67,7 +67,7 @@
       }
       if ($todaysnews != "end") {
         //Get news from directory if any exists for that day, glob will return empty if nothing is in dir
-        $todaysnews = glob($_SERVER["DOCUMENT_ROOT"].'/'.$basedir.$microblogdir.$today->format('m.d.y')."/*");
+        $todaysnews = glob($_SERVER["DOCUMENT_ROOT"].'/'.$config['basedir'].$config['microblogdir'].$today->format('m.d.y')."/*");
         //Set display date for today's news, set $today to be yesterday in order to get while loop to recurse correctly
         $realtime = $today->format('m.d.y');
         if(!empty($_GET['fwd']) && $_GET['fwd']) {//Check whether we are traversing forward or backward in time

templates/custom/.gitignore

@@ -0,0 +1 @@
+[^.]*

special/title.inc → templates/default/title.inc

@@ -1,6 +1,6 @@
 <div id="lefttitle" class="toplel">
  <?php
-  echo $htmltitle;
+  echo $config['htmltitle'];
  ?>
 </div>
 <div id="midtitle" class="toplel">