kill old tcms

CHANGELOG

@@ -1,3 +1,6 @@
+Version 3.0 Perlized
+* TODO
+
 Version 2.0 IRONMAN SLOG development notes [ALPHA]:
 * tCMS now has an installer/updater in bin/installer. Makefile rules 'make install' and 'make update' also do this.
 * Fixed a bug where "" encapsulated titles in microblog editor would get baleeted on load.

LICENSE

@@ -1,4 +1,4 @@
-Copyright 2013 by Thomas A. and George S. Baugh
+Copyright 2020 by Thomas A. and George S. Baugh (Troglodyne LLC)
 The scripts/code/etc. that comprise tCMS are all released under the GPL.
 See https://gnu.org/licenses/gpl.html for details.
 

Makefile

@@ -1,9 +0,0 @@
-test:
-	[ -d t/lib/testmore ] || git clone https://github.com/shiflett/testmore.git t/lib/testmore
-	prove --exec 'php' t/*.t
-
-install:
-	php bin/install
-
-update:
-	php bin/install --update

README.md

@@ -1,41 +0,0 @@
-tCMS
-====
-
-A PHP flat-file CMS (teodesian.net CMS), geared towards a webmaster who mostly already "knows what he's doing".
-As such, it allows for some neat things like posting via flat files,
-in case you just wanted to use vim, etc. to blog (as I do).
-Still, I've added a lot of frontend convenience stuff, mostly as requests.
-
-Oh, yeah, did I mention it's responsive by default and degrades well on IE (last I checked)?
-
-See http://tcms.troglodyne.net for more information.
-
-INSTALLING
-----------
-* Clone this repo to wherever.
-* Run `bin/install` from the repository's top directory. It will guide you through the process.
-* Load the website you installed this to in a web browser. Continue to follow instructions.
-
-UPGRADING
----------
-* Re-run the installer. Since you have already installed, it will skip most prompting and
-simply update the files.
-
-TODO/Ideas:
------------
- * Convert blog posts to use JSON, similar to microblog, mostly to enable storing better metadata.
- * Theming importation ability, or a decent upgrading script for more effective cruise control.
- * Test code. I'll probably do this in perl,
-   since I'm used to it's test harnesses and Selenium::Remote::Driver for functional automated testing.
- * Support for torrent seedboxes tracking /fileshare to autoprovide magnet links to downloads
- * API conversion for signifigant functionality, mostly as a way to make it easier to extend tCMS.
-   - For example, a cron that watches your install for new posts then crossposts to twitter, etc.
-   - Distributed tCMS installs with gluster would be fun :D
- * Support for alternative authentication schemes (LDAP, etc.).
-   I doubt a manual mapping table from what you've set HTTP auth users to in tCMS is everyone's cup o tea.
- * Add option for using an SQLite database to store posting data, configs, etc.
- * ...And anything here too: http://tcms.troglodyne.net/index.php?nav=5&post=fileshare/manual/Appendix%2001-TODO.post
-
-Really, I don't wanna go too hog wild with features on this,
-since I've already accomplished pretty much 100% of what I want tCMS to do for me.
-Most of these are 'nice to have' items. I may think about working on some of these more if there's interest.

TODO

@@ -1,13 +0,0 @@
-tCMS2 still left undone (will add to as I think of em)
-* config needs to be based on a model json file.
-* tests for config reading and comparison based on model
-* tests for config validation of user input (wanna make sure we *can* install)
-* tests for config writing
-* Make config page in Admin work right
-* Need rel=alternate 'link' tags in HEAD for RSS feeds
-
-* SINGLE USER INSTALL INFO TO MANUAL, MULTI-USER INSTALL INFO TO MANUAL
-
-`make dist` to make release tarball
-
-Check licensing on all files, make sure all stuff we made is CC0, all stuff from external has proper attribs, etc.

bin/install

@@ -1,109 +0,0 @@
-#!/usr/bin/env php
-<?php
-umask(007);
-$user_info = posix_getpwuid(posix_geteuid());
-$wd = realpath( dirname( __FILE__ ) . "/../" );
-
-// Look for the $private_base and $public_base. Assume /var/www/ if no homedir.
-$homedir = ( $user_info['dir'] ? $user_info['dir'] : '/var/www/' );
-$private_base = ( file_exists( "$homedir/.tCMS_basedir" ) ) ? file_get_contents( "$homedir/.tCMS_basedir" ) : "";
-
-if( empty( $private_base ) ) {
-    echo "[NOTE] Make sure the directories you install to are R+W accessible by your web server.\n";
-    echo "       On most shared hosts (cPanel, etc.) this is fine to leave in your home directory.\n\n";
-    echo "Please enter the directory you wish for tCMS' private data files to be stored under.\n";
-    echo "Default [" . $user_info['dir'] . "/.tCMS]: ";
-    $input = get_string_from_stdin();
-    if( empty( $input ) ) {
-        $private_base = $user_info['dir'] . "/.tCMS";
-    } else {
-        # At least *try* to get the real path. If not, can't do much other than trust it works.
-        $private_base = realpath( dirname( $input ) ) . "/" . basename( $input );
-    }
-}
-
-echo "Please enter the directory you for tCMS' public data files.\n";
-echo "Default [" . $user_info['dir'] . "/public_html]: ";
-$input = get_string_from_stdin();
-if( empty( $input ) ) {
-    $public_base = $user_info['dir'] . "/public_html";
-} else {
-    $public_base = realpath( dirname( $input ) ) . "/" . basename( $input );
-}
-
-echo "[INFO] Installing private data to $private_base now...\n";
-$files = [ 'lib', 'templates' ];
-install( $private_base, $wd, $files );
-ensure_directories_exist( [ "$private_base/blog", "$private_base/microblog", "$private_base/conf" ] );
-
-# Make sure our webserver (and my horrible code) knows how to find your custom directory
-if( !file_exists($user_info['dir'] . "/.tCMS_basedir") ) {
-    echo "[INFO]: For tCMS to know where the directory we installed to was, we will write the following\n";
-    echo "        into your home directory:\n";
-    echo "            '" . $user_info["dir"] . "/.tCMS_basedir'\n";
-    echo "        Please press [enter] to continue.";
-    get_string_from_stdin(); # Mostly just to make the user confirm they read this.
-    file_put_contents( $user_info['dir'] . "/.tCMS_basedir", realpath($private_base) );
-}
-
-# Create admin user
-if( !file_exists("$private_base/conf/users.json") ) {
-    while( empty($username) ) {
-        echo "Please enter in the name you'd like to login to tCMS as administrator (you can add more users later): ";
-        $username = get_string_from_stdin();
-    }
-    while( empty($password) ) {
-        echo "Please enter a password for the user: ";
-        $password = get_string_from_stdin(1);
-        $auth_hash = password_hash( $password, PASSWORD_DEFAULT );
-    }
-    echo "\n[INFO] Writing user configuration now...\n";
-    file_put_contents( "$private_base/conf/users.json", json_encode( [ $username => [ 'auth_hash' => $auth_hash ] ] ) );
-}
-
-echo "[INFO] Installing public data to $public_base now...\n";
-$files = [ 'themed', 'fileshare', 'index.php', 'sys' ];
-install( $public_base, $wd, $files );
-
-echo "[INFO] Done.\n";
-exit(0);
-
-function get_string_from_stdin($noecho=0) {
-    if( $noecho ) system('stty -echo');
-    $STDIN = fopen( "php://stdin", "r" );
-    $input = fgets( $STDIN, 4096 ); # Not gonna read something longer than the maximum path length for ext
-    $input = rtrim( $input ); # Trim any trailing spaces
-    fclose( $STDIN );
-    if( $noecho ) system('stty echo');
-    return $input;
-}
-
-function install( $to, $from, $files2copy ) {
-    if( empty($to) || empty($from) || empty($files2copy) ) die("Bad arguments passed to 'install' function");
-    if( file_exists( $to ) && !is_dir( $to ) ) {
-        echo "[FATAL] $to already exists but is not a directory! Stopping here.\n";
-        exit(1);
-    }
-    if ( !file_exists( $to ) ) mkdir( $to );
-    # XXX Prolly won't work on directories
-    foreach ( $files2copy as $file ) {
-        # Referencing it by path as some systems have aliases on this command
-        $cmd = "/bin/cp -rf '$from/$file' '$to/'";
-        echo "exec `$cmd`\n";
-        $out = shell_exec($cmd);
-        echo $out; 
-    }
-    return;
-}
-
-function ensure_directories_exist( $dirs ) {
-    if( empty( $dirs ) ) die("Bad arguments passed to 'ensure_directories_exist' function");
-    foreach ( $dirs as $dir ) {
-        if ( !file_exists( $dir ) ) {
-            echo "exec `/bin/mkdir '$dir'`\n";
-            mkdir( $dir );
-        }
-    }
-    return;
-}
-?>

blog/1-Welcome!.post

@@ -1 +0,0 @@
-Thank you for trying tCMS! To get started, please see the documentation over at tcms.troglodyne.net if you haven't already.

fileshare/readme.txt

@@ -1 +0,0 @@
-This is the fileshare. You should place stuff you wanna share here.

index.php

@@ -1,78 +0,0 @@
-<?php
-    // Setup includes to work right. Much of this is duped in Config.inc, but gotta get this info to include it, so..
-    $user_info = posix_getpwuid(posix_geteuid());
-    $dir = ( $user_info['dir'] ? $user_info['dir'] : '/var/www/' );
-    $basedir = ( file_exists( $dir . "/.tCMS_basedir") ? file_get_contents("$dir/.tCMS_basedir") : "$dir/.tCMS" );
-    set_include_path(get_include_path() . PATH_SEPARATOR . "$basedir/lib");
-    require_once "tCMS/Config.inc";
-
-    // Get the config, set the theme (also set the basedir so we don't have to fetch it again).
-    $conf_obj = new Config;
-    $conf_obj->set_base_dir($basedir);
-    $config = $conf_obj->get();
-    $theme = ( !array_key_exists( 'theme', $config ) || empty($config['theme']) ? 'default' : $config['theme'] );
-    $themedir = "$basedir/templates/$theme";
-
-    if(empty($config)) {
-        # XXX Need to have manual be hosted in repo under sys/admin/manual
-        include( "$themedir/notconfigured.tmpl" );
-        die();
-    }
-
-    $docroot  = realpath( __DIR__ );
-    $nav      = ( !empty($_GET['nav'] ) )      ? $_GET['nav']  : '';
-    $post     = ( !empty($_GET['post'] ) )     ? $_GET['post'] : '';
-
-    // Not sure if I'll ever really even need to localize (see html tag attrs).
-?>
-<!doctype html>
-<html dir="ltr" lang="en-US">
- <?php include "$themedir/header.tmpl"; ?>
- <body>
-  <div id="topkek">
-   <?php
-    //Site's Titlebar comes in here
-    include "$themedir/nav.inc";
-   ?>
-  </div>
-  <div id="littlemenu">
-  </div>
-  <div id="kontainer">
-   <div id="leftbar" class="kontained">
-    <?php include "$themedir/leftbar.inc"; ?>
-   </div>
-   <div id="kontent" class="kontained">
-   <?php
-    // Home should refer to a template.
-    $home = ( array_key_exists( 'home', $config ) && !empty($config['home']) ? $config['home'] : "blog" );
-    $home_map = [ 'blog' => 3, 'microblog' => 2, 'fileshare' => 1 ]; 
-    $destinations = [
-        $config['home'], "$docroot/sys/fileshare/showfiles.inc", "$docroot/sys/microblog.inc",
-        "$docroot/sys/blogroll.inc", "$docroot/sys/fileshare/showpost.inc", "$docroot/sys/fileshare/showcode.inc",
-        "$docroot/sys/fileshare/showaudio.inc", "$docroot/sys/fileshare/showvideo.inc", "$docroot/sys/fileshare/showimg.inc",
-        "$docroot/sys/fileshare/showdoc.inc",
-    ];
-    if ( empty($nav) || $nav == 0 ) {
-        $nav = $home_map[$home];
-    }
-    if ( $nav === 1 || $nav > 4 ) {
-        $pwd = $post;
-        include 'sys/fileshare/sanitize.inc';
-    }
-    //Main Content Display Frame goes below
-    include $destinations[$nav];
-   ?>
-   </div>
-   <div id="rightbar" class="kontained">
-    <?php
-     include "$themedir/rightbar.inc";
-    ?>
-   </div>
-  </div>
-   <div id="footbar">
-    <?php
-     include "$themedir/footbar.inc";
-    ?>
-   </div>
- </body>
-</html>

lib/tCMS/Auth.inc

@@ -1,108 +0,0 @@
-<?php
-    require_once "tCMS/Config.inc";
-
-    class Auth {
-
-        public function __construct() {
-            ini_set( "session.cookie_httponly", true );
-            ini_set( "session.cookie_secure",   true );
-            return;
-        }
-
-        public function ensure_auth( $redirect=true ) {
-            // Force HTTPS
-            if( empty( $_SERVER["HTTPS"] ) ) {
-                http_response_code(301);
-                header("Location: https://" . $_SERVER["SERVER_NAME"] . "/" . $_SERVER["REQUEST_URI"]);
-                die();
-            }
-            // Check on the session
-            $session_status = session_status();
-            // Way to be consistent, PHP
-            if( $session_status !== PHP_SESSION_ACTIVE || $session_status !== 2 ) session_start(); # Will re-use the existing session and jam the deets into the $_SESSION global
-            $session_status = session_status();
-            if( empty( $_SESSION )
-                || ( $session_status !== PHP_SESSION_ACTIVE || $session_status !== 2 )
-                || ( isset( $_SESSION['LAST_ACTIVITY'] ) && ( time() - $_SESSION['LAST_ACTIVITY'] > 3600 ) )
-                || $_SESSION['REMOTE_ADDR'] !== $_SERVER['REMOTE_ADDR'] ) {
-                $to = ( !empty($_GET['app']) ) ? "&to=" . $_GET['app'] : "";
-                auth::invalidate_auth( $redirect, $to );
-            }
-            $_SESSION['LAST_ACTIVITY'] = time();
-            return session_id();
-        }
-
-        public function invalidate_auth( $redirect=true, $to="" ) {
-            // need to invalidate the session here, though we may not have loaded it yet, so do that first.
-            $session_status = session_status();
-            if( $session_status !== PHP_SESSION_ACTIVE || $session_status !== 2 ) session_start();
-            $session_status = session_status();
-            $session_id = session_id();
-            if( $session_status === PHP_SESSION_ACTIVE || $session_status === 2 ) { 
-                session_unset();
-                session_destroy();
-            }   
-            setcookie('PHPSESSID'); //Otherwise it'll stick around. I don't wanna reuse these.
-            if( $redirect ) {
-                http_response_code(302);
-                header( "Location: https://" . $_SERVER["SERVER_NAME"] . "/sys/admin/index.php?app=login$to" );
-            } else {
-                http_response_code(401);
-                header('Content-Type: application/json');
-                echo json_encode( [ 'code' => '401', 'message' => 'Unauthorized' ] );
-            }
-            die();
-        }   
-
-        public function do_auth($user=null, $pass=null) {
-            if( empty($user) || empty($pass) ) {
-                return array( 'err' => 1, 'msg' => "No Credentials provided yet" );
-            }
-                        if( empty( ini_get('session.entropy_file') ) && version_compare(PHP_VERSION, "7.1.0") === -1 ) {
-                ini_set('session.entropy_file', '/dev/urandom');
-                ini_set('session.entropy_length', '32');
-            }
-            // Check it
-            $conf_obj = new Config;
-            $conf = $conf_obj->get('users');
-            if( empty($conf) ) return [ 'err' => 1, "msg" => "Login Failed: Configuration missing or malformed" ];
-            if( empty($conf[$user]) || empty($conf[$user]['auth_hash']) || !password_verify( $pass, $conf[$user]['auth_hash'] ) ) return [ 'err' => 1, 'msg' => "Login Failed" ];
-
-            // Gotta have a touch of eval
-            $session_started = @session_start();
-            if( empty($_SESSION) ) {
-                @session_destroy();
-                session_id(uniqid("tCMS-"));
-                session_start();
-            }
-            $session_state   = session_status();
-            $session_id      = session_id();
-            if( empty($session_started) || empty( $session_state ) || $session_state !== PHP_SESSION_ACTIVE || empty( $session_id ) ) {
-                return [ 'err' => 1, 'msg' => 'Failed to generate valid PHP Session' ];
-            }
-            $_SESSION['LAST_ACTIVITY'] = time(); //Timeout helper
-            $_SESSION['REMOTE_ADDR'] = $_SERVER['REMOTE_ADDR']; // Hijacking prevention helper
-            return [ 'success' => 1 ];
-        }
-
-        public static function process_token( $api_token=null ) {
-            if( session_status() !== PHP_SESSION_ACTIVE ) session_start();
-            if( empty( $api_token ) ) return 0;
-            $key = file_get_contents( "/var/cpanel/qa/.userdata_cache/global/session_keys/" . session_id() );
-            if( empty( $key ) ) return 0;
-            $api_token = base64_decode($api_token);
-            $key = openssl_get_privatekey($key);
-            openssl_private_decrypt( $api_token, $credentials, $key );
-            if( empty( $credentials ) ) return 0;
-            $credentials = explode( ":", $credentials );
-            if( count( $credentials ) !== 2 ) return 0;
-            return array( 'user' => $credentials[0], 'pass' => $credentials[1] );
-        }
-
-        private static function get_tCMS_basedir() {
-            $file = realpath( __FILE__ . "../../../basedir" );
-            $exists = ( file_exists( $file ) ? explode( "\n", file_get_contents($file) )[0] : "/" );
-        }
-
-    }
-?>

lib/tCMS/Config.inc

@@ -1,81 +0,0 @@
-<?php
-    class Config {
-
-        private $confdir = null;
-        private $basedir = null;
-        private $homedir = null;
-        private $conf = [
-            'users' => [],
-            'main'  => [],
-        ];
-        private $conf_model = [
-            'users' => [
-                'name'         => [ 'masks' => 'parent', 'label' => 'Username', 'placeholder' => 'AzureDiamond', 'form_field' => 'input', 'field_type' => 'text' ],
-                'password'     => [ 'masks' => 'auth_hash', 'label' => 'Password', 'placeholder' => 'hunter2', 'form_field' => 'input', 'field_type' => 'password' ],
-                'display_name' => [ 'label' => 'Display Name', 'placeholder' => "Your Name", 'default' => 'Anonymous', 'form_field' => 'input', 'field_type' => 'text' ],
-                'avatar'       => [
-                    'label'        => 'User Avatar',
-                    'default'      => "R0lGODlhGAAYAMIAAAAAAIYGBp2dndHR0QAAAAAAAAAAAAAAACH+EUNyZWF0ZWQgd2l0aCBHSU1QACH5BAEKAAQALAAAAAAYABgAAANySBQc+jDGMOpwMj96OdYShYmg9okAAazsWqIDIMz0nGaiJbercIeXls1H+00utWTRhOS1Gp+JjLibcSpRyFTp8YR2TpGPBBETz4DAjlzeKmnsCNi5isuTboFdSy2y9g95XBcldDxZJYmKIIiLG4SOOBEJADs=",
-                    'form_field'   => 'input',
-                    'field_type'   => 'file',
-                    'field_accept' => "image/*",
-                    'placeholder'  => '',
-                ],
-             ],
-            'main'  => [
-                'home'  => [ 'label' => 'Default Home', 'default' => 'blog', 'form_field' => 'select', 'select_opts' => [ 'blog', 'microblog', 'fileshare' ] ],
-                'theme' => [ 'label' => 'tCMS Theme', 'default' => 'default', 'form_field' => 'select', 'select_opts' => [ 'default' ] ],
-                'htmltitle' => [ 'label' => 'Website Title', 'default' => 'Just another tCMS Blog', 'form_field' => 'input', 'field_type' => 'text' ],
-                'microblogtitle' => [ 'label' => 'Microblog Title', 'default' => 'Microblog', 'form_field' => 'input', 'field_type' => 'text' ],
-                'blogtitle' => [ 'label' => 'Blog Title', 'default' => 'Blog', 'form_field' => 'input', 'field_type' => 'text' ],
-            ],
-        ];
-
-        // Get the configuration.
-        public function get( $type='main' ) {
-            if( !empty($this->conf[$type]) ) return $this->conf[$type];
-            $confdir = $this->get_conf_dir();
-            $tmp_conf = @json_decode( @file_get_contents("$confdir/$type.json"), true );
-            if( !empty( $tmp_conf ) ) $this->conf[$type] = $tmp_conf;
-            return $this->conf[$type];
-        }
-
-        public function get_base_dir() {
-            if( !empty($this->basedir) ) return $this->basedir;
-            $homedir = $this->get_home_dir();
-            $this->basedir = ( file_exists( "$homedir/.tCMS_basedir") ? file_get_contents("$homedir/.tCMS_basedir") : "$homedir/.tCMS" );
-            return $this->basedir;
-        }
-
-        public function set_base_dir($dir) {
-            $this->basedir = $dir;
-            return;
-        }
-
-        public function get_conf_dir() {
-            if( !empty($this->confdir) ) return $this->confdir;
-            $basedir = $this->get_base_dir();
-            $this->confdir = "$basedir/conf";
-            return $this->confdir;
-        }
-
-        public function get_home_dir() {
-            if( !empty($this->homedir) ) return $this->homedir;
-            $user_info = posix_getpwuid(posix_geteuid());
-            $this->homedir = ( $user_info['dir'] ? $user_info['dir'] : '/var/www/' );
-            return $this->homedir;
-        }
-
-        public function get_config_model($type='main') {
-            return $this->conf_model[$type];
-        }
-
-        public function set( $type='main', $new_value=array() ) {
-            return $this->conf[$type] = $new_value;
-        }
-
-        public function save( $type='main' ) {
-            return file_put_contents($this->get_conf_dir()."/$type.json", json_encode($this->get($type)));
-        }
-    }
-?>

microblog/.gitignore

@@ -1 +0,0 @@
-[^.]*

sys/admin/config/.gitignore

@@ -1 +0,0 @@
-*.json

sys/admin/config/main.json.example

@@ -1,27 +0,0 @@
-{
-    "toptitle" : "templates/default/title.inc",
-    "leftbar" : "templates/default/leftbar.inc",
-    "rightbar" : "templates/default/rightbar.inc",
-    "footbar" : "templates/default/footbar.inc",
-    "about" : "templates/default/about.inc",
-    "home" : "sys/blogroll.inc",
-    "fileshare" : "sys/fileshare/showfiles.inc",
-    "microblog" : "sys/microblog.inc",
-    "blog" : "sys/blogroll.inc",
-    "postloader" : "sys/fileshare/showpost.inc",
-    "codeloader" : "sys/fileshare/showcode.inc",
-    "audioloader" : "sys/fileshare/showaudio.inc",
-    "videoloader" : "sys/fileshare/showvideo.inc",
-    "imgloader" : "sys/fileshare/showimg.inc",
-    "docloader" : "sys/fileshare/showdoc.inc",
-    "blogdir" : "blog/",
-    "microblogdir" : "microblog/",
-    "filesharedir" : "fileshare",
-    "rssdir" : "sys/rss/",
-    "icondir" : "img/mime/",
-    "basedir" : "",
-    "htmltitle" : "Unconfigured tCMS Website",
-    "blogtitle" : "Blog",
-    "microblogtitle" : "Linklog",
-    "timezone" : "America/Chicago"
-}

sys/admin/config/users.inc

@@ -1,14 +0,0 @@
-<?php
-$tcmsUsers = json_decode(file_get_contents('config/users.json'),true);
-if (!empty($_SERVER['REMOTE_USER']) && !empty($tcmsUsers)) {
-    $poster = "admin";
-    foreach (array_keys($tcmsUsers) as $user) {
-        if( $tcmsUsers[$user]['remoteUser'] == $_SERVER['REMOTE_USER']) {
-            $poster = $user;
-            break;
-        }   
-    }   
-} else {
-    $poster = "Nobody";
-}
-?>

sys/admin/config/users.json.example

@@ -1,12 +0,0 @@
-{
-  "bambam" : {
-    "fullName" : "The Administrator",
-    "email" : "admin@example.com",
-    "remoteUser: "barney"
-  },
-  "wilma" : {
-    "fullName" : "Mr. Magoo",
-    "email" : "dev@null.io",
-    "remoteUser: "fred"
-  }
-}

sys/admin/index.php

@@ -1,83 +0,0 @@
-<?php
-
-    // Setup includes to work right. Much of this is duped in Config.inc, but gotta get this info to include it, so..
-    $user_info = posix_getpwuid(posix_geteuid());
-    $dir = ( $user_info['dir'] ? $user_info['dir'] : '/var/www/' );
-    $basedir = ( file_exists( $dir . "/.tCMS_basedir") ? file_get_contents("$dir/.tCMS_basedir") : "$dir/.tCMS" );
-    set_include_path(get_include_path() . PATH_SEPARATOR . "$basedir/lib");
-    require_once "tCMS/Config.inc";
-
-    // Get the config, set the theme (also set the basedir so we don't have to fetch it again).
-    $conf_obj = new Config;
-    $conf_obj->set_base_dir($basedir);
-    $config = $conf_obj->get();
-    $theme = ( !array_key_exists( 'theme', $config ) || empty($config['theme']) ? 'default' : $config['theme'] );
-    $themedir = "$basedir/templates/$theme";
-
-    // Begin dispatch
-    $args = ( $_SERVER['REQUEST_METHOD'] == 'POST' ? $_POST : $_GET );
-    if( !empty($args['app']) && $args['app'] == 'login' ) {
-        include "$themedir/admin/login.inc";
-        die();
-    } elseif( !empty($args['app']) && $args['app'] == 'logout' ) {
-        include "$themedir/admin/logout.inc";
-        die();
-    } else {
-        require_once "tCMS/Auth.inc";
-        $auth = new Auth;
-        $auth->ensure_auth();
-    }
-    if( empty($args['app']) || $args['app'] == 'config' ) {
-        $kontent = "$themedir/admin/settings.inc";
-    } elseif ($args['app'] == 'blog') {
-        if(!empty($args['get_fragment'])) {
-            # Need to sanitize
-            $path = realpath("$basedir/blog/".$args['get_fragment']);
-            if(strpos($path, "$basedir/blog") !== 0 ) die("Forbidden: Tried to load $path, but $basedir/blog is not the start of the real path.");
-            die(file_get_contents("$basedir/blog/".$args['get_fragment']));
-        }
-        $kontent = "$themedir/admin/bengine.inc";
-    } elseif ($args['app'] == 'microblog') {
-        $kontent = "$themedir/admin/mbengine.inc";
-    } elseif ($args['app'] == 'users' ) {
-        $kontent = "$themedir/admin/users.inc";
-    } else {
-        $kontent = "$themedir/admin/settings.inc";
-    }
-?>
-<!doctype html>
-<html dir="ltr" lang="en-US">
- <head>
-  <meta charset="utf-8" />
-  <meta name="description" content="tCMS Control Panel"/>
-  <meta name="viewport" content="width=device-width">
-  <?php
-    $links  = '<link rel="stylesheet" type="text/css" href="../../themed/' . $theme . '/css/structure.css" />';
-    $links .= '<link rel="stylesheet" type="text/css" href="../../themed/' . $theme . '/css/screen.css" media="screen" />';
-    $links .= '<link rel="stylesheet" type="text/css" href="../../themed/' . $theme . '/css/print.css" media="print" />';
-    $links .= '<link rel="icon" type="image/vnd.microsoft.icon" href="../../themed/' . $theme . '/img/icon/favicon.ico" />';
-    echo $links;
-
-    // TODO inject avatars these via style tags based on config
-  ?>
-  <title>tCMS Admin</title>
-  <?php
-  ?>
- </head>
- <body>
-  <div id="topkek" style="text-align: center; vertical-align: middle;">
-   <button title="Menu" id="clickme">&#9776;</button>
-   <span id="configbar">
-    <a class="topbar" title="Edit Various Settings" href="index.php?app=config">Settings</a>
-    <a class="topbar" title="Blog Writer" href="index.php?app=blog">Blog Writer</a>
-    <a class="topbar" title="Pop off about Stuff" href="index.php?app=microblog">MicroBlogger</a>
-    <a class="topbar" title="Logout" href="index.php?app=logout">Logout</a>
-   </span>
-  </div>
-  <div id="kontent" style="display: block;">
-   <?php
-        include $kontent;
-   ?>
-  </div>
- </body>
-</html>

sys/blogroll.inc

@@ -1,100 +0,0 @@
-<p class="title">
- <a title="RSS" href="sys/rss/blog.php" class="rss"></a>
- <?php
-  echo $config['blogtitle'];
- ?>
- <hr />
-</p>
-<?php
-
-if (!empty($_GET['post'])) {
-    $post=urldecode($_GET['post']);
-    $statz = stat($post);
-    $uid = $statz['uid'];
-    $udata = posix_getpwuid($uid);
-    $user = $udata['name'];
-
-    $date =  date("F d Y H:i:s", filemtime($post));
-
-    if (stristr($post,'.') != ".post") {
-        $title = basename($post);
-    } else {
-        $title = substr(strstr(basename($post),'-'),1,-5);
-    }
-
-    echo "<h3 class=\"blogtitles\"><a title=permalink href=\"index.php?nav=3&post=".urlencode($post)."\">$title</a></h3>\n";
-    echo "<em class=\"blogdetail\">Last modified on $date UTC by $user</em><hr />\n\n";
-    include "$post";
-    echo "\n<hr /><a style=\"textalign: center;\" href=\"".$_SERVER["PHP_SELF"]."?nav=3\">Back to Blog</a>";
-} else {
-
-$offset=0;
-if (!empty($_GET['index']) && !is_int($_GET['index'])) {
-	$offset = 10*$_GET['index'];
-}
-
-
-	//slurp up the files
-	$files = glob($basedir . "/blog/*.post");
-	$guid = count($files);
-
-	//sort by filename
-	
-	//initialize an array to house sort results
-	$files2 = array();
-	$files2 = array_pad($files2,$guid,0);
-
-	for ($i=0; $i<$guid; $i++) {
-		$j = explode('-',basename($files[$i]));
-		$j = $j[0];
-		$j = (int)$j;
-		$j--;
-		$files2[$j] = $files[$i];
-	}
-
-	$slen = count($files2)-1;
-	$ctr=0;
-	$older=0;
-
-	for ($i=$slen-$offset; $i>-1; $i--) {
-		$shitpost=$files2[$i];
-
-		//using a counter here to know when to stop, since I don't know how many posts there will be
-		if ($ctr > 9) {
-			$older=1;
-			break;
-		}
-		$ctr++;
-
-		$statz = stat($shitpost);
-		$uid = $statz['uid'];
-		$udata = posix_getpwuid($uid);
-		$user = $udata['name'];
-
-		$date =  date("F d Y H:i:s", filemtime($shitpost));
-
-		$title = substr(strstr(basename($shitpost),'-'),1,-5);
-
-		echo "<h3 class=\"blogtitles\"><a title=permalink href=\"".$_SERVER["PHP_SELF"]."?nav=3&post=".urlencode($shitpost)."\">$title</a></h3>\n";
-		echo "<em class=\"blogdetail\">Last modified on $date UTC by $user</em><br />\n";
-		include $shitpost;
-		echo "<hr />";
-	};
-
-echo "<table width=\"100%\"><tr><td>";
-if ($older) {
-	$offset=$_GET['index']+1;
-	echo "<a href=\"".$_SERVER["PHP_SELF"]."?nav=3&index=$offset\">Older Posts</a>";
-}
-echo "</td><td style=\"text-align: right;\">";
-if (!empty($_GET['index'])) {
-	$offset=$_GET['index']-1;
-	if ($offset == 0) {
-		echo "<a href=\"".$_SERVER["PHP_SELF"]."?nav=3\">Newer Posts</a>";
-	} else {
-		echo "<a href=\"".$_SERVER["PHP_SELF"]."?nav=3&index=$offset\">Newer Posts</a>";
-	}
-}
-echo "</td></tr></table>\n";
-}
-?>

sys/fileshare/include/blacklist.json

@@ -1 +0,0 @@
-[ "sys", "microblog", "themed" ]

sys/fileshare/include/forbidden.inc

@@ -1,12 +0,0 @@
-<center>
-<?php
-
-$pwd = $_GET['dir'];
-
-echo '<p style="vertical-align: middle;">';
-echo '<img src="img/mime/denied.gif" alt="deeenied" />';
-echo 'Access to '.$pwd.' Denied';
-echo '<img src="img/mime/denied.gif" alt="deeniedagain" />';
-echo '</p>'
-
-?>

sys/fileshare/include/notfound

@@ -1,5 +0,0 @@
-<p style="text-align: center; vertical-align: center;">
- <img src="img/mime/missing.gif" alt="burritos" />
-  File not found
- <img src="img/mime/missing.gif" alt="getdownagain" />
-</p>

sys/fileshare/sanitize.inc

@@ -1,20 +0,0 @@
-<?php 
-if( !empty($pwd) ) {
-    //Forbid anything starting with / and anything with .. in it; also protocol links (://)
-    $forbidden = preg_match( "/|..|://", $pwd );
-    if ( $forbidden ) {
-        include 'sys/fileshare/include/forbidden.inc';
-        die();	
-    }
-
-    //Check the list of other forbidden directories
-    $blacklist = json_decode( file_get_contents("sys/fileshare/include/blacklist.json"), true );
-    if( !empty( $blacklist ) ) {
-    foreach ( $blacklist as $blacklisted ) {
-        if ( preg_match('^' . $blacklisted, $pwd) ) {
-            include 'sys/fileshare/include/forbidden.inc';
-            die();
-        }
-    }
-}
-?>

sys/fileshare/showaudio.inc

@@ -1,17 +0,0 @@
-<?php
-//Listen to audio -- ONLY MP3s IN THIS HOUSE
-//$title = basename($post);
- $tag = id3_get_tag($post);
- $date =  date("F d Y H:i:s", filemtime($post));
- $parent = dirname($post);
- echo "<h3><a class=nudes title=permalink href=\"$post\">".$tag["title"]."</a></h3>";
- echo "By: ".$tag["artist"]."<br />";
- echo "$date UTC<br/ >";
- echo "<p id=\"audioplayer_1\">Alternative content</p>";
- echo "<script type=\"text/javascript\">\n";
- echo "AudioPlayer.embed(\"audioplayer_1\", {soundFile: \"".$protocol."://teodesian.net/".$post."\"});\n";
- echo "</script><br />\n";
- echo "Description:<br />";
- echo $tag["comment"];
- echo "<a title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=".$icondir."tsfolder-up.gif />$parent</a><hr />";
-?>

sys/fileshare/showcode.inc

@@ -1,36 +0,0 @@
-<?php
-//Browse text files (like code)
-$statz = stat($post);
-$uid = $statz['uid'];
-$udata = posix_getpwuid($uid);
-$user = $udata['name'];
-$date =  date("F d Y H:i:s", filemtime($post));
-$title = basename($post);
-echo "<h3 class=\"blogtitles\"><a title=permalink href=\"$post\">$title</a></h3>\n";
-echo "Last modified on $date UTC by $user<br /><br />\n";
-$text = file_get_contents($post);
-
-// Convert UTF-8 string to HTML entities
-$text = mb_convert_encoding($text, 'HTML-ENTITIES',"UTF-8");
-// Convert HTML entities into ISO-8859-1
-$text = html_entity_decode($text,ENT_NOQUOTES, "ISO-8859-1");
-// Convert characters > 127 into their hexidecimal equivalents
-for($i = 0; $i < strlen($text); $i++) {
- $letter = $text[$i];
- $num = ord($letter);
- if($num>127) {
-  $out .= "&#$num;";
- } elseif ($letter == "\n") {
-  $out .= "<br />";
- } elseif ($letter == "\t") {
-  $out .= "&#8194;&#8194;&#8194;&#8194;";
- } elseif ($letter == " ") {
-  $out .= "&#8194;";
- } else {
-  $out .=  $letter;
- }
-}
-echo $out;
-$parent = dirname($post);
-echo "<hr /><a title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=img/mime/tsfolder-up.gif />$parent</a>";
-?>

sys/fileshare/showdoc.inc

@@ -1,15 +0,0 @@
-<?php
-// Using googgle docs until a decent PDF viewer actually exists
-// PDFObject would be nice if it didn't require a browser plugin
-$statz = stat($post);
-$uid = $statz['uid'];
-$udata = posix_getpwuid($uid);
-$user = $udata['name'];
-$date =  date("F d Y H:i:s", filemtime($post));
-$title = basename($post);
-$parent = dirname($post);
-echo "<a title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=img/mime/tsfolder-up.gif />$parent</a><hr />";
-echo "<h3 class=blogtitles><a title=permalink href=\"$post\">$title</a></h3>\n";
-echo "<em class=blogdetail>Last modified on $date UTC by $user</em><br /><br />\n";
-echo "<iframe src=\"http://docs.google.com/gview?url=http://teodesian.net/$post&embedded=true\" style=\"width:100%; min-height:500px;\" frameborder=\"0\"></iframe>";
-?>

sys/fileshare/showfiles.inc

@@ -1,143 +0,0 @@
-<?php
- $pwd = $_GET['dir'];
-
- //These variables are to check whether the directory we will link to exists, and to know what directory we are in 
- $check = @scandir($pwd.'/../', 1);
- $splode = preg_split('[/]', $pwd, -1);
- $predir = count($splode)-1;
- $test = array_slice($splode, -1, 1);
-
- #Establish MIME Type data
- #Link is used to specify special handler URLS for particular files
- #File specifies the link icon
- $arch_types = array(".tar",".gz",".z7",".bz",".bz2",".zip",".rar",".lsz",
-		    "link" => "",
-		    "file" => "tsarchive.gif");
- //Only MP3 supported for now
- $audio_types = array(".mp3",
-		     "link" => "index.php?nav=7&post=",
-		     "file" => "tsaudio.gif");
- $video_types = array(".ogv",
-		     "link" => "index.php?nav=8&post=",
-		     "file" => "tsmovie.gif");
- $image_types = array(".bmp",".gif",".jpg",".jpeg",".png",".ico",".svg",".xpm",
-		     "link" => "index.php?nav=9&post=",
-		     "file" => "tsimage.gif");
- $schematic_types = array(".dwg",".dxf",".cad",".gcode",".mcode",
-			 "link" => "",
-			 "file" => "tsschematic.gif");
- $model_types = array(".stl",".blend",".3ds",
-		     "link" => "",
-		     "file" => "tsmodel.gif");
- $binary_types = array(".exe",".o",".dll",".so",".jnilib",".a",".bin",".hex",
-		      "link" => "",
-		      "file" => "tssoftware.gif");
- $code_types = array(".py",".c",".h",".js",".php",".tcl",".m",".txt",
-		    "link" => "index.php?nav=6&post=",
-		    "file" => "tscode.gif");
- $doc_types = array(".htm",".html",".post",
-		   "link" => "index.php?nav=5&post=",
-                   "file" => "tsdoc.png");
- $legacy_types = array(".pdf",".doc",".docx",".xls",".xlsx",".ppt",".pptx",".pages",".ai",".psd",".tiff",".tif",".eps",".ps",".xps",
-		   "link" => "index.php?nav=10&post=",
-		   "file" => "tsprop.png");
- $mime_types = array($arch_types,$audio_types,$video_types,$image_types,$schematic_types,$model_types,$binary_types,$code_types,$doc_types,$legacy_types);
-
- //Find the directory contents
- $ls = @scandir($pwd, 1);
-
-// $dlist = array_filter($ls,function ($a) {return is_dir($a);});
- $dban1 = '.';
- $dban2 = '..';
- $dkey = array_search($dban1,$ls);
- if ($dkey!==false){unset($ls[$dkey]);};
- $dkey = array_search($dban2,$ls);
- if ($dkey!==false){unset($ls[$dkey]);};
-
- //See if this directory is even there
- if (@in_array($test[0], $check)) {
-	echo 'Directory listing for '.$pwd;
-	echo '<hr />';
-	$cnt = count($ls);
-    $dlist = array();
-    $flist = array();
-
-    //Trying to sort here
-    for ($n = 0; $n < $cnt; $n++) {
-        $filechk = @scandir($pwd.'/'.$ls[$n]);
-        if (! $filechk) {
-            foreach($mime_types as $mimes) {
-                foreach($mimes as $type) {
-                    $sstrn = @stristr($ls[$n],$type);
-                    if($sstrn !== FALSE && strlen($sstrn) == strlen($type)) {
-                        array_push($flist, $ls[$n]);
-                    }
-                }
-            }
-        }
-        else {
-            array_push($dlist, $ls[$n]);
-        }
-    }
-    sort($dlist);
-    sort($flist);
-    $ls = array_merge($dlist,$flist);
-	
-    //Yeah, I know this looks familiar. There's prolly some way to combine this by setting the $ikon and $link vars as an array.
-    for ($n = 0; $n < $cnt; $n++) {
-
-		//create links based on whether we are a file, and if otherwise we are a directory
-		$filechk = @scandir($pwd.'/'.$ls[$n]);
-		if (! $filechk) {
-			//default values for uncaught filetypes
-			$ikon = "tsfile.gif";
-			$link = "";
-
-			foreach ($mime_types as $mimes) {
-				foreach ($mimes as $type) {
-					//$link = $mimes["link"];
-                                        $sstrn = @stristr($ls[$n],$type);
-					if ($sstrn !== FALSE && strlen($sstrn) == strlen($type)) {
-						$ikon = $mimes["file"];
-						$link = $mimes["link"];
-						break 2;
-					};
-				};
-			};
-			echo '<img class="icon" src="/themed/'.$theme.'/img/mime/'.$ikon.'" />';
-			echo '<a href="'.$link.$pwd.'/'.$ls[$n].'">'.$ls[$n].'</a><br />';
-		}
-		else {
-			echo '<img src="/themed/'.$theme.'/img/mime/tsfolder.gif" />';
-			echo '<a href="index.php?nav=1&dir='.$pwd.'/'.$ls[$n].'">'.$ls[$n].'</a><br />'."\n";
-		}
-	}
-
-	//Figure out what the previous directory is
-	$prevdirname = '';
-
-	for ($i =0; $i < $predir; $i++) {
-
-		//We want to catch the first case, and not put a / before it
-		if ($i == 0) {
-			$prevdirname = $prevdirname.$splode[$i];
-		}
-		else {
-			$prevdirname = $prevdirname.'/'.$splode[$i];
-		}
-	}
-
-	//If we are not in the TLD, make a link to the previous dir
-	if ($prevdirname <> '') {
-
-		echo '<img src="'.$config['icondir'].'tsfolder-up.gif" />';
-		echo '<a href="index.php?nav=1&dir='.$prevdirname.'">Up one level</a>'."\n";
-
-	}
- }
-
- //Catch bogus directories
- else {
- 	include 'sys/fileshare/include/notfound';
- }
-?> 

sys/fileshare/showimg.inc

@@ -1,15 +0,0 @@
-<?php
-$info =  getimagesize($post);
-$ratio = round($info[0]/$info[1],2);
-$parent = dirname($post);
-if ($ratio == 1.00) {
- echo "<img alt=\"$post\" src=\"$post\" height=100% width=100% />";
-} elseif ($ratio > 1.00) {
- $ht = (1.20-($ratio-1))*100;
- echo "<img alt=\"$post\" src=\"$post\" height=$ht% width=100% />";
-} else {
- $wd = 100-(($ratio-1)*100);
- echo "<img alt=\"$post\" src=\"$post\" style=\"padding-left: auto; padding-right: auto;\" />";
-}
-echo "<a title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=".$icondir."tsfolder-up.gif /></a>".basename($post)."&nbsp".$info[0]."x".$info[1]."<hr />";
-?>

sys/fileshare/showpost.inc

@@ -1,23 +0,0 @@
-<?php
-//Generic .post file loader
-if ($nav == 5 && file_exists($post)) {
- $statz = stat($post);
- $uid = $statz['uid'];
- $udata = posix_getpwuid($uid);
- $user = $udata['name'];
- $date =  date("F d Y H:i:s", filemtime($post));
- if (stristr($post,'.') != ".post") {
-  $title = basename($post);
- } else {
-  $title = strstr(basename($post),'.', true);
- }
- echo "<h3 class=\"blogtitles\"><a title=permalink href=\"index.php?nav=5&post=$post\">$title</a></h3>\n";
- echo "<em class=\"blogdetail\">Last modified on $date UTC by $user</em><br /><hr />\n";
- include "$post";
- $parent = dirname($post);
- echo "<hr /><a style=\"padding-left: auto; padding-right: auto;\" title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=img/mime/tsfolder-up.gif /></a>$parent";
-}
-
-//404 Loader for files specified in GET param that don't actually exist
-elseif ($nav == 5 && !file_exists($post)) {echo "<h1 style=\"padding-left: auto; padding-right: auto;\">404 - Not Found</h1>";}
-?>

sys/fileshare/showvideo.inc

@@ -1,19 +0,0 @@
-<?php
-//watch movies -- Only OGV is supported
-$parent = dirname($post);
-echo "<a title=back href=\"index.php?nav=1&dir=$parent\"><img alt=back src=".$icondir."tsfolder-up.gif /></a>$parent<hr />";
-$title = basename($post);
-echo "<h3 class=blogtitles><a title=permalink href=\"$post\">".$title."</a></h3>";
-echo "<video src=\"".$post."\" type=\"video/ogg\" codecs=\"theora, vorbis\" controls=\"controls\" width=\"100%\" height=\"80%\" poster=\"img/sys/testpattern.jpg\">";
-echo "<applet code=\"com.fluendo.player.Cortado.class\" archive=\"sys/fileshare/video/cortado.jar\" width=\"100%\" height=\"80%\">";
-echo "<param name=\"url\" value=\"http://teodesian.net/".$post."\"/>\n";
-echo "<param name='bufferSize' value='4096'>\n";
-echo "<param name='bufferHigh' value='25'>\n";
-echo "<param name='bufferLow' value='5'>\n";
-echo "<param name='autoPlay' value='false'>\n";
-echo "<param name='statusHeight' value='20'>\n";
-echo "Install the Java Plugin, or Enable Scripts to see video here.<br />";
-echo "Or, <a href=\"".$post."\">download the video.\n";
-echo "</applet>";
-echo "</video>";
-?>

sys/microblog.inc

@@ -1,161 +0,0 @@
-<?php
-  if ( !empty( $editable ) ) { //Insert the Only JS the project should have, all it does is toggle a div
-    echo "
-      <script type=\"text/javascript\">
-        function switchMenu(obj) {
-          var el = document.getElementById(obj);
-          if ( el.style.display != 'none' ) {
-            el.style.display = 'none';
-          }
-          else {
-            el.style.display = '';
-	  }
-        }
-      </script>\n";
-  }
-  $title = !empty($config['microblogtitle']) ? $config['microblogtitle'] : "Microblog";
-  echo "<p class=\"title\"><a title=\"RSS\" class=\"rss\" href=\"sys/rss/microblog.php\"></a> $title";
-  //Set important times - $tdtime is today's date, $oldtime is the oldest known date a tCMS install had nuze for - defaults to today then searches microblog dir for entries to set date
-  $tdtime = new DateTime();
-  $oldtime = clone $tdtime;
-  //limit results of directory read to first entry -- much faster than doing it with PHP once you get a large filelist. 
-  exec("ls -tr1 $basedir/microblog |head -1", $cmd_out);
-  if(!empty($cmd_out[0])) {
-    $oldtime = $oldtime = DateTime::createFromFormat('m.d.y', $cmd_out[0]);
-  }
-  $oldtime->sub(new DateInterval('P1D'));
-  /*$today and $tmrw refer to times relative to what is passed by GET params -
-  $today is the date requested by GET, $tmrw is bool designating whether $today is something other than $tdtime 
-  error indicates whether you supplied a bogus GET param for date.*/
-  $tmrw = 0;
-  $error = 0;
-  $today = clone $tdtime;
-  if(!empty($_GET["date"])) {
-    $today = DateTime::createFromFormat('m.d.y', $_GET["date"]);
-    //Catch bogus input, set $tmwr to TRUE if $today was set to something other than today's date
-    if (!filter_var($_GET["date"],FILTER_VALIDATE_REGEXP,array('options' => array('regexp' => "/^(0[1-9]|1[012])[.](0[1-9]|[12][0-9]|3[01])[.]\d\d/")))) {
-      echo "</p>That's a funny looking date you provided there, mister.\n";
-      $error=1;
-    }
-    else if ($today > $tdtime) { //catch if day supplied by GET is IN THE FUTURE
-      echo "</p>Welcome to the future<br /><img style=\"max-width:100%; padding-left: auto; padding-right: auto;\" src=\"http://gunshowcomic.com/comics/20090930.png\" />\n";
-      $error=1;
-    }   
-    else if ($today < $tdtime) {
-      $tmrw = 1;
-    }
-  }
-  /*Catch if day in question has no news -
-  If not, display day before (or before that if still no news.
-  $oldtime used here to tell when to stop looping back)*/
-  if (!$error) {
-    while (empty($todaysnews)) {
-      $todaysnews = ""; //Set it to be something empty to prevent logspam
-      $yesterday = clone $today;//This may look strange, but it'll make sense later
-      $tomorrow = clone $today;
-      $tomorrow->add(new DateInterval('P1D'));
-      $yesterday->sub(new DateInterval('P1D'));
-      //Detect if We're at the end of postings
-      if ($yesterday < $oldtime) {
-        echo " (".$today->format('m.d.y')."):</p><hr />";
-        echo "For me, it was a beginning, but for you it is the end of the road.<br /><hr />\n";
-        if ($oldtime != $tdtime) {
-          $tomorrow = clone $oldtime;
-          $tomorrow->add(new DateInterval('P1D'));
-	  $tomorrow = $tomorrow->format('m.d.y');
-        }
-        $todaysnews = "end";
-      }
-      if ($todaysnews != "end") {
-        //Get news from directory if any exists for that day, glob will return empty if nothing is in dir
-        $todaysnews = glob("$basedir/microblog/".$today->format('m.d.y')."/*");
-        //Set display date for today's news, set $today to be yesterday in order to get while loop to recurse correctly
-        $realtime = $today->format('m.d.y');
-        if(!empty($_GET['fwd']) && $_GET['fwd']) {//Check whether we are traversing forward or backward in time
-          $today = clone $tomorrow;
-        } else { //Default to going back
-          $today = clone $yesterday;
-        }
-        //Finish by setting times for Yesterday and Tomorrow so that they can be used in links below
-        $tomorrow = clone $yesterday;
-        $tomorrow->add(new DateInterval('P2D'));
-        $tomorrow = $tomorrow->format('m.d.y');
-        $yesterday = $yesterday->format('m.d.y');
-      }
-    }
-    if ($todaysnews != "end") {
-      echo " (".$realtime."):</p><hr />\n";
-      foreach ($todaysnews as $i) {
-        $fh = fopen($i,'r');
-        $fc = fread($fh,10000); //If a microblog item is more than 1kb, you are doing something wrong.
-        fclose($fh);
-        $json = json_decode($fc);
-        if(is_null($json)) {
-          echo $fc;
-        } elseif (!empty($json->title) && !empty($json->url) && !empty($json->poster)) {
-          $out = '<h3 class="blogtitles">
-                    <a href="'.$json->url.'">'.$json->title.'</a>
-                    <a class="usericon '.$json->poster.'" title="Posted by '.$json->poster.'"></a>
-                  </h3>';
-          if(!empty($json->image)) {
-            $out .= '<img class="mblogimg" src="'.$json->image.'" />';
-          }
-          if(!empty($json->audio)) {
-            $out .= '<audio src="'.$json->audio.'" controls>
-                       Download Audio 
-                       <a href="'.$json->audio.'">Here</a><br />
-                     </audio>';
-          }
-          if(!empty($json->video)) {
-            $out .= '<video src="'.$json->video.'" controls>
-                       Download Video
-                       <a href="'.$json->video.'">Here</a><br />
-                     </video>';
-          }
-          if(!empty($json->comment)) {
-            $out .= $json->comment;
-          }
-          $out .= '<hr />';
-          echo $out;
-        } #Note that if nothing works out here, I'm just opting not to show anything.
-        if ( !empty( $editable ) ) {
-          $id=basename($i);
-		  $editblock = "
-            <a style=\"display: inline-block;\" onclick=\"switchMenu('$id');\">[Edit]</a>
-            <div style=\"display: none;\" id=\"$id\">
-             <form style=\"display: inline\" method=\"POST\">
-              <input type=\"hidden\" name=\"id\" value=\"$i\" />
-              <input type='hidden' name='action' value='Edit' />";
-          if(is_null($json)) {
-            $editblock .= "<textarea class=\"mbedit_text\" name=\"content\">$fc</textarea>";
-          } else {
-          $editblock .= '<input type="hidden" name="type" value="JSON" />
-            Title: <input class="cooltext" type="text" name="title"
-			value="' . str_replace( '"' ,'&quot;' , $json->title ) .'" /><br />
-            URL: <input class="cooltext" type="text" name="URL" value="'.$json->url.'" /><br />
-            Image: <input class="cooltext" type="text" name="IMG" value="'.$json->image.'" /><br />
-            Audio: <input class="cooltext" type="text" name="AUD" value="'.$json->audio.'" /><br />
-            Video: <input class="cooltext" type="text" name="VID" value="'.$json->video.'" /><br />
-            Comments: <textarea class="cooltext" name="comment">'.$json->comment.'</textarea>';
-          }
-          $editblock .= "<input type=\"hidden\" name=\"app\" value=\"microblog\" />
-             <input class=\"coolbutton mbedit_button\" type=\"submit\" Value=\"Edit\" />
-             </form>
-             <form style=\"display: inline\" method=\"POST\">
-              <input type=\"hidden\" name=\"app\" value=\"microblog\" />
-              <input type=\"hidden\" name=\"id\" value=\"$i\" />
-              <input type='hidden' name='action' value='Delete' />
-              <input class=\"coolbutton mbedit_button\" type=\"submit\" value=\"Delete\" />
-             </form>
-            </div>
-            <hr class=\"clear\" />";
-          echo $editblock;
-        }
-      }
-      echo "<a style=\"float: left;\" title=\"skips empty days\" href=\"?nav=2&date=".$yesterday."&fwd=0\">Older Entries</a>\n";
-    }
-    if ($tmrw) {
-      echo "<a style=\"float: right;\" href=\"?nav=2&date=".$tomorrow."&fwd=1\">Newer Entries</a>\n";
-    }
-  }
-?>

sys/rss/blog.php

@@ -1,71 +0,0 @@
-<?php
-  header('Content-Type: application/rss+xml'); 
-  if (!empty($_SERVER["HTTPS"])) {
-    $protocol = "http";
-  } else {
-    $protocol = "https";
-  }
-	extract(json_decode(file_get_contents('../admin/config/main.json'),true));
-    echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
-	echo "<rss version=\"2.0\" xmlns:atom=\"http://www.w3.org/2005/Atom\">\n";
-	echo "<channel>\n";
-    $atomlink = "$protocol://".$_SERVER["SERVER_NAME"]."/".$basedir.$rssdir."blog.php";
-	echo "<atom:link href=\"".$atomlink."\" rel=\"self\" type=\"application/rss+xml\" />";
-	echo "\t<title>".$htmltitle."</title>\n";
-	echo "\t<description>".$blogtitle."</description>\n";
-	echo "\t<link>http://".$_SERVER["SERVER_NAME"]."/".$basedir."</link>\n";
-
-	$tiem = date(DATE_RFC2822, time());
-
-	echo "\t<lastBuildDate>$tiem</lastBuildDate>\n";
-	echo "\t<pubDate>$tiem</pubDate>\n";
-
-	$files = glob($_SERVER["DOCUMENT_ROOT"]."/".$basedir.$blogdir."*.post");
-	$guid = count($files);
-
-	//sort by filename
-	
-	//initialize an array to house sort results
-	$files2 = array();
-	$files2 = array_pad($files2,$guid,0);
-
-	for ($i=0; $i<$guid; $i++) {
-		$j = explode('-',basename($files[$i]));
-		$j = $j[0];
-		$j = (int)$j;
-		$j--;
-		$files2[$j] = $files[$i];
-	}
-
-	$slen = count($files2)-1;
-	$ctr = 0;
-
-		for ($i=$slen; $i>-1; $i--) {
-			$shitpost=$files2[$i];
-		
-			if ($ctr > 9) {break;};
-			$ctr++;
-
-                	$statz = stat($shitpost);
-                	$uid = $statz['uid'];
-                	$udata = posix_getpwuid($uid);
-                	$user = $udata['name'];
-
-                	$date =  date(DATE_RFC2822, filemtime($shitpost));
-
-                	$title = substr(strstr(basename($shitpost),'-'),1,-5);
-			$contents = file_get_contents($shitpost);
-
-			echo "\t<item>\n";
-               		echo "\t\t<title>$title</title>\n";
-                	echo "\t\t<description><![CDATA[".$contents."]]>\t\t</description>\n";
-			echo "\t\t<link>http://teodesian.net/index.php?nav=8&amp;post=".$shitpost."</link>\n";
-			echo "\t\t<guid isPermaLink=\"false\">$guid-teodesian.net</guid>\n";
-			echo "\t\t<pubDate>".$date."</pubDate>\n";
-			echo "\t\t<author>".$user."</author>\n";
-			echo "\t</item>\n";
-			$guid--;
-		}
-	echo "</channel>\n";
-	echo "</rss>";
-?>

sys/rss/microblog.php

@@ -1,78 +0,0 @@
-<?php
-  header('Content-Type: application/rss+xml'); 
-  if (!empty($_SERVER["HTTPS"])) {
-    $protocol = "http";
-  } else {
-    $protocol = "https";
-  }
-  //Import your config, set some stuff up, then construct the mining laser
-  extract(json_decode(file_get_contents('../admin/config/main.json'),true));
-  $tcmsUsers = json_decode(file_get_contents('../admin/config/users.json'),true);
-  date_default_timezone_set($timezone);
-  $tiem = date(DATE_RSS);
-  $today = date("m.d.y");
-  $atomlink = "$protocol://".$_SERVER["SERVER_NAME"]."/".$basedir.$rssdir."microblog.php";
-  $newsdir = $_SERVER["DOCUMENT_ROOT"]."/".$basedir.$microblogdir;
-  $files = glob($newsdir.$today."/*");
-  $slen = count($files);
-  $feed = '<?xml version="1.0" encoding="UTF-8"?>
-            <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
-	     <channel>
-	      <atom:link href="'.$atomlink.'" rel="self" type="application/rss+xml" />
-	      <title>'.$htmltitle.'</title>
-	      <description>'.$microblogtitle.' RSS Feed</description>
-	      <link>http://'.$_SERVER['SERVER_NAME'].'/'.$basedir.'</link>
-	      <lastBuildDate>'.$tiem.'</lastBuildDate>
-	      <pubDate>'.$tiem.'</pubDate>';
-  foreach ($files as $shitpost) {
-    $storyPubDate =  date(DATE_RSS, strtotime(basename($shitpost)));
-    $contents = file_get_contents($shitpost);
-    #Set some sane defaults for cases where no user exists
-    $email = "null@example.com";
-    $author = "X";
-    #Check the format, do needful based on what's here
-    $json = json_decode($contents);
-    if(is_null($json)) {
-      //HAHAHA You thought you needed an XML parser, didn't you?
-      $theRipper = explode("<",$contents);
-      $theRipper = explode(">",$theRipper[2]);
-      $storyTitle = $theRipper[1];
-      $theRipper = explode('"',$theRipper[0]);
-      $storyLink = htmlspecialchars($theRipper[1]);
-      $theRipper = explode("</h3>",$contents);
-      $theRipper = explode("<hr />",$theRipper[1]);
-      $storyText = $theRipper[0];
-      $theRipper = explode("title=\"Posted by ",$contents);
-      $theRipper = explode('"',$theRipper[1]);
-      $poster = $theRipper[0];
-      if(isset($tcmsUsers[$poster])) {
-          $email = $tcmsUsers[$poster]["email"];
-          $author = $tcmsUsers[$poster]["fullName"]; 
-      }
-      $feed .= '<item>
-                 <title>'.$storyTitle.'</title>
-                 <description><![CDATA['.$storyText.']]></description>
-                 <link>'.preg_replace('/&/', '&#038;', $storyLink).'</link>
-                 <guid isPermaLink="false">'.basename($shitpost).'-'.$_SERVER["SERVER_NAME"].'</guid>
-                 <pubDate>'.$storyPubDate.'</pubDate>
-                 <author>'.$email.' ('.$author.')</author>
-                </item>';
-    } elseif (!empty($json->title) && !empty($json->url) && !empty($json->poster)) {
-        if(isset($tcmsUsers[$json->poster])) {
-            $email = $tcmsUsers[$json->poster]["email"];
-            $author = $tcmsUsers[$json->poster]["fullName"]; 
-        }
-        $feed .= '<item>
-                   <title>'.$json->title.'</title>
-                   <description><![CDATA['.$json->comment.']]></description>
-                   <link>'.preg_replace('/&/', '&#038;', $json->url).'</link>
-                   <guid isPermaLink="false">'.basename($shitpost).'-'.$_SERVER["SERVER_NAME"].'</guid>
-                   <pubDate>'.$storyPubDate.'</pubDate>
-                   <author>'.$email.' ('.$author.')</author>
-                  </item>';
-    }
-  }
-  $feed .= ' </channel>
-            </rss>';
-  print_r($feed);
- ?>

t/README.txt

@@ -1,4 +0,0 @@
-Running the tests requires 'Test::More for PHP':
-https://github.com/shiflett/testmore
-
-The Makefile will scan for this, of course and attempt to clone it if it does not exist.

t/admin.t

@@ -1,5 +0,0 @@
-<?php
-    require_once("lib/testmore/testmore.php");
-    plan(1);
-    ok("This is a stub for now");
-?>

t/lib/.gitignore

@@ -1 +0,0 @@
-testmore

templates/default/admin/bengine.inc

@@ -1,120 +0,0 @@
-<script type="text/javascript">
-//JS to load posts when you click on them to edit
-
-  window.postsLoaded = {};
-
-  function toggle(id) {
-   var foo = document.getElementById(id);
-   if (foo.style.display == 'block') {
-     foo.style.display = 'none';
-   } else {
-     foo.style.display = 'block';
-   }
- }
-
- function loadpost(fragment_url,element_id) {
-   if (window.postsLoaded[element_id]) return;
-   var element = document.getElementById(element_id);
-   element.innerHTML = 'Loading ...';
-   var xmlhttp = new XMLHttpRequest();
-   xmlhttp.open("GET", fragment_url);
-   xmlhttp.onreadystatechange = function() {
-     if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
-       element.innerHTML = xmlhttp.responseText;
-       window.postsLoaded[element_id] = true;
-     }
-   }
-   xmlhttp.send(null);
- }
-</script>
-<!--Post Creation DOM-->
-<p class="posteditortitle">
- <a id="newpostlink" href="javascript:toggle('newpost')" title="Toggle hiding of New Post editor">
-  Create New Post
- </a>
-</p>
-<div id="newpost" class="disabled">
- <form method="POST">
-  <input type="hidden" name="id" value="CHANGEME" />
-  Post Title:<br />
-  <input id="newposttitle" name="title" class="cooltext" />
-  Post Body: <span style="font-style: italic;">
-   All HTML Tags accepted! Please see <a href="" title="Manual">here</a> regarding how to disable auto-formatting,
-   or if additional help is required.
-  </span>
-  <textarea id="newposttext" name="content"></textarea><br />
-  <input type="hidden" name="app" value="blog" />
-  <input type="submit" name="mod" value="Create Post" class="coolbutton" />
- </form>
- <hr />
-</div>
-<?php
- /*Initialize vars, get directory contents*/
- $postincrementer = 0;
- $JSAIDS = "";
- $dir = $basedir.'/blog/';
- $postlisting = scandir($dir);
- rsort($postlisting, SORT_NUMERIC);
- /*Post Manipulation*/
- if (!empty($_POST["id"])) {
-  /*Post Deletion*/
-  if ($_POST["mod"] == "Delete Post") {
-   $fh = unlink($dir.'/'.$_POST["id"]);
-   if (!$fh) die("ERROR: couldn't delete ".$_POST['id'].", check permissions");
-   echo "Deleted ".$_POST["id"]."<br />";
-  /*Post Editing*/
-  } elseif ($_POST["mod"] == "Commit Edit") {
-   $fh = fopen($dir.'/'.$_POST["id"], 'w');
-   if (!$fh) die("ERROR: couldn't write to ".$_POST['id'].", check permissions");
-   fwrite($fh,stripslashes($_POST["content"]));
-   fclose($fh);
-   echo "Edited ".$_POST["id"]."<br />";
-  /*Post Creation*/
-  } elseif ($_POST["mod"] == "Create Post") {
-    $pnum = intval(substr($postlisting[0],0,strpos($postlisting[0],'-'))) + 1;
-    $id = $dir.$pnum."-".$_POST["title"].".post";
-    /*echo $id."<br />";
-    var_dump($postlisting[0]);
-    var_dump($_POST);
-    die("FOOBAR");*/
-    $fh = fopen($id, 'w'); 
-    if (!$fh) die("ERROR: Couldn't Write ".$id.", check permissions");
-    fwrite($fh,stripslashes($_POST["content"]));
-    fclose($fh);
-    echo "Created ".$id."<br />";
-  /*Catchall*/
-  } else {
-    die("Nothing to do");
-  }
- }
-  /*Spit out the posts into the DOM so that they can be edited/deleted*/
-  $postlisting = scandir($dir);
-  rsort($postlisting, SORT_NUMERIC);
-  foreach ($postlisting as $key=>$val) {
-    $id = basename($val);
-    $posttitle = strstr($val,'.', true);
-  if (!empty($posttitle)) {
-   $postincrementer++;
-   print "
-    <p id=\"post".$postincrementer."\" class=\"posteditortitle\">
-    <a id=\"link".$postincrementer."\" href=\"javascript:toggle('postcontent".$postincrementer."')\" title=\"Toggle hiding of post editor\">
-    ".$posttitle."
-    </a>
-    </p>
-    <div id=\"postcontent".$postincrementer."\" class=\"disabled\">
-     <form method=\"POST\">
-     <input type=\"hidden\" name=\"id\" value=\"$id\" />
-      <textarea id=\"innerHTML".$postincrementer."\" name=\"content\" \">
-      </textarea><br />
-      <input type=\"hidden\" name=\"app\" value=\"blog\" />
-      <input type=\"submit\" name=\"mod\" value=\"Commit Edit\" class=\"coolbutton\">
-      <input type=\"submit\" name=\"mod\" value=\"Delete Post\" class=\"coolbutton\">
-     </form>
-    </div>";
-   $JSAIDS.="document.getElementById('link".$postincrementer."').addEventListener('click',function () {loadpost('index.php?app=blog&get_fragment=".urlencode($val)."','innerHTML".$postincrementer."',false);});\nwindow.postsLoaded['innerHTML".$postincrementer."'] = false;";
-  }
- }
-print "<script type=\"text/javascript\">\n
- window.onload = function() { $JSAIDS };\n
- </script>";
-?>

templates/default/admin/login.inc

@@ -1,172 +0,0 @@
-<?php
-    if( empty( $_SERVER["HTTPS"] ) ) {
-        http_response_code(301);
-        header("Location: https://" . $_SERVER["SERVER_NAME"] . "/" . $_SERVER["REQUEST_URI"]);
-        die();
-    }
-    $loginFailure = -1;
-    $supported_methods = [ 'GET', 'POST' ];
-    if( in_array( $_SERVER['REQUEST_METHOD'], $supported_methods ) ) {
-        switch($_SERVER['REQUEST_METHOD']) {
-            case 'GET' : $request = &$_GET; break;
-            case 'POST': $request = &$_POST; break;
-        }
-        $args = [];
-        foreach( $request  as $key => $val ) {
-            //Clean the junk
-            $args[$key] = urldecode(filter_var( $val, FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS ));
-        }
-        $loginMsg = "Unknown Error";
-        if( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
-            require_once "tCMS/Auth.inc"; //Authenticate
-            $auth = new Auth;
-            $login = $auth->do_auth( $args['username'], $args['password'] );
-            if(!is_array($login) || !empty($login['err']) || empty( $login['success'] ) ) {
-                $loginFailure = 1;
-                if( !empty( $login['msg'] ) ) $loginMsg = $login['msg'];
-                http_response_code(401);
-            } else { # We succeeded
-                $loginMsg = "Login Succeded, redirecting...";
-                $loginFailure = 0;
-            }
-        }
-    }
-    # Construct the redirection URL
-    if( empty( $args['to'] ) ) {
-        $redir = 'index.php';
-    } else {
-        $redir = 'index.php?app=' . $args["to"];
-    }
-    $redirection_URL = "https://" . $_SERVER["SERVER_NAME"] . "/sys/admin/$redir";
-?>
-
-<!doctype html>
-<html dir="ltr" lang="en-US">
-  <head>
-    <title>tCMS 2 ~ Login</title>
-    <style>
-      body {
-        background-color: gray;
-        font-family: sans-serif;
-      }
-      #login {
-        margin: 0 auto;
-        max-width: 25rem;
-        color: white;
-      }
-      #logo {
-        display: block;
-        max-width: 90%;
-        margin: 0 0 0 5%;
-        height: 2rem;
-      }
-      #login form {
-        max-width: 85%;
-        display: block;
-        margin: 0 auto;
-      }
-      #maximumGo {
-        width: calc(100% - 1rem);
-      }
-      #copyright {
-        font-size: .75rem;
-        text-align: center;
-      }
-      #jsalert {
-        margin: 1rem;
-        border-radius: .75rem;
-        border-color: rgba(255,0,0,.75);
-        padding: 1rem;
-      }
-      .alert-danger {
-        background-color: rgba(255,0,0,.25);
-      }
-      .alert-success {
-        background-color: rgba(0,255,0,.25);
-      }
-      input {
-        box-sizing: border-box;
-        border-radius: .5em;
-        border: .25em solid black;
-        color: white;
-        padding: .25em;
-        margin: .25em;
-      }
-      .input-group {
-        display: table;
-        width: 100%;
-      }
-      .input-group > input, .input-group > label {
-        display: table-cell;
-      }
-      .input-group > input {
-        width: calc(100% - 1rem);
-        background-color: #333;
-      }
-      input[type="submit"] {
-        box-shadow: 0 0 .5em black;
-        background-color: #333;
-        color: white;
-      }
-    </style>
-    <script>
-      document.addEventListener("DOMContentLoaded", function(event) {
-        var loginFailure = <?php echo $loginFailure; ?>;
-        if( loginFailure === -1 ) {
-          document.querySelector('#jsalert').style.cssText = 'visibility: hidden;';
-        } else if ( loginFailure === 1 ) {
-          document.querySelector('#jsalert').classList.remove("alert-success");
-          document.querySelector('#jsalert').classList.add("alert-danger");
-          document.querySelector('#msgIcon').innerHTML = "❌";
-          document.querySelector('#message').innerHTML = "<?php echo $loginMsg ?>";
-        } else {
-          document.querySelector('#jsalert').classList.remove("alert-danger");
-          document.querySelector('#jsalert').classList.add("alert-success");
-          document.querySelector('#msgIcon').innerHTML = "✓";
-          document.querySelector('#message').innerHTML = "<?php echo $loginMsg ?>";
-          window.setTimeout(function() {
-            window.location="<?php echo $redirection_URL; ?>";
-          }, 500);
-        }
-      });
-    </script>
-    <link rel="icon" type="image/vnd.microsoft.icon" href="../../img/icon/favicon.ico" />
-  </head>
-  <body>
-      <div id="login">
-        <div id="jsalert" class="alert-danger">
-          <table>
-            <tr>
-              <td id="msgIcon">
-                ⚠
-              </td>
-              <td id="message" style="padding-left: 1rem;">
-                Please enable JavaScript on this domain.
-              </td>
-            </tr>
-          </table>
-        </div>
-        <div>
-          <img id="logo" src="../../themed/default/img/icon/tCMS.svg" style="float:left" /><span style="font-family:courier;font-size:2rem;">CMS Login</span>
-        </div>
-        <div id="spacer" style="clear: both;"><br /></div>
-        <form method="POST" action="index.php">
-          <input type="hidden" name="app" value="login" />
-          <input type="hidden" name="to" value="<?php if(!empty($args['to'])) echo $args['to']; ?>" />
-          Username<br />
-          <div class="input-group">
-            <label for="username">😎</span></label>
-            <input name="username" id="username" placeholder="AzureDiamond" value="" type="text"></input>
-          </div>
-          <br />
-          Password<br />
-          <div class="input-group">
-            <label for="password">🔑</label>
-            <input name="password" id="password" placeholder="hunter2" value="" type="password"></input>
-          </div>
-          <br />
-          <input type="submit" id="maximumGo" value="Log in"></input>
-        </form>
-      </div>
-  </body>
-</html>

templates/default/admin/logout.inc

@@ -1,6 +0,0 @@
-<?php
-    require_once "tCMS/Auth.inc";
-    $auth = new Auth;
-    $auth->invalidate_auth();
-    die();
-?>

templates/default/admin/mbengine.inc

@@ -1,109 +0,0 @@
-<?php
-  //TODO have include file here for string size validation function on titles, XSS Prevention (?)
-
-  // Function for creating a post, used twice in the code below (thus it is encapsulated).
-  function write_post($fh=null, $basedir) {
-    //Pull in config due to function scoping
-    extract(json_decode(file_get_contents('config/main.json'),true));
-    $errors = array();//Create empty error array
-    //Validation checks
-    $url = stripslashes($_POST["URL"]);
-    if (empty($_POST['URL'])) {
-      $errors[] = "No url provided.";
-    } else if (!filter_var($url,FILTER_VALIDATE_URL)) {
-      $errors[] = '"'.$url.'" is not a valid ASCII URL.';
-    }
-    if (!empty($_POST["IMG"]) && !filter_var(stripslashes($_POST["IMG"]),FILTER_VALIDATE_URL)) {
-      $errors[] = 'Image "'.$url.'" is not a valid ASCII URL.';
-    }
-    if (!empty($_POST["AUD"]) && !filter_var(stripslashes($_POST["AUD"]),FILTER_VALIDATE_URL)) {
-      $errors[] = 'Audio "'.$url.'" is not a valid ASCII URL.';
-    }
-    if (!empty($_POST["VID"]) && !filter_var(stripslashes($_POST["VID"]),FILTER_VALIDATE_URL)) {
-      $errors[] = 'Video "'.$url.'" is not a valid ASCII URL.';
-    }
-    /*TODO Need to do extra validation here to prevent folks from doing something stupid
-    (like inserting executable code or large hex dumps of files). FILTER_VALIDATE_URL should catch
-    most of this, but especially on the title and commentary I can't be sure.*/
-    if (!count($errors)) {//All POST Vars needed to construct a coherent posting are here, let's go 
-      include_once("config/users.inc");//Import userland functions to figure out who's posting
-      $postBody = array(
-        "title"   => stripslashes($_POST["title"]),
-        "url"     => $url,
-        "image"   => stripslashes($_POST["IMG"]),
-        "audio"   => stripslashes($_POST["AUD"]),
-        "video"   => stripslashes($_POST["VID"]),
-        "comment" => stripslashes($_POST["comment"]),
-        "poster"  => $poster
-      );//XXX Note here that if editing, it changes poster to whoever last edited the post
-      if(empty($fh)) {//If none was passed in, we need to make one
-        $tdtime = new DateTime();
-        $today = $tdtime->format('m.d.y');
-        $now = $tdtime->format('H:i:s');
-        $newsdir = "$basedir/microblog/";
-        @mkdir($newsdir.$today);
-        $fh = fopen($newsdir.$today."/".$now, 'w');
-        if (!$fh) die("ERROR: couldn't write $newsdir$today/$now to $newsdir$today, check permissions");
-      }
-      fwrite($fh,json_encode($postBody));
-      fclose($fh);
-    } else {//Print errors at the top, since we didn't have what we needed from POST
-      $message = 'Could not post due to errors:<br /><ul style="color: red; list-type: disc;">';
-      foreach ($errors as $err) {$message .= "<li>$err</li>";}
-      $message .= '</ul>POST Variable Dump below:<br /><em style="color: red; font-size: .75em;">'.print_r($_POST, true).'</em>';
-      echo $message;
-    }
-  }
-
-  //Microblog Posting engine - also used to display a form for submitting stories
-  if($_SERVER['REQUEST_METHOD'] == 'POST') {//Don't do anything unless we are POSTing 
-    if(empty($_POST["id"])) {//See if we need to post something new
-      write_post(null, $basedir); 
-    } else {//OK, so we've established that the post has an ID. Let's see if we're editing/deleting a post.
-      if (!empty($_POST["action"]) && $_POST["action"] == 'Delete') {//BLANKING IN PROGRESS
-        $res = unlink($_POST["id"]);
-        if (!$res) {
-          header("HTTP/1.1 500 Internal Server Error");
-          die("ERROR: couldn't delete ".$_POST['id'].", check permissions");
-        }
-        echo "Deleted ".$_POST["id"]."<br />";
-      } else {//Attempt editing, first detecting whether content is json
-        $fh = fopen($_POST["id"], 'w');
-        if (!$fh) {
-          header("HTTP/1.1 500 Internal Server Error");
-          die("ERROR (500): couldn't open ".$_POST['id'].", check permissions");
-        }
-        if(empty($_POST["type"]) && !empty($_POST["content"])) {//Do some munging if it's just raw text
-          $content = stripslashes($_POST["content"]);
-        } else {//Process the JSON Post, write to file
-          write_post($fh, $basedir);
-        }
-        fwrite($fh,$content);//Just write the blob ,TODO validation
-        fclose($fh);
-        echo "Edited ".$_POST["id"]."<br />";
-      }
-    }
-  }
-  //DOM below
-?>
-<div id="mbengine">
- <div id="submissions">
-  <p class="title">Submissions:</p>
-  <form id="Submissions" method="POST">
-   Title *<br /><input class="cooltext" type="text" name="title" placeholder="Iowa Man Destroys Moon" />
-   URL *<br /><input class="cooltext" type="text" name="URL" placeholder="https://oneweirdtrick.scam" />
-   Image<br /><input class="cooltext" type="text" name="IMG" placeholder="https://gifdump.tld/Advice_Dog.jpg" />
-   Audio<br /><input class="cooltext" type="text" name="AUD" placeholder="https://soundclod.com/static.mp3"/>
-   Video<br /><input class="cooltext" type="text" name="VID" placeholder="https://youvimeo.tv/infomercial.mp4" />
-   Comments:<br /><textarea class="cooltext" name="comment" placeholder="Potzrebie"></textarea>
-   <input type="hidden" name="app" value="microblog" />
-   <input class="coolbutton" type="submit" value="Publish" text="Publish" />
-  </form>
- </div>
- <div id="stories">
-  <?php
-   $editable = 1;
-   include $_SERVER["DOCUMENT_ROOT"].'/sys/microblog.inc';
-  ?>
- </div>
-</div>

templates/default/admin/settings.inc

@@ -1,131 +0,0 @@
-<?php
-    if(!empty($args['conf_change_type'])) {
-        $conf  = $conf_obj->get($args['conf_change_type']);
-        if($args['conf_change_type'] == 'users' ) {
-            $real_conf = $conf;
-            $conf = $real_conf[$args['name']];
-        }
-        $model = $conf_obj->get_config_model($args['conf_change_type']);
-        $saved = false;
-        foreach( $model as $key => $item ) {
-            if(!empty($args[$key])) {
-                if($key == 'password') {
-                    # Hash it, save to correct param
-                    $conf['auth_hash'] = password_hash( $args[$key], PASSWORD_DEFAULT );
-                } else {
-                    $conf[$key] = $args[$key];
-                }
-            }
-        }
-        if($args['conf_change_type'] == 'users' ) {
-            unset($conf['name']);
-            $real_conf[$args['name']] = $conf;
-            $conf = $real_conf;
-        }
-        $conf_obj->set($args['conf_change_type'], $conf);
-        $saved = $conf_obj->save($args['conf_change_type']);
-        if($saved) {
-            echo "<p>Successfully saved $saved bytes to " . $conf_obj->get_conf_dir() . '/' . $args['conf_change_type'] . ".json</p>";
-        } else {
-            echo '<p style="color:red;">Failed to save to ' . $conf_obj->get_conf_dir() . '/' . $args['conf_change_type'] . '.json!</p>';
-        }
-    }
-?>
-<p class="title">
- General settings:
-</p>
-<hr />
-<form id="mainConfig" method="post" action="index.php">
-    <input type="hidden" name="conf_change_type" value="main" />
-    <table>
-    <?php
-        $conf  = $conf_obj->get('main');
-        $model = $conf_obj->get_config_model('main');
-        $line = '';
-
-        foreach ( $model as $key => $item ) {
-            $line .= '<tr>';
-            $line .= '<td><label for="' . $key . '">' . $item['label'] . '</label></td>';
-            if($item['form_field'] == 'select') {
-                $line .= '<td><select class="cooltext" name="' . $key . '" id="' . $key . '">';
-                foreach ( $item['select_opts'] as $option ) {
-                    $line .= '<option value="' . $option . '">' . $option . '</option>';
-                }
-                $line .= '</select></td>';
-            } elseif($item['form_field'] == 'input') {
-                $val = !empty($conf[$key]) ? $conf[$key] : '';
-                $line .= '<td><input type="text" class="cooltext" name="' . $key . '" id="' . $key . '" placeholder="'.$item['default'].'" value="'.$val.'" />';
-            }
-            $line .= '</tr>';
-        }
-        echo "$line\n";
-    ?>
-    </table>
-    <br />
-    <input type="submit" class="coolbutton" value="Commit Changes" />
-</form>
-<hr />
-
-<p class="title">
- User management:
-</p>
-<hr />
-<form id="userConfig" method="post" action="index.php">
-    <input type="hidden" name="conf_change_type" value="users" />
-    <?php
-        $conf  = $conf_obj->get('users');
-        $model = $conf_obj->get_config_model('users');
-        $line = '';
-        foreach ( $conf as $user => $data ) {
-            $line .= "<table class='manageUserEntry'><tr><td><em>Manage user '$user'</em></td>";
-            $line .= "<td style='text-align: right;'><label for='delete_$user'>Delete user?</label>";
-            $line .= "<input id='delete_$user' type='checkbox' />";
-            $line .= "</td></tr>";
-            foreach ( $model as $key => $item ) {
-                $line .= '<tr><td><label for="' . $key . '">' . $item['label'] . '</label></td>';
-                $val = "";
-                if( array_key_exists( $key, $data ) ) {
-                    $val = $data[$key];
-                } else if( array_key_exists( 'masks', $item ) && $item['masks'] == 'parent' ) {
-                    $val = $user;
-                }
-                $line .= '<td><input class="cooltext" name="' . $key . '" id="' . $key . '" type="' . $item['field_type'] . '" placeholder="' . $item['placeholder'] . '" value="' . $val . '" /></td></tr>';
-            }
-            $line .= '</table>';
-        }
-        echo "$line\n";
-    ?>
-    <br />
-    <input type="submit" class="coolbutton" value="Commit Changes" />
-</form>
-<br />
-<p class="title">
- Add User:
-</p>
-<form id="addUser" method="post" action="index.php">
-    <input type="hidden" name="conf_change_type" value="user" />
-    <table>
-    <?php
-        $line = '';
-        foreach ( $model as $key => $item ) {
-            $line .= '<td><label for="' . $key . '">' . $item['label'] . '</label></td>';
-            $line .= '<td><input class="cooltext" name="' . $key . '" id="' . $key . '" type="' . $item['field_type'] . '" placeholder="' . $item['placeholder'] . '" value="" /></td></tr>';
-        }
-        echo "$line\n";
-    ?>
-    </table>
-    <br />
-    <input type="submit" class="coolbutton" value="Commit Changes" />
-</form>
-<hr />
-
-<p class="title">
- Theme cloner:
-</p>
-<hr />
-<p>
-  Want to write your own theme?
-  Clone a theme here then see the <a href="https://tcms.troglodyne.net/index.php?nav=5&post=fileshare/manual/Chapter 03-Customization.post" title="GET UR MIND RITE">styling guide</a>
-  for information on how tCMS' templates, image sets and CSS work in the theming system.
-</p>
-INSERT FORM HERE

templates/default/footbar.inc

@@ -1 +0,0 @@
-Potzrebie

templates/default/header.tmpl

@@ -1,17 +0,0 @@
- <head>
-  <meta charset="utf-8" />
-  <meta name="description" content="A Simple CMS by teodesian.net"/>
-  <meta name="viewport" content="width=device-width">
-  <?php
-    $links  = '<link rel="stylesheet" type="text/css" href="themed/' . $theme . '/css/structure.css" />';
-    $links .= '<link rel="stylesheet" type="text/css" href="themed/' . $theme . '/css/screen.css" media="screen" />';
-    $links .= '<link rel="stylesheet" type="text/css" href="themed/' . $theme . '/css/print.css" media="print" />';
-    $links .= '<link rel="icon" type="image/vnd.microsoft.icon" href="themed/' . $theme . '/img/icon/favicon.ico" />';
-    echo $links;
-
-    // TODO inject avatars these via style tags based on config
-  ?>
-  <title>
-   <?php echo $config['htmltitle']; ?>
-  </title>
- </head>

templates/default/leftbar.inc

@@ -1 +0,0 @@
-Potzrebie

templates/default/nav.inc

@@ -1,14 +0,0 @@
-<div id="lefttitle" class="toplel">
- <?php
-  echo $config['htmltitle'];
- ?>
-</div>
-<div id="midtitle" class="toplel">
-</div>
-<button title="Menu" id="clickme">&#9776;</button>
-<div id="righttitle" class="toplel">
- <a href="index.php?nav=2" title="Micro Blog" class="topbar">LinkLog</a>
- <a href="index.php?nav=3" title="Blog" class="topbar">Blog</a>
- <a href="index.php?nav=1&amp;dir=fileshare" title="File Share" class="topbar">Fileshare</a>
- <a href="index.php?nav=4" title="About" class="topbar">About</a>
-</div>

templates/default/notconfigured.tmpl

@@ -1,75 +0,0 @@
-<!doctype html>
-<html dir="ltr" lang="en-US">
-    <head>
-        <meta charset="utf-8" />
-        <meta name="description" content="tCMS"/>
-        <meta name="viewport" content="width=device-width">
-        <link rel="icon" type="image/vnd.microsoft.icon" href="<?php echo "themed/$theme"; ?>/img/icon/favicon.ico" />
-        <title>
-            tCMS Requires Setup to Continue...
-        </title>
-        <style>
-            body, html {
-                font-size: 100%;
-                margin: 0;
-            }
-            nav {
-                padding: .5rem;
-                height: 2rem;
-                line-height: 2rem;
-                font-size: 1.5rem;
-                background-color: black;
-                color: white;
-            }
-            section {
-                display: block;
-                margin: 1rem auto 0 auto;
-                padding: 0 1rem;
-            }
-            #notice {
-                display: table;
-                padding: .5rem;
-                background-color: rgba( 0, 0, 0, .75 );
-                color: #00FF00;
-                border-radius: .25rem;
-            }
-            #notice > img, #notice > span {
-                margin: .25rem;
-                display: table-cell;
-                vertical-align: middle;
-            }
-            /* Styles for larger viewports */
-            @media( min-width: 768px ) {
-                section {
-                    width: 80%;
-                }
-                #notice {
-                    width: calc( 100% - 1rem);
-                }
-            }
-        </style>
-    </head>
-    <body>
-        <nav>
-            <strong>tCMS Initial Setup</strong>
-        </nav>
-        <section>
-            <div id="notice">
-                <img alt="Icon indicating a missing file" src="<?php echo "themed/$theme"; ?>/img/mime/missing.gif" />
-                <span>
-                    [INFO] This page is being displayed because the main configuration file is missing
-                    (or corrupted).
-                </span>
-            </div>
-            <p>
-                <strong>Note:</strong> Please see the
-                <a href="https://tcms.troglodyne.net/index.php?nav=5&post=fileshare/manual/Chapter%2000-Introduction.post">
-                    tCMS Manual
-                </a>
-                for full instructions on how configure tCMS.
-                <br /><br />
-                Please <a href="sys/admin?app=config" alt="Login">Log In</a> and Configure tCMS.
-            </p>
-        </section>
-    </body>
-</html>

templates/default/rightbar.inc

@@ -1 +0,0 @@
-Potzrebie

themed/default/css/avatars.css

@@ -1,6 +0,0 @@
-/*User Images set here*/
-a.Nobody {
- background-image: url(../img/avatar/humm.gif);
- filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='../img/avatar/hydra.png', sizingMethod='scale');
- -ms-filter: "progid:DXImageTransform.Microsoft.AlphaImageLoader(src='../img/avatar/hydra.png', sizingMethod='scale')"
-}

themed/default/css/print.css

@@ -1,34 +0,0 @@
-#littlemenu, #topkek, #leftbar, #rightbar, #footbar {
- display: none !important;
-}
-#kontent {
- text-align: left;
- font-family: sans-serif;
- font-size: 12pt;
-}
-p.title {
- font-weight: bold;
-}
-ul {
- list-style-type: disc;
-}
-table {
- border-spacing: 0px;
-}
-td {
- padding: 0px;
-}
-pre {
- font-family: sans-serif;
- font-size: 12pt;
- margin-top: 5px;
- margin-bottom: 5px;
- white-space: pre-wrap;
-}
-h3.blogtitles {
- margin-bottom: 5px;
- margin-bottom: 5px;
-}
-em.blogdetail {
- font-size: 8pt;
-}

themed/default/css/screen.css

@@ -1,288 +0,0 @@
-/*SCREEN.CSS - All styling for the screen view of the site should be done here*/
-
-/*Global tag based changes go here*/
-a {
- color: rgb(0,0,0);
- border: 0px;
-}
-body {
- color: black;
- background-color: gray;
- font-family: sans-serif;
- font-size: 100%;
-}
-img {
- border: 0px;
-}
-table {
- border-spacing: 0px;
-}
-td {
- padding: 0px;
- margin: 0px;
-}
-hr {
- width: 100%
-}
-ul {
- list-style-type: disc;
-}
-pre {
- margin-top: .25em;
- margin-bottom: .25em;
- white-space: pre-wrap;
- font-family: sans-serif;
- font-size: 1em;
-}
-textarea {
- height: 10em;
- width: 99%;
- background-color: #333;
- height: 15em;
-}
-audio, video {
- display: block;
-}
-
-/*Major DOM Element Styling goes below*/
-#topkek {
- background: rgb(0,0,0);
- box-shadow: 0 .25em .5em black;
-}
-.toplel {
- color: white;
- vertical-align: middle;
-}
-#lefttitle {
- font-family: courier;
- font-size: 1em;
- font-weight: bold;
-}
-#midtitle {
- text-align: center;
-}
-#righttitle {
- text-align: right;
-}
-#righttitle a, #configbar a {
- padding-right: .5em;
- border-right: .1em #333 solid;
-}
-#righttitle a:last-child, #configbar a:last-child {
- border-right: 0;
-}
-#menubutton {
- vertical-align: middle;
-}
-#littlemenu {
- background-color: rgb(0,0,0);
- background-color: rgba(0,0,0,.75);
- border-bottom-left-radius: 1em;
-}
-#kontent {
- background: rgb(255,255,255); /*IE Fallback*/
- background: rgba(255,255,255,.90);
- border-radius: 0px 0px 1em 1em;
- box-shadow: 0 .5em 1em black;
-}
-#footbar {
- color: white;
- background-color: black;
- text-align: center;
-}
-/* admin styles */
-#mbengine {
- width: 100%;
- display: table;
-}
-#submissions {
- width: 20%;
- display: table-cell;
-}
-#stories {
- vertical-align: top;
-}
-
-/*Icon/Button styles below*/
-.rss {
- border: 0px;
- height: 1em;
- width: 1em;
- background-size: 1em;
- background-image: url(../img/icon/rss.png);
- display: inline-block;
- filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='../img/icon/rss.png', sizingMethod='scale');
- -ms-filter: "progid:DXImageTransform.Microsoft.AlphaImageLoader(src='../img/icon/rss.png', sizingMethod='scale')";
-}
-.usericon, .buddyicon {
- width: 1em;
- height: 1em;
- float: right;
- background-size: 1em;
-}
-.avatar {
- width: 3em;
- height: 3em;
- float: left;
- background-size: 3em;
-}
-button#clickme {
- display: none;
- float: right;
- box-shadow: 0px 0px 0.5em #66CCFF;
- padding: 0 .25em;
- margin: .25em;
- font-size: .60em;
- background-color: #333;
- border-radius: .5em;
- border: .25em solid black;
- color: red;
-}
-button#clickme:active {
- padding-left: .30em;
- border-color: gray;
-}
-.coolbutton, .cooltext, textarea {
- box-sizing: border-box;
- border-radius: .5em;
- border: .25em solid black;
- color: white;
- padding: .25em;
- margin: .25em;
-}
-.coolbutton {
- box-shadow: 0 0 .5em black;
- background-color: #333;
-}
-.coolbutton:active {
- padding-left: .30em;
- border-color: gray;
-}
-.cooltext {
- background-color: #333;
- width: 100%;
-}
-#Submissions input, #Submissions textarea {
- width: 95%;
- display: block;
- margin-right: auto;
- margin-left: auto;
-}
-#Submissions textarea {
- height: 20em;
- vertical-align: top;
-}
-
-/*Various other stylistic stuff below*/
-a.nudes {
- color: rgb(0,255,0);
-}
-img.icon {
- height: 1em;
- width: 1em;
-}
-img.mblogimg, {
- max-width: 100%;
- display: block;
-}
-h3.blogtitles {
- margin-bottom: .5em;
- margin-top: 0px;
-}
-em.blogdetail {
- font-size: .8em;
-}
-a.topbar {
- text-decoration: none;
- color: white;
-}
-a:hover.topbar {
- text-decoration: underline;
-}
-img.titlebar {
- height: 1.5em;
- float: left;
-}
-p.title {
- padding-top: 0px;
- margin-top: 0px;
- font-weight: bold;
-}
-p#linkcontainer {
- padding: 2em .5em .5em .5em;
- background: rgb(0,0,0); /*IE Fallback*/
- background: rgba(0,0,0,.75);
- border-bottom-left-radius: 1em;
- margin-top: 0px;
-}
-span.bold {
- font-weight: bold;
-}
-p.posteditortitle {
- margin: 0px;
- font-weight: bold;
- border-bottom: .1em solid gray;
- padding: .5em;
-}
-.disabled {
- display: none;
-}
-.clear {
- clear: both;
-}
-.mbedit_text {
- display: inline-block;
-}
-.mbedit_button {
- width: 5em;
- display: inline-block;
-}
-#newposttitle {
- width: 95%;
- display: block;
- box-sizing: border-box;
-}
-#newpostlink {
- color: #990000;
-}
-/*Responsive design stuff that used to be in JS, modify as needed*/
-@media (max-width: 1024px) {
-  #lefttitle {
-    width: 100%;
-    max-width: 100%;
-  }  
-  #clickme {
-    display: table-cell !important;
-  }
-  #righttitle, #configbar {
-    visibility: hidden;
-    position: fixed;
-    top: 2rem;
-    right: 0;
-    min-width: 0;
-    max-width: 100%;
-    background-color: rgba(0,0,0,.75);
-    border-bottom-left-radius: 1em;
-  }
-  #clickme:active ~ #righttitle, #clickme:focus ~ #righttitle, #righttitle:hover, #righttitle a:active, #clickme:active ~ #configbar, #clickme:focus ~ #configbar, #configbar:hover, #configbar a:active  {
-    visibility: visible;
-  }
-  #righttitle a, #configbar a {
-    display: block;
-    border-right: 0;
-  }
-}
-@media (max-width: 700px) {
-  #mbengine {
-   width: 100%;
-   display: block;
-  }
-  #submissions {
-   width: 100%;
-   display: block;
-  }
-}
-.manageUserEntry {
-    border: .25rem dashed black;
-    padding: .5rem;
-}

themed/default/css/structure.css

@@ -1,95 +0,0 @@
-/*First, we start off with specifying what parts of the DOM we want hidden*/
-#leftbar, #rightbar, #footbar, #midtitle {
- display: none;
-}
-
-/*Now, on to positioning of the elements*/
-body {
- position: relative;
- margin: 0;
- width: 100%;
- min-height: 100vh;
- max-height: 100%;
-}
-#topkek {
- display: table;
- position: fixed;
- z-index: 2;
- top: 0;
- width: 100%;
- height: 2rem;
-}
-.toplel {
- display: table-cell;
-}
-#lefttitle {
- padding-left: .5em;
- max-width: 50%;
- min-width: 33%;
-}
-#midtitle {
- width: 33%;
-}
-#righttitle {
- min-width: 33%;
- max-width: 50%;
- padding-right: .5em;
-}
-#righttitle a, #configbar a {
- display: inline-block;
-}
-#menubutton {
- display: none;
- min-width: 2%;
- max-width: 33%;
- padding-right: .5em;
-}
-#littlemenu {
- display: none;
- position: fixed;
- z-index: 3;
- top: 1.5em;
- right: 0px;
- padding: 0px .5em .5em .5em;
-}
-#littlemenu a {
- display: block;
-}
-#kontainer {
- display: table;
- width: 100%;
- padding-bottom: 2.5em;
-}
-.kontained {
- display: table-cell;
-}
-#leftbar {
- width: 6em;
- padding-right: .5em;
-}
-#kontent {
- padding: 3em .5em .5em .5em;
- min-height: 50%;
- max-width: 100%;
- margin-top: 0px;
-}
-#rightbar {
- width: 6em;
- padding-left: .5em;
-}
-#footbar {
- position: absolute;
- bottom: 0;
- width: 100%;
- height: 1.5em;
-}
-#stories {
- padding: 0px .5em .5em .5em;
- width: 80%;
- display: table-cell;
-}
-
-/*Some CSS rules below that I actually want to load on both print and screen views*/
-blockquote {
-  font-style: italic;
-}