Skip to content

Commit

Permalink
Merge branch 'dev'
Browse files Browse the repository at this point in the history
  • Loading branch information
@Awilum
Awilum committed Jan 29, 2016
2 parents 4637870 + 7e30f63 commit 4dd2361
Show file tree
Hide file tree
Showing 30 changed files with 618 additions and 61 deletions.
53 changes: 41 additions & 12 deletions .htaccess
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,63 @@
#
# Monstra :: php & apache settings
# This file is part of the Monstra.
#
# (c) Romanenko Sergey / Awilum <awilum@msn.com>
#
# For the full copyright and license information, please view the LICENSE
# file that was distributed with this source code.
#

# Set default charset utf-8
AddDefaultCharset UTF-8

# Don't show directory listings for URLs which map to a directory.
Options -Indexes

# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
</IfModule>


# Setting rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on

# Update code bellow for SEO improvements
# RewriteCond %{HTTP_HOST} ^www.example.org [NC]
# RewriteRule ^(.*)$ http://example.org/$1 [R=301,L]

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Monstra
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.

## Begin - Rewrite rules for Monstra
RewriteBase /%siteurlhere%/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
## End - Rewrite rules for Monstra

## Begin - Rewrite rules for SEO improvements.
# RewriteCond %{HTTP_HOST} ^www.example.org [NC]
# RewriteRule ^(.*)$ http://example.org/$1 [R=301,L]
# Redirect 301 /index http://example.org/
## End - Rewrite rules for SEO improvements.

# Update code bellow for SEO improvements
# Redirect 301 /home http://example.org/
</IfModule>

# Prevent visitors from viewing files directly.
<FilesMatch "(^#.*#|\.(md|txt|html|tpl|yml|yaml)|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>

# Don't show directory listings for URLs which map to a directory.
Options -Indexes
10 changes: 9 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
Monstra 3.0.3, 2016-01-29
------------------------
- Improved Monstra Security
- Minimum PHP version for Monstra is 5.3.2
- Admin: Fixed 404 error when using certain server configurations
- Localization: Major Fixes for SR, KA-GE, and ES
- Install Script Fixes

Monstra 3.0.2, 2015-10-16
------------------------
- Added Monstra MIT LICENSE instead of GNU GENERAL PUBLIC LICENSE v3
Expand Down Expand Up @@ -141,7 +149,7 @@ Monstra 2.1.3, 2012-12-09
- Pages Plugin: add ability to get content for specific page.
- XMLDB: New method factory() added.
- Twitter Bootstrap updated to Version 2.2.2
- Sitemap Plugin: _blank removed.
- Sitemap Plugin: `_blank` removed.
- Filesmanager Plugin: fixes.
- Backup Plugin: fixes.

Expand Down
2 changes: 1 addition & 1 deletion LICENSE.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
The MIT License (MIT)

Copyright (c) 2012 - 2015 Monstra Content Management
Copyright (c) 2012 - 2016 Monstra Content Management

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ Monstra is a modern and lightweight Content Management System.

## System Requirements
Operation system: Unix, Linux, Windows, Mac OS
Middleware: PHP 5.3.0 or higher with PHP's [SimpleXML module](http://php.net/simplexml) and [Multibyte String module](http://php.net/mbstring)
Middleware: PHP 5.3.2 or higher with PHP's [SimpleXML module](http://php.net/simplexml) and [Multibyte String module](http://php.net/mbstring)
Webserver: Apache with [Mod Rewrite](http://httpd.apache.org/docs/current/mod/mod_rewrite.html) or Ngnix with [Rewrite Module](http://wiki.nginx.org/HttpRewriteModule)

## Steps to Install
Expand Down
2 changes: 1 addition & 1 deletion admin/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@
if (Request::get('id')) {
$area = Request::get('id');
} else {
Request::redirect('index.php?id=dashboard');
Request::redirect(Site::url().'/admin/index.php?id=dashboard');
}

$plugins_registered = Plugin::$plugins;
Expand Down
6 changes: 5 additions & 1 deletion admin/themes/default/css/default.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,11 @@
@font-face {
font-family: 'Glyphicons Halflings';

src: url('@site_url/public/assets/fonts/glyphicons-halflings-regular.eot');
src: url('@site_url/public/assets/fonts/glyphicons-halflings-regular.eot?#iefix') format('embedded-opentype'),
url('@site_url/public/assets/fonts/glyphicons-halflings-regular.woff') format('woff'),
url('@site_url/public/assets/fonts/glyphicons-halflings-regular.ttf') format('truetype'),
url('@site_url/public/assets/fonts/glyphicons-halflings-regular.svg#glyphicons-halflingsregular') format('svg');
src: url('@site_url/public/assets/fonts/glyphicons-halflings-regular.eot');
}

body {
Expand Down Expand Up @@ -88,6 +88,10 @@ footer span {
border-top: 1px solid #e0e0e0;
}

footer .highlight {
color: #333;
}

/*************************************
2. COMPONENTS
*************************************/
Expand Down
48 changes: 21 additions & 27 deletions admin/themes/default/index.template.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@
<html lang="en">
<head>
<meta charset="utf-8">

<meta http-equiv="x-dns-prefetch-control" content="on">
<link rel="dns-prefetch" href="<?php echo Site::url(); ?>" />
<link rel="dns-prefetch" href="//www.google-analytics.com" />
<link rel="dns-prefetch" href="//www.gravatar.com" />

<title>Monstra :: <?php echo __('Administration', 'system'); ?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Monstra Admin Area" />
Expand All @@ -27,8 +27,8 @@
<!-- JavaScripts -->
<script src="<?php echo Site::url(); ?>/public/assets/js/jquery.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/bootstrap.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/messenger.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/icheck.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/messenger.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/icheck.min.js"></script>
<?php Javascript::add('public/assets/js/jquery.chocolat.js', 'backend', 3); ?>
<?php Javascript::add('public/assets/js/bootstrap-fileupload.js', 'backend', 4); ?>
<?php Javascript::add('admin/themes/default/js/default.js', 'backend', 5); ?>
Expand All @@ -41,9 +41,9 @@

$('.chocolat').Chocolat({
overlayColor : '#000',
leftImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/left.gif",
rightImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/right.gif",
closeImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/close.gif",
leftImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/left.gif",
rightImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/right.gif",
closeImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/close.gif",
loadingImg : "<?php echo Option::get('siteurl'); ?>/public/assets/img/chocolat/loading.gif"
});

Expand All @@ -53,7 +53,7 @@
increaseArea: '20%'
});

});
});
</script>

<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
Expand All @@ -65,7 +65,7 @@

<body class="page-<?php echo Request::get('id'); ?>">

<nav class="navbar navbar-default navbar-inverse" role="navigation">
<nav class="navbar navbar-default navbar-inverse" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
Expand All @@ -77,57 +77,57 @@
<a class="navbar-brand" href="<?php echo Site::url(); ?>/admin/index.php?id=dashboard">MONSTRA</a>
</div>

<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li<?php if (Request::get('id') == 'dashboard') { ?> class="active"<?php } ?>><a href="<?php echo Site::url(); ?>/admin/index.php?id=dashboard"><?php echo __('Dashboard', 'dashboard'); ?></a></li>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li<?php if (Request::get('id') == 'dashboard') { ?> class="active"<?php } ?>><a href="<?php echo Site::url(); ?>/admin/index.php?id=dashboard"><?php echo __('Dashboard', 'dashboard'); ?></a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php echo __('Content', 'pages'); ?> <b class="caret"></b></a>
<ul class="dropdown-menu">
<?php Navigation::draw('content'); ?>
</ul>
</li>
<?php if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) { ?>
<?php if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) { ?>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php echo __('Extends', 'system'); ?> <b class="caret"></b></a>
<ul class="dropdown-menu">
<?php Navigation::draw('extends'); ?>
<?php Navigation::draw('extends'); ?>
</ul>
</li>
<?php } ?>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php echo __('System', 'system'); ?> <b class="caret"></b></a>
<ul class="dropdown-menu">
<?php Navigation::draw('system'); ?>
<?php Navigation::draw('system'); ?>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php echo __('Help', 'system'); ?> <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="http://monstra.org/documentation" target="_blank"><?php echo __('Documentation', 'system'); ?></a></li>
<li><a href="http://monstra.org/documentation" target="_blank"><?php echo __('Documentation', 'system'); ?></a></li>
<?php if (Option::get('language') == 'ru') { ?>
<li><a href="http://ru.forum.monstra.org" target="_blank"><?php echo __('Official Support Forum', 'system'); ?></a></li>
<?php } else { ?>
<li><a href="http://forum.monstra.org" target="_blank"><?php echo __('Official Support Forum', 'system'); ?></a></li>
<?php } ?>
</ul>
</li>
</ul>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><a href="<?php echo Site::url(); ?>" target="_blank"><?php echo __('View Site', 'system'); ?></a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php echo Session::get('user_login'); ?> <img src="<?php echo Users::getGravatarURL(Session::get('user_email'), 28); ?>" alt=""> <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="<?php echo Site::url(); ?>/admin/index.php?id=users&action=edit&user_id=<?php echo Session::get('user_id'); ?>"><?php echo __('Profile', 'users')?></a></li>
<li><a href="<?php echo Site::url(); ?>/admin/?logout=do"><?php echo __('Log Out', 'users'); ?></a></li>
<li><a href="<?php echo Site::url(); ?>/admin/?logout=do"><?php echo __('Log Out', 'users'); ?></a></li>
</ul>
</li>
</ul>
</ul>
</div>
</div>
</nav>

<div class="container">

<?php
// Monstra Notifications
Notification::get('success') AND Alert::success(Notification::get('success'));
Expand Down Expand Up @@ -156,13 +156,7 @@
<footer class="container visible-md visible-lg">
<p class="pull-right">
<span>
<?php if (Option::get('language') == 'ru') { ?>
<a href="http://ru.forum.monstra.org" target="_blank"><?php echo __('Official Support Forum', 'system'); ?></a> /
<?php } else { ?>
<a href="http://forum.monstra.org" target="_blank"><?php echo __('Official Support Forum', 'system'); ?></a> /
<?php } ?>
<a href="http://monstra.org/documentation" target="_blank"><?php echo __('Documentation', 'system'); ?></a> /
© 2012 - 2014 <a href="http://monstra.org" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?>
<a href="http://monstra.org" target="_blank">Monstra</a> was made by <a href="http://awilum.github.io" target="_blank" class="highlight">Sergey Romanenko</a> and is maintained by <a href="https://github.com/monstra-cms/monstra/network/members" target="_blank" class="highlight">Monstra Community</a> / © 2012 - 2016 <a href="http://monstra.org/about/license" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?>
</span>
</p>
</footer>
Expand Down
9 changes: 3 additions & 6 deletions admin/themes/default/login.template.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/bootstrap.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/messenger.min.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/messenger-theme-flat.js"></script>
<script src="<?php echo Site::url(); ?>/public/assets/js/messenger-theme-flat.js"></script>
<?php Javascript::add('public/assets/js/bootstrap-lightbox.js', 'backend', 3); ?>
<?php Javascript::add('public/assets/js/bootstrap-fileupload.js', 'backend', 4); ?>
<?php Javascript::add('admin/themes/default/js/default.js', 'backend', 5); ?>
Expand Down Expand Up @@ -92,7 +92,7 @@
<form method="post">
<div class="form-group">
<label><?php echo __('Username', 'users'); ?></label>
<input name="login" class="form-control" type="text" value="<?php echo $user_login; ?>" />
<input name="login" class="form-control" type="text" value="<?php echo $user_login; ?>" />
</div>
<?php if (Option::get('captcha_installed') == 'true') { ?>
<div class="form-group">
Expand Down Expand Up @@ -128,11 +128,8 @@
</div>

<div class="text-center">
<span>© 2012 - 2014 <a href="http://monstra.org" class="small-grey-text" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?></span>
© 2012 - 2016 <a href="http://monstra.org/about/license" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?>
</div>

</div>


</body>
</html>
2 changes: 1 addition & 1 deletion engine/Monstra.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ class Monstra
/**
* The version of Monstra
*/
const VERSION = '3.0.2';
const VERSION = '3.0.3';


/**
Expand Down
1 change: 1 addition & 0 deletions engine/Plugin/I18n.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ class I18n
'fi' => 'Suomi',
'fr' => 'Français',
'gl' => 'Galego',
'ka-ge' => 'Georgian',
'hu' => 'Magyar',
'it' => 'Italiano',
'id' => 'Bahasa Indonesia',
Expand Down
6 changes: 3 additions & 3 deletions engine/_init.php
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
<?php defined('MONSTRA_ACCESS') or die('No direct script access.');

/**
* Monstra requires PHP 5.3.0 or greater
* Monstra requires PHP 5.3.2 or greater
*/
if (version_compare(PHP_VERSION, "5.3.0", "<")) {
exit("Monstra requires PHP 5.3.0 or greater.");
if (version_compare(PHP_VERSION, "5.3.2", "<")) {
exit("Monstra requires PHP 5.3.2 or greater.");
}

/**
Expand Down
8 changes: 4 additions & 4 deletions install.php
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -277,7 +277,7 @@


<?php
if (version_compare(PHP_VERSION, "5.2.3", "<")) {
if (version_compare(PHP_VERSION, "5.3.2", "<")) {
$errors['php'] = 'error';
} else {
$errors['php'] = '';
Expand Down Expand Up @@ -524,8 +524,8 @@
<ul class="list-unstyled">
<?php

if (version_compare(PHP_VERSION, "5.2.0", "<")) {
echo '<li class="error alert alert-danger">'.__('PHP 5.2 or greater is required', 'system').'</li>';
if (version_compare(PHP_VERSION, "5.3.2", "<")) {
echo '<li class="error alert alert-danger">'.__('PHP 5.3.2 or greater is required', 'system').'</li>';
} else {
echo '<li class="ok alert alert-success">'.__('PHP Version', 'system').' '.PHP_VERSION.'</li>';
}
Expand Down Expand Up @@ -603,7 +603,7 @@

<div class="install-block-footer login-footer">
<div class="text-center">
<span>© 2012 - 2015 <a href="http://monstra.org" class="small-grey-text" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?></span>
<span>© 2012 - 2016 <a href="http://monstra.org" class="small-grey-text" target="_blank">Monstra</a> – <?php echo __('Version', 'system'); ?> <?php echo Monstra::VERSION; ?></span>
</div>
</div>

Expand Down
Loading

0 comments on commit 4dd2361

Please sign in to comment.