page: .private to restrict access to subdirectories

[minimedit.git] / page.inc.php

diff --git a/page.inc.php b/page.inc.php
index 2c1fc6c7e201f160dbc4642a8e8d1b8fc09a0dc2..654f37fa7ebeee2a412b2348fc3bab61d1ac4d88 100644 (file)
--- a/page.inc.php
+++ b/page.inc.php
@@ -1,4 +1,6 @@
 <?php
+$body = ob_get_clean();
+
 include_once './head.inc.php';
 
 print "<header>\n";
@@ -10,17 +12,30 @@ $nav = preg_replace_callback('{<a href="([^"]+)">(.*?)</a>}', function ($m) {
        $html = $request == $m[1] ? $m[2] : $m[0]; # text or full link
        return $m[1] == substr($request, 0, strlen($m[1])) ? "<b>$html</b>" : $html;
 }, $nav);
+if (isset($User)) {
+       $nav = preg_replace('{\s*<li class="logout">.*?</li>}', '', $nav);
+       $nav = str_replace('[[login]]', $User['name'], $nav);
+}
+else {
+       $nav = preg_replace('{\s*<li class="login">.*?</li>}', '', $nav);
+}
 print $nav;
 print "</header>\n\n";
 
+print $body;
+
+$footinc = realpath('footer.html'); # cwd lost during shutdown
 register_shutdown_function(function () {
-       include 'foot.inc.php';
-       print "</body></html>\n";
-});
+       print '<footer>';
+       @include $GLOBALS['footinc'];
+       print "</footer>\n";
 
-print '<div class="article">'."\n\n";
-include "./$Page.html";
-print "</div>\n\n";
+       global $User;
+       if (isset($User) and $User['admin']) {
+               print '<script src="//cdn.ckeditor.com/4.7.3/full-all/ckeditor.js"></script>'."\n";
+               print '<script src="/edit.js"></script>'."\n";
+       }
 
-if (file_exists("$Page.php")) include_once("./$Page.php");
+       print "</body></html>\n";
+});