Added checks for admin permissions to settings / users.

Added welcome message and start page contents in input interface (iss0000160).

edit/editHTMLPage.php

@@ -23,10 +23,14 @@ loadHttpToGlobals(["id", "task", "content"]);
 
 define("targetFile", __DIR__ . "/../data/$id.htm");
 
-if (!isset($id) or !in_array($id, ['footer', 'aside', 'banner'])) {
+if (!isset($id) or !in_array($id, ['footer', 'aside', 'banner', 'welcomeMsg'])) {
     echo printErrorPage($translations['specifyToEdit']); return;
 }
 
+if ($id == 'welcomeMsg' and !$_SESSION['admin']) {
+    echo printErrorPage($translations['accessDenied']); return;
+}
+
 // Read file contents if there is no new content sent by $_POST.
 
 if (!isset($content)) {

edit/inc/standardHTML.php

@@ -35,7 +35,7 @@ function printBackendHead(array $settings, string $page = "home", string $title
 
 	<title>' . $title . '</title>
     <link rel="stylesheet" type="text/css" href="themes/imports.css">
-    <link rel="stylesheet" type="text/css" href="themes/default/default.css">
+    <link rel="stylesheet" type="text/css" href="themes/default/theme.css">
     <meta http-equiv="content-type" content="text/html;charset=utf-8">';
 
     if ($icon) {
@@ -171,6 +171,9 @@ function printBackendNav(array $translations):string {
                 <div>
                     <a href="settings.php">' . $translations['settings'] . '</a>
                 </div>
+                <div>
+                    <a href="editHTMLPage.php?id=welcomeMsg">' . $translations['welcomeMsg'] . '</a>
+                </div>
             </div>
     ';
     }

edit/index.php

@@ -37,7 +37,36 @@ echo printBackendNav($translations);
 echo '
     <main>';
 
+echo printStaticPagePart("welcomeMsg", "section"); // Print aside (if need be)
 
+echo '
+    <section class="startPgTiles">
+
+        <div>
+            <h3>' . $translations['aboutThisSite'] . '</h3>
+            <table>
+                <tr>
+                    <th>' . $translations['numberOfPages'] . '</th>
+                    <td>' . (string)count($pages) . '</td>
+                </tr>
+                <tr>
+                    <th>' . $translations['numberOfPublicPages'] . '</th>
+                    <td>' . (string)count(loadPublicPages()) . '</td>
+                </tr>
+                <tr>
+                    <th>' . $translations['phpVersion'] . '</th>
+                    <td>PHP ' . (string)phpversion() . '</td>
+                </tr>
+            </table>
+        </div>
+
+        <div>
+            <h3>' . $translations['aboutMDCMS'] . '</h3>
+            ' . $translations['aboutMDCMS_content'] . '
+        </div>
+
+    </section>
+';
 
 echo '
     </main>

edit/settings.php

@@ -17,6 +17,10 @@ $translations = loadLanguage(); // Load translations.
 ensureBackendEnv();             // Ensure session is started etc.
 $pages = loadPages();           // Load overview of pages.
 
+if (!$_SESSION['admin']) {
+    echo printErrorPage($translations['accessDenied']); return;
+}
+
 /*
  * Load data.
  */

edit/themes/default/theme.css

@@ -248,6 +248,16 @@ main { padding: .5em 5em 3em 3em; }
 .labelLine > * { display: table-cell; }
 .labelLine label            { font-weight: bold; }
 
+/************
+ * Start Page
+ */
+
+@media screen and (min-width:75em) {
+    section + .startPgTiles { border-top: 1px solid #D6D6D6; }
+    .startPgTiles     { display: flex; }
+    .startPgTiles > * { flex: 1; display: inline-block; }
+}
+
 /************
  * Login Page
  */

edit/translations/en.php

@@ -18,6 +18,12 @@ $translations = [
     "delete" => "Delete",
     "general" => "General Settings",
     "security" => "Security",
+    "aboutThisSite" => "About this page",
+    "numberOfPages" => "Number of pages (overall)",
+    "numberOfPublicPages" => "Number of pages (public)",
+    "phpVersion" => "PHP Version",
+    "aboutMDCMS" => "About md:cms",
+    "aboutMDCMS_content" => "<p>md:cms is a content management system for museum-related websites. It offers many functions for embedding contents from museum-digital. The only requirements are a web server running PHP7 and SSL encryption for the domain.</p>",
     "integrationWithMD" => "Integration with Museum-Digital",
     "languageUnavailable" => "This language is not available.",
     "settingsUpdated" => "Updated settings.",
@@ -93,9 +99,10 @@ $translations = [
     "helpfooter" => "<p>On this page, you can edit the footer. To not display a footer, simply empty this page.</p>",
     "banner" => "Banner",
     "helpbanner" => "<p>On this page, you can edit the banner.</p>",
-
     "aside" => "Sidebar",
     "helpaside" => "<p>On this page, you can edit the sidebar. To not display a sidebar at all, simply empty this page.</p>",
+    "welcomeMsg" => "Welcome Message",
+    "helpwelcomeMsg" => "<p>On this page, you can edit the welcome message appearing on the start page of the input interface (what people see, when they log in).</p>",
 
     "urlAbbr" => "<abbr title=\"Uniform Resource Locator\">URL</abbr>",
     "url" => "URL",

edit/users.php

@@ -17,6 +17,10 @@ $translations = loadLanguage(); // Load translations.
 ensureBackendEnv();             // Ensure session is started etc.
 $pages = loadPages();           // Load overview of pages.
 
+if (!$_SESSION['admin']) {
+    echo printErrorPage($translations['accessDenied']); return;
+}
+
 /*
  * Load data.
  */

inc/standardHTML.php

@@ -115,7 +115,7 @@ function printPublicEnd():string {
  */
 function printStaticPagePart(string $file, string $elem):string {
 
-    if (!in_array($file, ['footer', 'aside', 'banner'])) {
+    if (!in_array($file, ['footer', 'aside', 'banner', 'welcomeMsg'])) {
         echo "Trying to access disallowed file.";
     }