From d8a3c68fe7131555725440aabc9f82e53520b5dc Mon Sep 17 00:00:00 2001
From: Jason Woofenden <jason@jasonwoof.com>
Date: Thu, 19 Jan 2017 15:52:10 -0500
Subject: [PATCH] db_upgrade rework, admin_header, cleanup

---
 Makefile                  |    2 +-
 admin.html                |   10 +--
 admin_files.php           |    8 +--
 admin_header.html         |   35 ++++++++++
 admin_header.php          |   72 +++++++++++++++++++++
 admin_images.php          |    4 +-
 admin_pages.php           |    2 +-
 admin_users.php           |    2 +-
 cms_images_autoresize.php |    9 ++-
 config.php                |   16 ++---
 contact.php               |    4 +-
 inc/cms.php               |   42 ++++++++----
 inc/db_upgrade.php        |  158 ++++++++++++++++++++++++++++++++-------------
 inc/wfpl                  |    2 +-
 login.php                 |    4 +-
 style.styl                |   15 ++++-
 template.html             |    7 +-
 wfpl_main.php             |    6 +-
 18 files changed, 300 insertions(+), 98 deletions(-)
 create mode 100644 admin_header.html
 create mode 100644 admin_header.php

diff --git a/Makefile b/Makefile
index e6222d1..b32e60b 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-svgs= images/sprites.svg
+svgs=
 minified_svgs= $(svgs:.svg=.min.svg)
 generated_images= $(svgs:.svg=.png)
 images=
diff --git a/admin.html b/admin.html
index 1e1e677..4529ac9 100644
--- a/admin.html
+++ b/admin.html
@@ -9,13 +9,15 @@
 	<!--~$body show {~-->
 		<h1>~$host~ Admin Control Panel</h1>
 
-		<p><a href="admin_images">Manage images</a></p>
+		<p><a href="admin_images">Images</a></p>
 
-		<p><a href="admin_pages">Manage pages</a></p>
+		<p><a href="admin_header">Header image (top of every page)</a></p>
 
-		<p><a href="admin_files">Manage (downloadable) files</a></p>
+		<p><a href="admin_pages">Pages</a></p>
 
-		<p><a href="admin_users">Manage accounts (admin passwords, etc.)</a></p>
+		<p><a href="admin_files">Files (downloadable)</a></p>
+
+		<p><a href="admin_users">Accounts (admin passwords, etc.)</a></p>
 
 		<p><a href="logout">Log out</a></p>
 	<!--~}~-->
diff --git a/admin_files.php b/admin_files.php
index 1531d9f..71ca43e 100644
--- a/admin_files.php
+++ b/admin_files.php
@@ -12,9 +12,9 @@ $GLOBALS['upload_directory'] = 'files/';
 $GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
 
 
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/email.php');
-require_once(DOCROOT . 'inc/wfpl/upload.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
 
 function admin_files_get_fields() {
 	$data = array();
@@ -44,7 +44,7 @@ function admin_files_get_fields() {
 
 
 function admin_files_main() {
-	session_auth_must('manage_files');
+	session_auth_must('admin_files');
 
 	$id = _REQUEST_cut('edit_id');
 	if($id) {
diff --git a/admin_header.html b/admin_header.html
new file mode 100644
index 0000000..fc452ae
--- /dev/null
+++ b/admin_header.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="utf-8" />
+	<title><!--~$title show {~-->~$host~ Admin: Header Image<!--~}~--></title>
+</head>
+
+<body>
+<!--~$body show {~-->
+
+	<!--~form {~-->
+		<h2>~$host~ Admin: Set header image for home page</h2>
+
+		<form action="admin_header" method="post" enctype="multipart/form-data"><input type="hidden" name="MAX_FILE_SIZE" value="~$upload_max_filesize~">
+
+			<div class="caption">Width (in pixels)</div>
+			<div class="field_notes">Your image will be automatically resized to be this wide. ~width_max~ is the full width of the available space.</div>
+			<div class="field"><input type="text" name="width" value="~width attr~" placeholder="~width_max~"></div>
+
+			<div class="caption">Image</div>
+			<div class="field_notes">Please upload an image that is at least the width you specified above.</div>
+			<div class="field"><input type="file" name="image"></div>
+
+			<div class="caption">Caption (optional)</div>
+			<div class="field_notes">If specified, this will overlay the bottom/left corner of the header image.</div>
+			<div class="field"><input type="text" name="caption" value="~caption attr~"></div>
+
+			<div class="caption field"><input type="submit" name="save" value="Save"></div>
+
+		</form>
+	<!--~}~-->
+
+<!--~}~-->
+</body>
+</html>
diff --git a/admin_header.php b/admin_header.php
new file mode 100644
index 0000000..66430ad
--- /dev/null
+++ b/admin_header.php
@@ -0,0 +1,72 @@
+<?php
+
+require_once('inc/wfpl/upload.php');
+
+$GLOBALS['upload_directory'] = 'image/';
+
+
+function admin_header_get_fields() {
+	$data = array();
+
+	$data['width'] = (int) format_int_0(_REQUEST_cut('width'));
+	$data['caption'] = format_oneline(_REQUEST_cut('caption'));
+
+	if ($data['width'] < 100 || $data['width'] > WFPL_SITE_WIDTH) {
+		$data['width'] = WFPL_SITE_WIDTH;
+	}
+
+	$old = persistent_get('wfplcms_header_image');
+	if ($_FILES['image'] && $_FILES['image']['error'] == 0) {
+		if ($old) {
+			$data['version'] = 1 + $old['version'];
+		} else {
+			$data['version'] = 1;
+		}
+		$ext = generate_filename($_FILES['image']['name'], $_FILES['image']['type']);
+		$ext = substr($ext, strrpos($ext, '.') + 1);
+		$ext = strtolower($ext);
+		if ($ext !== 'jpg' && $ext !== 'jpeg') {
+			$ext = 'png';
+		}
+		$dest = "{$GLOBALS['upload_directory']}header_v{$data['version']}.$ext";
+		$image = convert_uploaded_image('image', $dest, $data['width'], 2000);
+		# FIXME use autoresizer instead, and call identify to get aspect ratio
+		$image = explode(' ', $image);
+		$data['url'] = $image[0];
+		$data['width'] = $image[1];
+		$data['height'] = $image[2];
+	} else if ($old) {
+		$data['url'] = $old['url'];
+		if ($data['width'] == $old['width']) {
+			$data['height'] = $old['height'];
+		} else {
+			$data['height'] = $old['height'] / $old['width'] * $data['width'];
+		}
+	}
+	unset($_FILES['image']);
+
+	return $data;
+}
+
+
+function admin_header_main() {
+	session_auth_must('admin_header');
+
+	if (isset($_REQUEST['width'])) {
+		$data = admin_header_get_fields();
+		if (isset($data['url'])) {
+			persistent_set('wfplcms_header_image', $data);
+			message('Header image updated');
+			return './admin_header';
+		}
+	} else {
+		$data = persistent_get('wfplcms_header_image');
+		if (!$data) {
+			$data = array('width' => '');
+		}
+	}
+
+	tem_set('width_max', WFPL_SITE_WIDTH);
+
+	tem_set('form', $data);
+}
\ No newline at end of file
diff --git a/admin_images.php b/admin_images.php
index c4647c1..443aae9 100644
--- a/admin_images.php
+++ b/admin_images.php
@@ -4,8 +4,8 @@
 
 define('ADMIN_IMAGES_DB_FIELDS', 'image,name,caption');
 
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/upload.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
 
 # example: 200x300
 function format_width_height($str) {
diff --git a/admin_pages.php b/admin_pages.php
index 7981bf6..4081f94 100644
--- a/admin_pages.php
+++ b/admin_pages.php
@@ -36,7 +36,7 @@ function admin_pages_get_fields() {
 
 
 function admin_pages_main() {
-	session_auth_must('edit_page');
+	session_auth_must('admin_pages');
 
 	$id = _REQUEST_cut('edit_id');
 	if($id) {
diff --git a/admin_users.php b/admin_users.php
index 624b6b0..9e4a753 100644
--- a/admin_users.php
+++ b/admin_users.php
@@ -153,7 +153,7 @@ function admin_users_main_form($id = false) {
 			if (isset($data['pass1']) && strlen($data['pass1']) > 0) {
 				# hash password for db storage
 				if (!function_exists('password_hash')) {
-					require_once(DOCROOT . 'inc/password_funcs_backported.php');
+					require_once(__DIR__.'/'.'inc/password_funcs_backported.php');
 				}
 				$data['password'] = password_hash($data['pass1'], PASSWORD_DEFAULT);
 			}
diff --git a/cms_images_autoresize.php b/cms_images_autoresize.php
index 922b3cf..0d3e667 100644
--- a/cms_images_autoresize.php
+++ b/cms_images_autoresize.php
@@ -1,8 +1,7 @@
 <?php
 
-define('DOCROOT', __DIR__ .'/');
-require_once(DOCROOT . 'config.php');
-require_once(DOCROOT . 'inc/wfpl/upload.php');
+require_once(__DIR__.'/'.'config.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
 
 function cms_images_autoresize_main_abort_404() {
 	http_response_code('404');
@@ -26,8 +25,8 @@ function cms_images_autoresize_main() {
 	$width = (int)$matches[2];
 	$ext = $matches[3];
 	$in_fn = "$basename.$ext";
-	$in_path = DOCROOT . 'cms_images/' . $in_fn;
-	$out_path = DOCROOT . 'cms_images/' . $out_fn;
+	$in_path = __DIR__.'/'.'cms_images/' . $in_fn;
+	$out_path = __DIR__.'/'.'cms_images/' . $out_fn;
 	$lock_path = $out_path . '.lock';
 
 	if (!in_array($width, $GLOBALS['wfpl_image_widths'], true)) {
diff --git a/config.php b/config.php
index 3e0f8fd..8a2bc85 100644
--- a/config.php
+++ b/config.php
@@ -10,8 +10,9 @@ define('WFPL_DB_PASS', 'fixme');
 date_default_timezone_set('America/New_York');
 
 # If you change these, update style.styl too
-define('WFPL_IMAGE_WIDTH_FULL',  900);
-define('WFPL_IMAGE_WIDTH_SMALL', 336); # this is "sidebar_width" in style.styl
+define('WFPL_SITE_WIDTH',        950); # "centerer_width" in style.styl
+define('WFPL_IMAGE_WIDTH_FULL',  WFPL_SITE_WIDTH);
+define('WFPL_IMAGE_WIDTH_SMALL', 250); # "sidebar_width" in style.styl
 define('WFPL_IMAGE_WIDTH_THUMB',  70);
 $GLOBALS['wfpl_image_widths'] = array(
 	WFPL_IMAGE_WIDTH_FULL,
@@ -22,6 +23,7 @@ $GLOBALS['wfpl_image_widths'] = array(
 # Enable features, auto-includes
 require_once(__DIR__.'/'.'inc/wfpl/format.php');
 require_once(__DIR__.'/'.'inc/wfpl/db.php');
+require_once(__DIR__.'/'.'inc/wfpl/persistent.php');
 require_once(__DIR__.'/'.'inc/wfpl/session_messages.php');
 require_once(__DIR__.'/'.'inc/session_auth.php');
 require_once(__DIR__.'/'.'inc/cms.php');
@@ -30,18 +32,16 @@ require_once(__DIR__.'/'.'inc/misc.php');
 # Connect to the database
 db_connect(WFPL_DB, WFPL_DB_USER, WFPL_DB_PASS);
 
-# upgrade db (only) on special trigger (assures only one upgrade at a time)
-if (isset($_SERVER['HTTP_X_UPGRADE_DB_NOW'])) {
-	require_once(DOCROOT . 'inc/db_upgrade.php');
-	db_upgrade();
-}
+# Create tables, update schema, etc as necessary
+require_once(__DIR__.'/'.'inc/db_upgrade.php');
+db_upgrade();
 
 # paypal_ipn.php calls these when it receives a valid payment
 $GLOBALS['payment_handlers'] = [
 	# the key (below) must be the first word in the paypal variable "custom"
 	# the file will be run with wfpl's file_run()
 	# example:
-	#'membership' => DOCROOT . 'inc/payment_membership.php'
+	#'membership' => __DIR__.'/'.'inc/payment_membership.php'
 ];
 
 $GLOBALS['email_templates'] = [
diff --git a/contact.php b/contact.php
index e19fe19..11d53b2 100644
--- a/contact.php
+++ b/contact.php
@@ -12,8 +12,8 @@ $globals['contact_subject'] = '';
 $GLOBALS['contact_robot_answer'] = 1002;
 
 
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
 
 function contact_get_fields() {
 	$data = array();
diff --git a/inc/cms.php b/inc/cms.php
index f8154a9..06324f0 100644
--- a/inc/cms.php
+++ b/inc/cms.php
@@ -2,6 +2,12 @@
 
 # This function (which loads the navbar and page content from the database) is
 # called automatically by wfpl_main()
+
+function enc_css_str($str) {
+	$str = str_replace("\\", "\\00005c", $str);
+	return str_replace("\"", "\\000022", $str);
+}
+
 function cms_display($basename, &$tem) {
 	if(preg_match('/([.]l(ocal)?$)|^192[.]168[.]|^127.0.0.1$|^10[.]/', $_SERVER['HTTP_HOST'])) {
 		$GLOBALS['wfpl_main_template']->set('$running_locally');
@@ -24,6 +30,29 @@ function cms_display($basename, &$tem) {
 		$tem->set('$navbar_items', $nav_items);
 	}
 
+	$header_image = persistent_get('wfplcms_header_image');
+	if ($header_image) {
+		$hi_css  = "\n<style>\n";
+		if ($header_image['width'] != WFPL_SITE_WIDTH) {
+			$hi_css .= "#site_header {\n";
+			$hi_css .=   'width: ' . $header_image['width'] . "px;\n";
+			$hi_css .= "}\n";
+		}
+		$hi_css .= "#site_header:before {\n";
+		$hi_css .=   "content: \"\";\n";
+		$hi_css .=   'background-image: url(' . $header_image['url'] . ");\n";
+		$hi_css .=   'padding-top: ' . ($header_image['height'] / $header_image['width'] * 100) . "%;\n";
+		$hi_css .= "}\n";
+		if ($header_image['caption']) {
+			$hi_css .= "#site_header:after {\n";
+			$hi_css .=   "content: \"" . enc_css_str($header_image['caption']) . "\";\n";
+			$hi_css .= "}\n";
+		}
+		$hi_css .= "</style>\n";
+
+		$tem->set('$cms_css', $hi_css);
+	}
+
 	$cms_page_id = cms_display_content($tem, 'where filename=%"', $basename);
 
 	$footer = db_get_value('cms_pages', 'content', 'where filename="_footer"');
@@ -31,19 +60,6 @@ function cms_display($basename, &$tem) {
 		$tem->set('$cms_footer', $footer);
 	}
 
-	$header = db_get_value('cms_images', 'image', 'where name="Header"');
-	if ($header) {
-		$parts = explode(' ', $header . '      ', 7);
-		$tem->set('$cms_header',
-			'<div style="'
-			. 'padding-top: ' . round(100000 * (int)$parts[2] / (int)$parts[1] / 1000) . '%;'
-			. 'background-image: url(' . $parts[0] . ');'
-			. 'background-repeat: no-repeat;'
-			. 'background-size: 100% auto;'
-			. '"></div>'
-		);
-	}
-
 	if(session_auth_can('admin_links')) {
 		$admin_links = array();
 		if($cms_page_id) {
diff --git a/inc/db_upgrade.php b/inc/db_upgrade.php
index 07c633f..8bfa14f 100644
--- a/inc/db_upgrade.php
+++ b/inc/db_upgrade.php
@@ -1,49 +1,117 @@
 <?php
 
-require_once(DOCROOT . 'inc/wfpl/persistent.php');
+# 1. Write the next db_upgrade_to_X() at the bottom of this file. It will be
+#    called automatically.
 
-# instructions:
-#
-# 1.	Write the next db_upgrade_to_XX() at the bottom of this file
-#
-# 2.	curl -H "X-UPGRADE-DB-NOW: y" http://this-site.com/
-
-function db_upgrade() {
-	header("Content-Type: text/plain");
-	ini_set('display_errors', '1');
-	ini_set('html_errors', '0');
-
-	# initialize where we store the current db schema version
-	db_send_query('create table if not exists persistent ( k varchar(30) binary not null default "", v varchar(255) binary not null default "", primary key (k)) CHARSET=utf8;');
-
-	# now we can just do the needed upgrades
-	$cur = persistent_get('db_schema_version');
-	if ($cur === null) {
-		$cur = 0;
-	}
-
-	echo "db schema at version $cur\n\n";
-
-	$upgraded = false;
-	for ($next = $cur + 1; function_exists("db_upgrade_$next"); $next += 1) {
-		echo "upgrading DB to version $next...\n";
-		flush();
-		call_user_func("db_upgrade_$next");
-		persistent_set('db_schema_version', $next);
-		echo "done\n\n";
-		flush();
-		$upgraded = true;
-	}
-
-	if ($upgraded) {
-		echo "Upgrades complete\n";
-	} else {
-		echo "No upgrades needed\n";
-	}
-
-	exit();
+function db_upgrade_to_1() {
+db_send_query(<<<EOLsql
+	create table wfpl_sessions (
+		id int unique auto_increment,
+		session_key varchar(16),
+		idle_timeout int,
+		expires int,
+		expires_max int,
+		value text
+	) CHARSET=utf8;
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table email_templates (
+		id int unique auto_increment,
+		slug varchar(200) binary not null default "",
+		notes text binary not null default "",
+		from_addr varchar(100) binary not null default "",
+		to_addr varchar(100) binary not null default "",
+		cc_addr varchar(100) binary not null default "",
+		bcc_addr varchar(100) binary not null default "",
+		subject varchar(200) binary not null default "",
+		content text binary not null default ""
+	) CHARSET=utf8;
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table files (
+		id int unique auto_increment,
+		filename varchar(100) not null default "",
+		description varchar(200) not null default ""
+	);
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table cms_images (
+		id int unique auto_increment,
+		image varchar(240) not null default "",
+		name varchar(200) not null default "",
+		caption varchar(200) not null default "",
+		created_at int not null default 0
+	);
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table cms_pages (
+		id int unique auto_increment,
+		filename varchar(200) not null default "",
+		title varchar(200) not null default "",
+		nav_title varchar(200) not null default "",
+		navbar int not null default 0,
+		layout int not null default 0,
+		content mediumtext not null default "",
+		sidebar_content mediumtext not null default "",
+		description text not null default "",
+		keywords text not null default ""
+	);
+EOLsql
+);
+db_send_query(<<<EOLsql
+	insert into cms_pages set
+		filename='index',
+		title='Home',
+		content='Under Construction',
+		navbar=1000000000;
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table users (
+		id int unique auto_increment,
+		name varchar(200) binary not null default "",
+		username varchar(200) binary not null default "",
+		password varchar(255) binary not null default "",
+		role varchar(200) binary not null default "",
+		last_active int(11) not null default 0,
+		last_login int(11) not null default 0
+	) CHARSET=utf8;
+EOLsql
+);
+db_send_query(<<<EOLsql
+	insert into users set
+		name="fixme",
+		username="fixme",
+		password="$2y$10$84xUpPFQFRYRwpGkt01YtObJZcRKGReM/5ywHXCbwDF2bja41CDZm",
+		role="admin";
+EOLsql
+);
+db_send_query(<<<EOLsql
+	create table paypal_ipn (
+		id int unique auto_increment,
+		txn_id varchar(250) not null default "",
+		status varchar(250) not null default "",
+		ipn_at int(11) not null default 0,
+		txn_type varchar(100) not null default "",
+		subscr_id varchar(100) not null default "",
+		custom varchar(250) not null default "",
+		for_table_id int not null default 0,
+		for_row_id int not null default 0,
+		processed int(1) not null default 0,
+		item_name varchar(250) not null default "",
+		item_number varchar(250) not null default "",
+		needs_review int(1) not null default 0,
+		payment_status varchar(250) not null default "",
+		mc_gross varchar(250) not null default "",
+		mc_currency varchar(250) not null default "",
+		receiver_email varchar(250) not null default "",
+		payer_email varchar(250) not null default "",
+		log text not null default ""
+	) CHARSET=utf8;
+EOLsql
+);
 }
-
-#function db_upgrade_1() {
-#	db_send_query("alter table foo add bar int(11) not null default 0");
-#}
diff --git a/inc/wfpl b/inc/wfpl
index 019bb94..646be71 160000
--- a/inc/wfpl
+++ b/inc/wfpl
@@ -1 +1 @@
-Subproject commit 019bb943365e512132a4a309921c014d3b80a69a
+Subproject commit 646be7194f9fd096ef22f52074cf9c03d595b6ec
diff --git a/login.php b/login.php
index 10c7243..79a8f83 100644
--- a/login.php
+++ b/login.php
@@ -26,7 +26,7 @@ function login_main() {
 				}
 			} else {
 				if (!function_exists('password_hash')) {
-					require_once(DOCROOT . 'inc/password_funcs_backported.php');
+					require_once(__DIR__.'/'.'inc/password_funcs_backported.php');
 				}
 				if (password_verify($data['password'], $row['password'])) {
 					$password_good = true;
@@ -38,7 +38,7 @@ function login_main() {
 			if ($password_good) {
 				if ($needs_rehash) {
 					if (!function_exists('password_hash')) {
-						require_once(DOCROOT . 'inc/password_funcs_backported.php');
+						require_once(__DIR__.'/'.'inc/password_funcs_backported.php');
 					}
 					$hash = password_hash($data['password'], PASSWORD_DEFAULT);
 					db_update('users', 'password', $hash, 'where id=%i', $row['id']);
diff --git a/style.styl b/style.styl
index be2aebb..e5816bc 100644
--- a/style.styl
+++ b/style.styl
@@ -287,8 +287,19 @@ ckeditor('admin_pages', 'sidebar_content', 'content_with_sidebar_sidebar_bordere
 body > .centerer
 	position: relative
 
-header#site_header
-	margin-bottom: 15px
+#site_header
+	margin: 0 auto 15px auto
+	position: relative
+#site_header:before
+	display: block
+	background-size: 100%
+#site_header:after
+	display: block
+	position: absolute
+	bottom: 0
+	right: 0
+	padding: 4px
+	text-align: right
 
 body > .centerer > .nav
 	margin-bottom: 15px
diff --git a/template.html b/template.html
index 2c853c1..288065f 100644
--- a/template.html
+++ b/template.html
@@ -10,16 +10,17 @@
 	<link rel="stylesheet" href="css.css?m=~css.css mtime~" />
 	<!--~$meta_description nonempty {~--><meta name="description" content="~$meta_description attr~" /><!--~}~-->
 	<!--~$meta_keywords nonempty {~--><meta name="keywords" content="~$meta_keywords attr~" /><!--~}~-->
+	<!--~$cms_css~-->
 	<!--~$head~-->
 </head>
 
 <body id="~$basename~_body" class="real_body_tag">
 	<div class="centerer ~$layout_centerer_class~">
-		<!--~$admin_links {~-->
-			<div id="admin_links">You are logged in as an administrator. &nbsp; <a href="admin_pages?~$edit_page_id {~edit_id=~$edit_page_id~~}~~$edit_page_id unset {~&amp;new=1&amp;new_filename=~$basename~~}~">Edit this page</a> &mdash; <a href="admin">Control panel</a> &mdash; <a href="logout">Log out</a></div>
-		<!--~}~-->
 
 		<header id="site_header">
+			<!--~$admin_links {~-->
+				<div id="admin_links">You are logged in as an administrator. &nbsp; <a href="admin_pages?~$edit_page_id {~edit_id=~$edit_page_id~~}~~$edit_page_id unset {~&amp;new=1&amp;new_filename=~$basename~~}~">Edit this page</a> &mdash; <a href="admin">Control panel</a> &mdash; <a href="logout">Log out</a></div>
+			<!--~}~-->
 			<!--~$cms_header~-->
 		</header>
 		<!--~$navbar_items once_if {~-->
diff --git a/wfpl_main.php b/wfpl_main.php
index ecc2acc..134ca9b 100644
--- a/wfpl_main.php
+++ b/wfpl_main.php
@@ -2,9 +2,7 @@
 
 # This file should be run automatically by .htaccess
 
-define('DOCROOT', __DIR__ .'/');
+require_once(__DIR__.'/' . 'config.php');
 
-require_once(DOCROOT . 'config.php');
-
-require_once(DOCROOT . 'inc/wfpl/main.php');
+require_once(__DIR__.'/' . 'inc/wfpl/main.php');
 wfpl_main();
-- 
1.7.10.4