Fixed auth mail template text and code.

Set "site_sign_in_url" and "site_sign_out_url" as variables (so it could be used by template).

book.json

@@ -1 +0,0 @@
-{}

cms-safe.ecf

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-14-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-14-0 http://www.eiffel.com/developers/xml/configuration-1-14-0.xsd" name="cms" uuid="8CC0D052-57D1-4CAA-AFF1-448FA290734B" library_target="cms">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="cms" uuid="8CC0D052-57D1-4CAA-AFF1-448FA290734B" library_target="cms">
 	<target name="cms">
 		<root all_classes="true"/>
 		<file_rule>
-			<exclude>/EIFGENs$</exclude>
-			<exclude>/CVS$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/CVS$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
 		<option warning="true" full_class_checking="false" is_attached_by_default="true" void_safety="all" syntax="transitional">
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>

cms.ecf

@@ -1,12 +1,12 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-14-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-14-0 http://www.eiffel.com/developers/xml/configuration-1-14-0.xsd" name="cms" uuid="8CC0D052-57D1-4CAA-AFF1-448FA290734B" library_target="cms">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="cms" uuid="8CC0D052-57D1-4CAA-AFF1-448FA290734B" library_target="cms">
 	<description>ROC CMS library</description>
 	<target name="cms">
 		<root all_classes="true"/>
 		<file_rule>
-			<exclude>/EIFGENs$</exclude>
-			<exclude>/CVS$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/CVS$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
 		<option warning="true" full_class_checking="false" void_safety="none" syntax="transitional">
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>

doc/concepts.md

@@ -1,93 +0,0 @@
-CMS Concepts
-============
->Current implemented concepts
-
-##### Table of Contents  
-
-1. [**Theme**](#theme)
-2. [**Regions**](#regions)
-      - [**Default Page Layout**](#page_layout)
-      - [**Regions Holds blocks**](#regions_blocks)
-3. [**Blocks**](#blocks)
-4. [**Modules**](#modules)
-5. [**Hooks**](#hooks)
-
-
-<a name="theme"/>
-Theme
------
-In a CMS , a theme is a collection of templates files (HTML, CSS, Images, etc ) that determine how a CMS web site looks.  The goal of a theme is to let you change the look and feel of the site.
-Eiffel CMS is inspired by Drupal, and use the same default region names as default drupal theme.
-
-#### Important Classes
-
-* [CMS_THEME] (/library/src/theme/cms_theme.e):  Abstraction defining the interface of a CMS theme.
-* [SMARTY_CMS_THEME] (/library/src/theme/smarty_theme/smarty_cms_theme.e): Theme implemented using the [Eiffel Smarty library] (https://github.com/eiffelhub/template-smarty).
-* [CMS_TEMPLATE] (/library/src/theme/cms_template.e): Template Abstraction that contains theme, variables needed by template when rendering page as html. At the moment there is only one implementation SMARTY_CMS_PAGE_TEMPLATE.  At the moment there is only one implementation [SMARTY_CMS_PAGE_TEMPLATE] (/library/src/theme/smarty_theme/smarty_cms_page_template.e).
-
-<a name="regions"/>
-Regions
--------
-The layout of a CMS web page has predefined area called **regions**. The Eiffel CMS uses the same default regions as Drupal, so let's see them in the following image.
-
-<a name="page_layout"/>
-![default page layout](http://themery.com/sites/default/files/figure-15-10.png)
-
-```
-regions[page_top] = Top
-regions[header] = Header
-regions[content] = Content
-regions[highlighted] = Highlighted
-regions[help] = Help
-regions[footer] = Footer
-regions[first_sidebar] = first sidebar
-regions[second_sidebar] = second sidebar
-regions[page_bottom] = Bottom
-```
-<a name="regions_blocks"/>
-**A Region holds blocks**
-
-**What goes inside regions?**
-Generally, regions hold smaller piece of content called blocks.  Blocks hold chunks of content, like the user login form, navigation menu or the information for the footer.
-
-Regions are defined in a configuration file theme.info.
-
-
-<a name="blocks"/>
-CMS_BLOCK
----------
-**What is a cms block?** 
-Blocks are chunk of content that can be created to display whatever you want, and then can be placed in various resgions in your template (theme) layout. 
-
-#### Important Classes
-
-* [CMS_BLOCK] (/library/src/kernel/content/cms_block.e): The deferred class CMS_BLOCK provides an abstraction to describe content to be placed inside Regions.
-* [CMS_CONTENT_BLOCK] (/library/src/kernel/content/cms_content_block.e): The class CMS_CONTENT_BLOCK describe how to provide generic content. 
-* [CMS_MENU_BLOCK](/library/src/kernel/content/cms_menu_block.e): The class CMS_MENU_BLOCK describe how to provides a menu of navigational links.
-* [CMS_SMARTY_TEMPLATE_BLOCK] (/library/src/kernel/content/cms_smarty_templateblock.e) The class CMS_SMARTY_TEMPLATE_BLOCK describe how to use a CMS block with smarty template file content.
-
-
-<a name="modules"/>
-CMS_MODULES
------------
-**What is a cms module?**
-Modules are piece of code that adds one or more features to your web site. 
-Modules can be plugged and combined to provide a web site customized to your needs. There are modules for many purposes, for example Administratiton, Basic Authentication, etc.
-
-#### Important Classes
-* [CMS_MODULE] (/library/src/modules/cms_module.e): The deferred class CMS_MODULE provides an abstraction to describe a generic module that add features to your web site.
-* [CMS_RESPONSE](/library/src/service/response/cms_response.e). The deferred class CMS_RESPONSE provide an abstraction to builds the content to get process to render the output. 
-
-
-<a name="hooks">
-CMS_HOOK
---------
-Hooks is a mechanism which provide a way for modules to interact with each other and extending blocks of the current CMS.
-
-* [CMS_HOOK] (/library/src/hooks/cms_hook.e): The deferred class CMS_HOOK is a marker interface for CMS Hook
-* [CMS_HOOK_AUTO_REGISTER] (/library/src/hooks/cms_hook_auto_register.e): The deferred class provides an abstraction that when inheriting from this class, the declared hooks are automatically registered, otherwise, each descendant has to add it to the cms service	itself.
-* [CMS_HOOK_BLOCK](/library/src/hooks/cms_hook_block.e): The class CMS_HOOK_BLOCK describe a hook providing a way to alter a generic block.
-* [CMS_HOOK_FORM_ALTER](/library/src/hooks/cms_hook_form_alter.e): The class CMS_HOOK_FORM_ATLER describe a hook providing a way to alter a form.
-* [CMS_HOOK_MENU_ALTER](/library/src/hooks/cms_hook_menu_alter.e): The class CMS_HOOK_MENU_ATLER describe a hook providing a way to alter a menu.
-* [CMS_HOOK_MENU_SYSTEM_ALTER](/library/src/hooks/cms_hook_menu_system_alter.e): The class CMS_HOOK_MENU_SYSTEM_ALTER describe a hook providing a way to alter the CMS menu system.
-* [CMS_HOOK_VALUE_TABLE_ALTER](/library/src/hooks/cms_hook_value_table_alter.e):: The class CMS_HOOK_VALUE_TABLE_ALTER describe a hook providing a way to alter the value table for a response.

doc/readme.md

@@ -0,0 +1,396 @@
+ROC CMS Documentation
+=====================
+
+[TOC]
+
+## Overview
+
+**ROC CMS** stands for "REST On CMS", however, until now, no particular focus was done on the REST API approach, and so far a more pragmatic approach dominated.
+
+Part of the design is inspired by Drupal (blocks, hooks, Role-based access control, ...), and other parts related to Eiffel. Priorities, modules and related have been driven by concrete need, in order to fulfill the https://eiffel.org/ websites. Also a contribution (as student projects, or others) helped build various modules or functionality.
+
+Currently, **ROC CMS** is a library or **framework** that provides components, tools and resources to build a CMS (Content Management System). It is not currently a CMS product, one can install and customize without any code.
+
+Thus, it will be interesting for people willing to build a website using **Eiffel**. This will enable to reuse other Eiffel components, better integration with other Eiffel projects, and of course benefit from all the goodies of the Eiffel technologies (Eiffel language, DbC, re-usability, portability, IDE, debugger,...).
+
+It depends on the **Eiffel Web Framework** (known as "Eiffel Web" or "EWF"), and thus can be executed as standalone, or CGI, libFCGI mode on Apache2 for instance, and on any Windows or Linux platform).
+
+The main notions are:
+- CMS Execution
+- CMS APIs
+- CMS Response
+- CMS Modules
+- CMS Hooks
+- CMS Theme, blocks, links, ...
+
+Those points will be described later in appropriated sections.
+
+## Setup
+
+
+The ROC CMS source is available either with the latest EiffelStudio release under the locations:
+- $ISE_LIBRARY\unstable\library\web\cms
+- or from github project https://github.com/EiffelWebFramework/ROC branch v0 for now.
+```
+git clone https://github.com/EiffelWebFramework/ROC -b v0
+```
+
+Note that if you use the source code from the github repository, you will need to use the latest release of EiffelStudio as it relieѕ on recent version of various libraries such as EWF, sqlite3, ....
+And using the "master" branch, even the trunk version of EiffelStudio libraries. So for now, we encourage you to use the ROC CMS shipped with your EiffelStudio.
+
+Once you have the source code, you should compile project <code>cms/example/demo/demo-safe.ecf</code> target "demo_standalone".
+```
+# from Command line
+cd example
+cd demo
+ec -config demo-safe.ecf -c_compile -finalize
+cp ./EIFGENs/demo_standalone/F_Code/demo.exe demo.exe
+demo.exe
+# or launch EiffelStudio, and open that project, compile and execute it inside the debugger for instance.
+````
+
+This demo includes all the official ROC CMS modules, files, and use libsqlite3 as default storage engine. So you should be able to execute it easily. The **standalone** target is configured to listen on port 9090 by default. (Mostly to avoid conflict on other app that my listen on port 80 or 8080).
+
+In the directory <code>site</code> you will find all the expected files that should be in the root directory.
+* config/ : it contains the various configuration files, especially the **cms.ini**.
+* modules/ : files associated with each installed ROC CMS module.
+* scripts/ : common scripts used mainly to initialize SQL databases.
+* themes/ : folder containing the available ROC CMS themes.
+* files/ : folder containing files available from the ROC CMS app.
+* And also demo.ini that contains the settings for the web launcher, (in our case, the standalone Eiffel server), such as port_number.
+
+Now that you know how to compile, execute, and see the related configuration files, let's describes the main notions of the ROC CMS, first from 
+* an admin point of view (dev using ROC CMS to build its site),
+* and then from a developer point of view (in case you want to contribute to ROC CMS).
+
+## Usage
+
+### Main entries
+As a CMS administrator, you will need to setup your CMS application (here the demo example). For this purpose, the main entry points are the CMS_EXECUTION interface, and then the <code>site/</code> files (configuration, themes, templates, ...).
+
+### CMS initialization/Execution
+The `CMS_EXECUTION` interface is deferred, and your CMS application needs to inherit from it and define `setup_storage`, `initial_cms_setup` and `setup_modules`. See for instance `DEMO_CMS_EXECUTION`.
+
+So, the descendant of `CMS_EXECUTION` (`DEMO_CMS_EXECUTION` in the example), is creating the `CMS_SETUP`, declares the available **storage** builders (for persistency), and declares the available **modules**.
+
+#### Persistence/Storage
+Depending on the **configuration**, the CMS engine will instantiate and use a specific **CMS_STORAGE** (the default is based on `Eiffel sqlite3`, otherwise `EiffelStore+MySQL` and `EiffelStore+ODBC` are available). The storage solution is used to implement the persistence layer, and thus store and load CMS data to disk, or database.
+
+The CMS provides, for now, storage based on
+* EiffelStore + MySQL
+* EiffelStore + ODBC (could be used for MySQL, sqlite, SQLserver, ...)
+* Eiffel sqlite3 : that one is the default storage, since it is convenient for testing, but it is recommended to use EiffelStore+MySQL in production CMS site.
+A typical implementation of <code>setup_storage</code> is:
+```eiffel
+	setup_storage (a_setup: CMS_SETUP)
+		do
+			a_setup.storage_drivers.force (create {CMS_STORAGE_SQLITE3_BUILDER}.make, "sqlite3")
+--			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
+		end
+```
+And the CMS decides which storage should be used. It depends on the application configuration. See the **configuration** section.
+
+Those data could be user information (login, email, password, ...), custom values, logs, emails, path aliases, ... and any data modules may need to store (for instance node content, for the `node` module.)
+
+#### Modules
+
+The `setup_module` is used to declare available **modules** (instances of `CMS_MODULE` effective types).
+The modular design provides a simple way to extend or alter the CMS functionalities/behaviors.
+Most of the CMS features are implemented by modules, and each module relies on the core of the CMS core.
+This **core** contains the `CMS_API`, `CMS_USER_API`, and various internal mechanisms such as mailer, logger, ...
+
+Use `setup_module (a_setup: CMS_SETUP)` to customize the `CMS_SETUP` object created by `initial_cms_setup`.
+For your convenience, ROC CMS provides a `CMS_DEFAULT_SETUP` that import configuration from `site/config/cms.ini`
+
+So far, what you need to remember is `CMS_EXECUTION` class and descendants are used to set up the ROC CMS application, for storage, modules, and also how to load configuration.
+
+Note that a module can have 3 states:
+- not installed,
+- installed and enabled,
+- installed and disabled.
+
+At first, to install the modules, open your browser at location `https://hostname:port/admin/install` and click the associated button.
+(Note: for new module addition, you also need to install them, using the same link, in the future, there will be a proper module management interface, in the admin front-end.)
+
+To enable or disable a module, you will need to use the `cms.ini` configuration file, please see the **configuration** section.
+
+Existing modules:
+- **admin**: basic administration pages, to manage modules, roles, permissions, users, caches, ... (note: it is still very basic, and need effort to improve it.)
+- authentication modules based on **auth**:
+    - **basic_auth**: account signing using basic HTTP Authorization solution
+    - **oauth20**: sign using a thirdparty OAuth2.0 account (such as Google, Facebook, github, ...)
+    - **openid**: sign using an OpenID account.
+- **node**: the base of node management, include **Page** content type.
+- **blog**: extends the **node** module with a **blog** content type.
+- **recent_changes**: compute recent changes of CMS (integration with **node** management, and any modules that implement the `CMS_RECENT_CHANGES_HOOK`).
+- **feed_aggregator**: aggregate one or many feeds (rss, atom, ...), and provide associated pages or blocks.
+- **google_search**: provides search facilities using the Google Custom Search API.
+
+### Configuration
+When `CMS_DEFAULT_SETUP` is used, the CMS configuration is loaded from `site/config/cms.ini`.
+That file contains a few sections:
+- **site**: to set the `name`, `email` and the name of the `theme`. (See "Themes" section pour information.)
+- **layout**: the application layout (or environment) can precise the `root-dir`, `themes-dir`, `modules-dir`. If not defined, the values are computed from Current working directory.
+- **mailer**: the CMS can send email notification for various reasons, such as new users, or reset password functionalities, ... In this section, you can use
+    - `smtp` settings to precise an SMTP server (+ port), 
+    - or `sendmail` to use an external script using the sendmail usage,
+    - or just an `output` file such as @stderr, or a path to a file on disk.
+- **modules**: used to enable or disable modules.
+    - `*=on`  -> modules are enabled by default
+    - `*=off` -> modules are disabled by default
+    - Note the default value is `on`
+    - For each module, this can be overwritten with  `module_name=on|off`
+- **blocks**: settings for blocks (See Themes, Blocks sections for more information on the block). A few parameters are available to customize blocks. The general form is `block-name.param=value` (note that "foo.bar" is a value block name.)
+    - `block-name.region`: assign the block `block-name` to a specific region. A block can be assigned to **only one region**.
+    - `block-name.title`: used to overwrite the block title (with <none> , the title is hidden).
+    - `block-name.weight`: used to order blocks in the same region (blocks with lower weight goes first).
+	- `block-name.expiration`: used to provide a basic cache system based on expiration. The value is a number of seconds before the cache expires (-1: never expires, 0: never cache, n: cache expires after `n` seconds).
+    - `block-name.condition`, or `block-name.conditions[]`: include `block-name` only under specific condition(s). The condition can be 
+        - `is_front`: which is True only for the front page, usually at url "/"
+        - `path:foo/bar`, `path:foo/*/bar`: True only for CMS location matching the patterns after "path:"
+        - `<none>`: related block is disabled.
+        - *note: There can be multiple conditions processed as any of the conditions (i.e: "or").*
+    - `block-name.options[varname]: pass a table of options `varname => value` to the related block. This can be used to pass parameters for block builder (for instance, recent_changes modules accept parameters "size" to know how many changes should be included.)
+    - To be able to include a block content into multiple region, it is possible to use aliases feature. For instance `&aliases[new_block]=block-name`, in this case, a `new_block` is declared, and it has same content as `block-name`, on this alias, the parameters `region, condition(s), title, weight` are supported, but not `options[]`.
+- **admin**: various admin related settings such as
+    - `installation_access` which accepts 3 values: "all", "none" or "permission", to precise who has access to the modules installation page; either "all" for anyone, "none" to disable installation of new modules, or "permission" to use the CMS permissions solution to determine if the current user can install a new module.
+    
+Then, the configuration `cms.ini` can also define other parameters, and sections, that may be used by specific modules.
+Note it is also possible to include another ini file with instruction `@include=path-to-file.ini`.
+
+Check the `example/demo/site/cms.ini` for example.
+
+### User management
+The CMS core includes the notion of user, via interface `CMS_USER`, which has an id, a name, a password, ... and profile. Without any module, the CMS does not include any mean to authenticate, but still the CMS has the support for user management, and permissions system for current user. To be able to sign into the CMS, the site should include the module `auth`, and one or many of:
+- `basic_auth`: authentication using the HTTP Authorization header.
+- `oauth20`: being able to sign with an OAuth2.0 account (such as Google, Facebook, ...)
+- `OpenID`: being able to sign with an OpenID account.
+
+Whatever authentication solution is used, when a user is signed-in, there is an instance of `CMS_USER` representing the associated CMS user account.
+
+There is a predefined user `admin` who is the administrator of the CMS, and by definition, this **admin** has all the permissions. It is initialized by default with username `admin` and password `istrator#`.
+
+The access control is role-based permissions system. This means, a user can have one or many *roles*, and each *role* includes a list of *permissions*.
+There are two built-in roles:
+- **anonymous**: when no user is signed in (typically anonymous visitors).
+- **authenticated**: when a user is signed in the CMS.
+With those 2 built-ins roles, and any custom role the admin will create, it is possible to give specific permissions, to a group of users. 
+The CMS core defines a few permissions, and each module can also define their own permissions, for instance: "view any page", "create page", "edit page", "delete page", "clear cache", "install modules", ... (when the administrator is signed-in, go to url `/admin/role/1/edit` to see all the available permissions).
+
+### Modules
+A module is the way to extend the CMS engine.
+First via the inherited `CMS_MODULE` interface that enables a module to:
+- have a custom `install` and `uninstall` procedure by redefining the related routines.
+- add its **routes**  via `setup_router`. (i.e associated url or template of url with a specific request handler).
+- register itself to hooks via `register_hooks`.
+- declare new permissions by redefining `permissions`.
+- provide a specific module api by redefining `module_api`.
+- add its **filters** by redefining `filters`.
+
+Using the `hooks` system, a module can be deeply integrated with the CMS engine, and even alter behaviors (for instance, add link, add css, javascript, ...). See related developer documentation on hooks.
+
+It is simple to create your own modules (check the developer documentation).
+The ROC CMS library provides a few modules for now, for instance: basic_auth, oauth20, openid, node, blog, feed_aggregator, recent_changes, google_search, ... and others (the list keeps growing...).
+
+**Reminder**: to include a module to your CMS site, you need to 
+- include the associated .ecf file in your CMS site .ecf file.
+- and also declare them in your descendant of CMS_EXECUTION.
+- copy the eventual resources, configuration, ... files in the corresponding `site`.
+Note: a tool **roc** is under development to ease such operations, for now it only copies needed files from module to site location. In the future, it should also update .ecf files, associated CMS_EXECUTION effective class.
+
+### Themes
+When talking about CMS, a major topic is how a request is rendered in a web browser. Here comes the notion of **theme** which is a collection of templates, accepting various values as input (including the content of the blocks), and renders as an html5 page. It also includes various assets such as css, javascript, icons, images, ...
+The ROC CMS theming is inspired by Drupal, with the notion of **region** and **block**.
+
+Note: for now, there is no simple "theme" module or similar, and the common way to start your CMS site is to copy an existing project such as the one available with the demo example (i.e: copying the source code, but also the `site` folder).
+
+Currently the default theme  of the demo example `SMARTY_CMS_THEME` is based on Eiffel **smarty** template library (Check [smarty doc](https://svn.eiffel.com/eiffelstudio/trunk/Src/contrib/library/text/template/smarty/README.md) for syntax and functionalities).
+
+The layout of a CMS web page has predefined area called **regions**. The Eiffel CMS uses the same default regions as Drupal, so let's see them in the following image.
+
+```
+		+----------------------------------------------------------+
+		|                        Page_top                          |
+		+----------------------------------------------------------+
+		|                         Header                           |
+		+---------------+-------------------------+----------------+
+		|               |      Highlighted        |                |
+		| Sidebar_first +-------------------------+ Sidebar_second |
+		|               |          Help           |                |
+		|               +-------------------------+                |
+		|               |                         |                |
+		|               |         Content         |                |
+		|               |                         |                |
+		+---------------+-------------------------+----------------+
+		|                         Footer                           |
+		+----------------------------------------------------------+
+		|                      Page_bottom                         |
+		+----------------------------------------------------------+
+```
+
+The regions available for a theme, are defined in a configuration file `theme.info` located in the theme directory. For example:
+```
+name=default_theme
+engine=smarty
+version=0.1
+regions[page_top] = Top
+regions[header] = Header
+regions[content] = Content
+regions[highlighted] = Highlighted
+regions[help] = Help
+regions[footer] = Footer
+regions[sidebar_first] = first sidebar
+regions[sidebar_second] = second sidebar
+regions[page_bottom] = Bottom
+```
+Note: the value for each region is the human readable region name.
+
+Note the regions may be disposed with other layout (two sidebars on the left, or right, ... and so on), responsive design or not, and so on. But on the CMS side, a *block* can be inserted into a *region*, and depending if the region is included in the theme, the related block content will be displayed or not.
+To sort *block* inside a region, the CMS is using the `weight` property (that can be set via code, and/or overridden via configuration, i.e: `cms.ini`).
+This is how a site can support many themes, using the region as content holders, and theme for the layout and style.
+
+Internally the block contents are stored in the values associated with each region.
+The theme also has access to specific `values` such as
+- `site_url`: the absolute url of the CMS website.
+- `host`: the host name.
+- `is_https`: True if the connection is using https://
+- `user`: contains the username of the signed user, if any.
+- `site_title`: site title.
+- `page_title`: per page title.
+- and also `page: CMS_HTML_PAGE` which represents the CMS page to render with the theme.
+    - `page` provides values via expression, such as `$page.type`, `$page.is_front`, `$page.is_https`, `$page.title`, ...
+    - and also a smart expression for region via `$page.region_xyz` for region `xyz` if any, ... (note the region are also available with expression like `$region_xyz` or `$page.region_xyz` ...)
+
+==Note for developers: internally, the deferred class `CMS_RESPONSE` provides an abstraction to render the response for the request using the **theme**, in fact, the theme is controlled by the CMS_RESPONSE implementation (to set value, build expected theme, and finally render as html).==
+
+### Blocks
+As previously said, a region holds smaller piece of content called blocks.
+Blocks hold chunks of content, like the user login form, navigation menu, information for the footer, or anything provided by each module.
+For instance the `feed_aggregator` module provides a block to display the latest elements of a aggregated feed.
+
+Currently there are different kind of `CMS_BLOCK`:
+- `CMS_CONTENT_BLOCK`: it holds a simple text to render as it is on the page.
+- `CMS_MENU_BLOCK`: it holds a `CMS_MENU` as a collection of `CMS_LINK` generally used to hold a menu, or set of links such as navigation or management menus.
+- `CMS_SMARTY_TEMPLATE_BLOCK`: it holds a simple text to render as it is in the page.
+
+Internally, there are two other kinds of block:
+- `CMS_ALIAS_BLOCK`: being the alias of another block, but with specific properties.
+- `CMS_CACHE_BLOCK`: there is a simple cache solution for blocks, based on expiration. See the configuration section to know how to define the expiration for a block.
+
+For now, creating a block is only possible via block, an evolution of ROC CMS should allow the administrator to add new block without coding.
+
+### Persistence
+The persistence or storage layer is used by the CMS to store custom values, path aliases, logs, emails, user information, but it is also used by module (unless a module wants to use its own persistence solution, disk, cloud, ...).
+
+Currently, there are only SQL based implementations of that `CMS_STORAGE`, but nothing prevents to implement it with other solutions (plain text file, NoSQL db, ...).
+The current implementation are using either:
+- EiffelStore + MySQL: recommended for production, however Eiffel MySQL requires to configure your environment by setting, for instance MYSQL variable on Windows, and MYSQLINC on Linux.
+- EiffelStore + ODBC: via ODBC, there is a large range of available database (MySQL, SQLite, SQLserver, ...), but it requires to set up your environment (for instance install sqliteODBC driver to use SQLite database).
+- Eiffel sqlite3 wrapper: it is very convenient for development, but maybe not recommended for production websites. It does not require any environment setup, so this is a simple solution to build tests for instance.
+
+In practice, how to use a storage or another?
+The project needs to include the expected storage, the following instructions explains how to include sqlite3, EiffelStore+ODBC and EiffelStore+MYSQL storage.
+1. First the associated .ecf file need to be included in your project file (.ecf)
+For instance
+```xml
+<library name="persistence_sqlite3" location="$ISE_LIBRARY\unstable\library\web\cms\library\persistence\sqlite3\sqlite3-safe.ecf"/>
+<library name="persistence_store_odbc" location="$ISE_LIBRARY\unstable\library\web\cms\library\persistence\store_odbc\store_odbc-safe.ecf"/>
+<library name="persistence_store_mysql" location="$ISE_LIBRARY\unstable\library\web\cms\library\persistence\store_mysql\store_mysql-safe.ecf"/>
+```
+2. Then in the descendant of `CMS_EXECUTION`, in the demo `DEMO_CMS_EXECUTION`, see the code of `setup_storage`:
+```eiffel
+setup_storage (a_setup: CMS_SETUP)
+	do
+		a_setup.storage_drivers.force (create {CMS_STORAGE_SQLITE3_BUILDER}.make, "sqlite3")
+		a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_MYSQL_BUILDER}.make, "mysql")
+		a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
+	end
+```
+
+3. And finally, in the configuration file `site/config/demo.json` (in fact, the executable name + ".json"), define the driver and environment of the datasource. For instance the following code defines **sqlite3** as default CMS storage, and environment *sqlite3* that defines the path of SQLite database as "site/database.sqlite3". Note the way to declare sqlite with ODBC, mysql with ODBC, or mysql directly with EiffelStore.
+```json
+{
+	"database": {
+		"datasource": {
+			"driver": "sqlite3",
+			"environment": "sqlite3",
+		},
+		"environments": {
+			"sqlite3": {
+				"connection_string":"Database=./site/database.sqlite3;"
+			},
+			"odbc-sqlite": {
+				"connection_string":"Driver=SQLite3 ODBC Driver;Database=./site/database.sqlite;LongNames=0;Timeout=1000;NoTXN=0;SyncPragma=NORMAL;StepAPI=0;"
+			},
+			"odbc-mysql": {
+				"connection_string":"Driver=mysql ODBC Driver;Server=localhost;Port=3306;Database=roc;Uid=roc;Pwd=roc;"
+			},
+			"mysql": {
+				"connection_string":"Driver=mysql;Server=localhost;Port=3306;Database=roc;Uid=roc;Pwd=roc;"
+			}
+		}
+	}
+}
+```
+To use EiffelStore+MySQL, just change the "driver" to be "mysql" and "environment" to "mysql". The connection string for server database defines the credentials with "Uid" and "Pwd".
+
+### How to run the CMS site?
+As any Eiffel Web application (EWF), it can be executed as 
+- **standalone**: using Eiffel standalone httpd server included in the "standalone" connector, and then no setup is needed.
+- **CGI** or **libFCGI** server: using, for instance, Apache2. Please refer to the Eiffel Web Framework documentation.
+
+### Conclusion
+At this point, you know enough to build and administrate a ROC CMS site.
+However, for a real site, it is likely that you will need to build your own modules, you will learn how doing that in the Developer Documentation.
+
+***
+## Developper Documentation
+
+This diagram shows the main interfaces, they will be described in this documentation, but for now, it introduces those class names.
+
+
+![Diagram](img_diagram.png)
+
+
+### CMS APIs
+An instance of CMS_API is available either via argument, or via attribute / function of various CMS components.
+It provides routine specific to the ROC CMS engine (access to setup, modules, logs, custom values, ...).
+
+### CMS Hooks
+Hooks is a mechanism which provides a way for modules to interact with each other and extending blocks of the current CMS.
+
+- [CMS_HOOK](../library/src/hooks/cms_hook.e): deferred class CMS_HOOK is a marker interface for CMS Hook
+- [CMS_HOOK_AUTO_REGISTER](../library/src/hooks/cms_hook_auto_register.e): when inheriting from this deferred class, the declared hooks are automatically registered (note only the CMS core hooks are supported, as opposed to hook a module may propose). Otherwise, each descendant has to register itself to the associated hook manager.
+- [CMS_HOOK_BLOCK](../library/src/hooks/cms_hook_block.e): it provides a way to declare and build blocks.
+- [CMS_HOOK_FORM_ALTER](../library/src/hooks/cms_hook_form_alter.e): it provides a way to alter a web form `CMS_FORM`.
+- [CMS_HOOK_MENU_ALTER](../library/src/hooks/cms_hook_menu_alter.e): it provides a way to alter a menu, and thus add or remove a link. This is how a module can add a link into a specific `CMS_MENU`.
+- [CMS_HOOK_MENU_SYSTEM_ALTER](../library/src/hooks/cms_hook_menu_system_alter.e): similar to CMS_HOOK_MENU_ALTER, but on built-in menu, such as management, navigation menus, and other.
+- [CMS_HOOK_VALUE_TABLE_ALTER](../library/src/hooks/cms_hook_value_table_alter.e): it provides a way to alter the values table for a response (i.e: inserting custom values, or even override existing values).
+- [CMS_HOOK_EXPORT](../library/src/hooks/cms_hook_export.e): it provides a simple export solution for each module. Typically used to archive data associated with a module, for instance for backup purpose. In the future, a `CMS_HOOK_IMPORT` should also be available, and it would allow importing data exported by `CMS_HOOK_EXPORT`.
+- and for more hooks ... please check descendants of `CMS_HOOK`.
+
+### Custom Module
+How to build a new module?
+A module is usually developed as an Eiffel library, and provide one or many implementations of `CMS_MODULE`.
+It has to set or implement:
+- **name**: a unique name identifying the module
+- **description**: a human text to describe the purpose of the module, it will mainly be used by the administration front-end.
+- **package**: put the current module into a package, mainly for admin front-end.
+- **version**: version information
+- **dependencies**: defines dependencies on other modules.
+- **permissions**: defines permissions used by the modules (mainly for admin front-end)
+- **setup_router**: associate routes with request handlers (declare various url or url template and associated request handler).
+- **filters**: similar to routers setup, but for WSF Filters (See EWF documentation for more details).
+- **register_hooks**: register current module with various hooks if needed.
+
+A module can also redefine `install` and `uninstall`. This could be used during installation to create new database tables, or anything needed by the module, or clean similar resources when being uninstalled.
+
+In addition, a module can also implement `module_api: detachable CMS_MODULE_API` in order to be integrated easily with other modules (see for instance the CMS_NODE_API defined in **node** module).
+
+Please have a look at the [tutorial](tutorial.md) page.
+
+## References
+For the interface references, please have a look at the [ROC CMS source code](https://github.com/EiffelWebFramework/ROC).
+
+***
+*(last modified: Nov/17/2015 by Jocelyn.)*

examples/demo/demo-safe.ecf

@@ -1,16 +1,17 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-14-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-14-0 http://www.eiffel.com/developers/xml/configuration-1-14-0.xsd" name="demo" uuid="3643E657-BCBE-46AA-931B-71EAEA877A18" library_target="demo">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="demo" uuid="3643E657-BCBE-46AA-931B-71EAEA877A18" library_target="demo">
 	<description>Example/demo for Eiffel ROC CMS library</description>
 	<target name="common" abstract="true">
 		<root class="DEMO_CMS_SERVER" feature="make_and_launch"/>
 		<file_rule>
-			<exclude>/EIFGENs$</exclude>
-			<exclude>/CVS$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/CVS$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
 		<option debug="true" warning="true" full_class_checking="false" is_attached_by_default="true" void_safety="all" syntax="transitional">
 			<debug name="dbglog" enabled="true"/>
 		</option>
+		<setting name="executable_name" value="demo"/>
 		<setting name="concurrency" value="thread"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
 		<library name="cms" location="..\..\cms-safe.ecf" readonly="false">
@@ -23,6 +24,7 @@
 		<library name="cms_auth_module" location="..\..\modules\auth\auth-safe.ecf" readonly="false"/>
 		<library name="cms_basic_auth_module" location="..\..\modules\basic_auth\basic_auth-safe.ecf" readonly="false"/>
 		<library name="cms_blog_module" location="..\..\modules\blog\cms_blog_module-safe.ecf" readonly="false"/>
+		<library name="cms_contact_module" location="..\..\modules\contact\contact-safe.ecf" readonly="false"/>
 		<library name="cms_demo_module" location="modules\demo\cms_demo_module-safe.ecf" readonly="false"/>
 		<library name="cms_email_service" location="..\..\library\email\email-safe.ecf" readonly="false"/>
 		<library name="cms_feed_aggregator_module" location="..\..\modules\feed_aggregator\feed_aggregator-safe.ecf" readonly="false"/>
@@ -32,21 +34,23 @@
 		<library name="cms_oauth_20_module" location="..\..\modules\oauth20\oauth20-safe.ecf" readonly="false"/>
 		<library name="cms_openid_module" location="..\..\modules\openid\openid-safe.ecf" readonly="false"/>
 		<library name="cms_recent_changes_module" location="..\..\modules\recent_changes\recent_changes-safe.ecf" readonly="false"/>
-		
+		<library name="cms_seo_module" location="..\..\modules\seo\seo-safe.ecf" readonly="false"/>
+		<library name="cms_session_auth_module" location="..\..\modules\session_auth\cms_session_auth-safe.ecf" readonly="false"/>
+		<library name="cms_taxnomy_module" location="..\..\modules\taxonomy\taxonomy-safe.ecf" readonly="false"/>
 		<library name="persistence_sqlite3" location="..\..\library\persistence\sqlite3\sqlite3-safe.ecf" readonly="false">
 			<option>
 				<assertions/>
 			</option>
 		</library>
-		<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf" />
 		<!--
+		<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf"/>
 		<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" />
-		-->
+		-->		
 		<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
 		<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
 	</target>
 	<target name="demo_any" extends="common">
-		<setting name="concurrency" value="thread"/>
+		<setting name="concurrency" value="scoop"/>
 		<library name="any_launcher" location="..\..\launcher\any-safe.ecf" readonly="false"/>
 		<cluster name="src" location=".\src\" recursive="true"/>
 	</target>

examples/demo/install_modules.bat

@@ -6,9 +6,13 @@ set ROC_CMS_DIR=%~dp0
 %ROC_CMD% install --module ..\..\modules\auth	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\basic_auth	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\blog	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\contact	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\feed_aggregator	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\google_search	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\node	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\oauth20	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\openid	--dir %ROC_CMS_DIR%
 %ROC_CMD% install --module ..\..\modules\recent_changes	--dir %ROC_CMS_DIR%
-%ROC_CMD% install --module ..\..\modules\feed_aggregator	--dir %ROC_CMS_DIR%
-%ROC_CMD% install --module ..\..\modules\google_search	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\seo	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\session_auth	--dir %ROC_CMS_DIR%
+%ROC_CMD% install --module ..\..\modules\taxonomy	--dir %ROC_CMS_DIR%

examples/demo/modules/demo/cms_demo_module-safe.ecf

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="cms_demo_module" uuid="4BB59A54-2544-4C10-BFA6-01D12E541A30" library_target="cms_demo_module">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="cms_demo_module" uuid="4BB59A54-2544-4C10-BFA6-01D12E541A30" library_target="cms_demo_module">
 	<target name="cms_demo_module">
 		<root all_classes="true"/>
 		<file_rule>
 			<exclude>/.git$</exclude>
-			<exclude>/EIFGENs$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
 		<option warning="true" full_class_checking="true" is_attached_by_default="true" void_safety="all" syntax="standard">
 		</option>
@@ -21,4 +21,3 @@
 		<cluster name="src" location=".\" recursive="true"/>
 	</target>
 </system>
-

examples/demo/modules/demo/cms_demo_module.e

@@ -10,7 +10,7 @@ class
 inherit
 	CMS_MODULE
 		redefine
-			register_hooks,
+			setup_hooks,
 			initialize,
 			install
 		end
@@ -70,8 +70,9 @@ CREATE TABLE tb_demo(
 						api.logger.put_error ("Could not initialize database for demo module", generating_type)
 					end
 				end
-				Precursor {CMS_MODULE}(api)
 			end
+				-- For this demo, be flexible, and do not required sql.
+			Precursor {CMS_MODULE}(api)
 		end
 
 feature -- Access: router
@@ -85,10 +86,10 @@ feature -- Access: router
 
 feature -- Hooks
 
-	register_hooks (a_response: CMS_RESPONSE)
+	setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER)
 		do
-			a_response.hooks.subscribe_to_menu_system_alter_hook (Current)
-			a_response.hooks.subscribe_to_block_hook (Current)
+			a_hooks.subscribe_to_menu_system_alter_hook (Current)
+			a_hooks.subscribe_to_block_hook (Current)
 		end
 
 	block_list: ITERABLE [like {CMS_BLOCK}.name]
@@ -151,7 +152,7 @@ feature -- Mapping helper: uri template
 
 feature -- Mapping helper: uri template agent
 
-	map_uri_template_agent (a_router: WSF_ROUTER; a_tpl: READABLE_STRING_8; proc: PROCEDURE [ANY, TUPLE [req: WSF_REQUEST; res: WSF_RESPONSE]]; rqst_methods: detachable WSF_REQUEST_METHODS)
+	map_uri_template_agent (a_router: WSF_ROUTER; a_tpl: READABLE_STRING_8; proc: PROCEDURE [WSF_REQUEST, WSF_RESPONSE]; rqst_methods: detachable WSF_REQUEST_METHODS)
 			-- Map `proc' as handler for `a_tpl' for request methods `rqst_methods'.
 		require
 			a_tpl_attached: a_tpl /= Void

examples/demo/site/config/cms.ini

@@ -4,14 +4,36 @@ root-dir=site/www
 #modules-dir=site/modules
 
 [site]
+# General token that could be use for cookies, and related.
+id=_EIFFEL_CMS_
+
+# Name of the site, for the title, and eventual message.
 name=Eiffel CMS
-email=your@email.com
+
+# Properties used for SEO.
+property[headline]=Eiffel CMS -- the demo
+property[description]=Demo for Eiffel ROC CMS.
+property[keywords]=eiffel,cms,demo
+
+# Email used for notification
+email=noreply@example.com
+
+# Name of website theme. 
 theme=bootstrap
 
+[notification]
+# By default, notification.email = site.email
+# you can change here the email that will receive internal messages.
+email=webmaster@example.com
+
 [mailer]
-#smtp=localhost:25
-#sendmail=/usr/bin/sendmail
-output=@stderr
+#The mailer is used mostly used by the CMS to send email messages.
+# you can change the "From:" by  setting mailer.from value"
+subject_prefix=[Eiffel CMS] 
+#from=...
+smtp=localhost:25
+#sendmail=site\bin\roc_sendmail.bat
+output=site\db\mailer.log
 
 [modules]
 # Module status
@@ -25,6 +47,14 @@ output=@stderr
 [blocks]
 @include=blocks.ini
 
+[auth]
+# token, default is $site.id or built-in.
+#token=_ROC_AUTH_TOKEN_
+#session.token=
+#session.max_age=86400
+#openid.token=
+#oauth.token=
+
 [admin]
 # CMS Installation, are accessible by "all", "none" or uppon "permission". (default is none)
 installation_access=all

examples/demo/site/modules/auth/config/auth.json

@@ -0,0 +1,7 @@
+{
+	"subject": "Thank you for contacting us",
+	"recaptcha": {
+		"site_key":"6Lex9RMTAAAAAKleC4x6TaRlFcpLbEWgH_U7MSiD",
+		"secret_key":"6Lex9RMTAAAAAAkBczvX5DUiyg_xoM_EthVVgRRx"
+	}	
+}

examples/demo/site/modules/auth/files/css/auth.css

@@ -0,0 +1,28 @@
+ul.cms-temp-users {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc;
+}
+ul.cms-temp-users li {
+  border-top: dotted 1px #ccc;
+}
+ul.cms-temp-users li:first-child {
+  border-top: none;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li {
+  border-top: dotted 1px #ccc;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child {
+  border-top: none;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before {
+  content: "[personal information] ";
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before {
+  content: "[email] ";
+}

examples/demo/site/modules/auth/files/scss/auth.scss

@@ -0,0 +1,37 @@
+ul.cms-temp-users {
+	
+	list-style-type: none;
+	padding: 3px 3px 3px 3px;
+	border: solid 1px #ccc;
+
+	li{
+		border-top: dotted 1px #ccc;
+		&:first-child {
+			border-top: none;
+		}
+	}
+
+	li.cms_temp_user {
+
+		ul.cms_temp_user_details {
+			list-style-type: none;
+			padding: 3px 3px 3px 3px;
+			border: solid 1px #ccc;
+			
+			li{
+				border-top: dotted 1px #ccc;
+				&:first-child {
+					border-top: none;
+				}
+			}
+			li.cms_temp_user_detail_information::before{
+				content: "[personal information] "
+			}
+			li.cms_temp_user_detail_email::before{
+				content: "[email] "
+			}
+		}		
+	}
+}
+
+

examples/demo/site/modules/auth/mail_templates/account_activation.html

@@ -4,15 +4,10 @@
 	  <meta charset="utf-8">
 	  <title>Activation</title>
 	  <meta name="description" content="Activation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>Thank you for registering at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
-		<p>Thank you for joining us.</p>
+		<p>"$user ($email)", thank you for applying to <a href="$host">$sitename</a>.</p>
+		<p>We will review your application and send you a resolution.<p>
 	</body>
 </html>

examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html

@@ -0,0 +1,13 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>Activation Confirmation</title>
+	  <meta name="description" content="Activation Confirmation">
+	  <meta name="author" content="$sitename">
+	</head>
+	<body>
+		<p>Your account "$user ($email)" is confirmed at <a href="$host">$sitename</a>.</p>
+		<p>Thank you for joining us.</p>
+	</body>
+</html>

examples/demo/site/modules/auth/mail_templates/account_new_password.html

@@ -4,14 +4,12 @@
 	  <meta charset="utf-8">
 	  <title>New Password</title>
 	  <meta name="description" content="New Password">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>You have required a new password at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your request, please click on this link to genereate a new password:<p>
-
-		<p><a href="$link">$link</a></p>
+		<p>You have requested a new password at <a href="$host">$sitename</a>.</p>
+		<p>To complete your request, please click on the following link to generate a new password:
+			<ul><a href="$link">$link</a></ul>
+		</p>
 	</body>
 </html>

examples/demo/site/modules/auth/mail_templates/account_re_activation.html

@@ -4,15 +4,14 @@
 	  <meta charset="utf-8">
 	  <title>New Activation</title>
 	  <meta name="description" content="New Activation token">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>You have request a new activation token at <a href="$host">ROC CMS</a></p>
+		<p>You have requested a new activation token at <a href="$host">$sitename</a>.</p>
 
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
+		<p>To complete your registration, please click on the following link to re-activate your account:
+		<ul><a href="$link">$link</a></ul>
+		</p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>

examples/demo/site/modules/auth/mail_templates/account_rejected.html

@@ -0,0 +1,12 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>Application Rejected</title>
+	  <meta name="description" content="Application Rejected">
+	  <meta name="author" content="$sitename">
+	</head>
+	<body>
+		<p>Your account application is rejected, it was not respecting the requirements from <a href="$host">$sitename</a>.</p>
+	</body>
+</html>

examples/demo/site/modules/auth/mail_templates/account_welcome.html

@@ -4,10 +4,16 @@
 	  <meta charset="utf-8">
 	  <title>Welcome</title>
 	  <meta name="description" content="Welcome">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 	<body>
-		<p>Welcome to<a href="$host">ROC CMS</a></p>
+		<p>Welcome to <a href="$host">$sitename</a>.</p>
+		<p>Your account information:
+		<ul>
+			<li>Email address: "$email" .</li>
+			<li>User name: "$user" .</li>
+		</ul>
+		</p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>

examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html

@@ -0,0 +1,26 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>Account Evaluation</title>
+  <meta name="description" content="Account Evaluation">
+  <meta name="author" content="$sitename">
+</head>
+
+<body>
+    <h2> Account Evaluation </h2>
+	<p>The user $user ($email) wants to register to the site <a href="$host">$sitename</a></p>
+
+	<blockquote><p>User application:</p>
+	  <p>$application</p>
+	</blockquote>
+
+	<p>To complete the registration, please click on the following link to activate the user account:<p>
+
+	<p><a href="$activation_url">$activation_url</a></p>
+
+	<p>To reject the registration, please click on the following link <p>
+
+	<p><a href="$rejection_url<">$rejection_url</a></p>
+</body>
+</html>

examples/demo/site/modules/auth/templates/block_account_edit.tpl

@@ -0,0 +1 @@
+{include file="block_account_info.tpl" /}

examples/demo/site/modules/auth/templates/block_account_info.tpl

@@ -1,62 +1,34 @@
  	<div class="primary-tabs">
 	 {if isset="$user"}
 		<h3>Account Information</h3>
-		<div>
-			<div>
-				<div>	
-			   		<label>Username:</label>  {$user.name/}
-			   	</div>
-			   	<div>	
-			   		<label>Email:</label>  {$user.email/}
-			   	</div>
-			   	<div>	
-			   		<label>Creation Date:</label>  {$user.creation_date/}
-			   	</div>
-			   	<div>	
-			   		<label>Last login:</label>  {$user.last_login_date/}
-			   	</div>	
-			   	<div>
-			   		<form method="get" action="{$site_url/}{$auth_login_strategy/}">
-    					<button type="submit">Logout</button>
-					</form>
-			   	</div>	
+		<ul class="user-information">
+			<div>	
+				<label>Username:</label>  {$user.name/}
 			</div>
-    	</div>
-    	<hr>
-    	{include file="block_change_password.tpl" /}
-       	<hr>
-    	<h4>Roles</h4>
-    	<div>
-    		{foreach item="ic" from="$roles"}
-    			<div>	
-			   		<ul>
-			   			<li>
-			   				<strong>{$ic.name/}</strong>
-			   				<ul>
-			   					<li> <i>permissions</i> 
-				   					<ul>	
-					   					{foreach item="ip" from="$ic.permissions"}
-					   						<li>{$ip/}</li>
-					   					{/foreach}
-					   				</ul>
-					   			</li>	
-			   				</ul>		
-			   			</li>
-			   		</ul>
-			   	</div>
-    		{/foreach}
-    	</div>		
-
-
+			<div>	
+				<label>Email:</label>  {$user.email/}
+			</div>
+			<div>	
+				<label>Creation Date:</label>  {$user.creation_date/} (UTC)
+			</div>
+			<div>	
+				<label>Last login:</label>  {$user.last_login_date/} (UTC)
+			</div>	
+			<div>
+				<form method="get" action="{$site_url/}account/roc-logout">
+					<button type="submit">Logout</button>
+				</form>
+			</div>	
+    	</ul>
     	<hr>
     	<h4>Profile</h4>
-    	<div>
+    	<ul class="user-profile">
     		{foreach item="the_value" key="the_name" from="$user.profile"}
-    			<div>	
-			   		<label>{$the_name/}:</label>  {$the_value/} 
-			   	</div>
+    			<li>	
+			   		<label>{$the_name/}:</label><div>{$the_value/}</div>
+			   	</li>
     		{/foreach}
-    	</div>		
+    	</ul>
 	{/if}
 	{unless isset="$user"}
 		<div>

examples/demo/site/modules/auth/templates/block_change_password.tpl

@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/change-password" method="post">
         <fieldset>
-            <legend>Change Password Form</legend>
+            <legend>Change Password</legend>
             <div>
                 <input type="password" id="password" name="password" value="" required/>
                 <label for="password">Password</label>

examples/demo/site/modules/auth/templates/block_login.tpl

@@ -1,29 +0,0 @@
- 	<div class="primary-tabs">
- 		{unless isset="$user"}
-			<h3>Login or <a href="{$site_url/}account/roc-register">Register</a></h3>
-		<div>
-			<div>	
-			    <form action method="POST">
-					<div>
-						<input type="text" name="username" required>
-						<label>Username</label>
-					</div>
-										
-					<div>
-						<input  type="password" name="password" required>
-						<label>Password</label>
-					</div>
-        
-					<button type="button" onclick="ROC_AUTH.login();">Login</button>
-				</form>
-			</div>
-    	</div>
-		<div>
-			<div>
-				<p>
-					<a href="{$site_url/}account/new-password">Forgot password?</a>
-				</p>
-			</div>
-		</div>	
-		{/unless}
-	</div>

examples/demo/site/modules/auth/templates/block_post_reactivate.tpl

@@ -1,3 +1,3 @@
 <div>
-    <p>We have send you a new activation code, check your email to activate your account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>

examples/demo/site/modules/auth/templates/block_post_register.tpl

@@ -1,3 +1,3 @@
 <div>
-    <p>Thanks for register, check your email to activate your account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>

examples/demo/site/modules/auth/templates/block_register.tpl

@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/roc-register" method="post">
         <fieldset>
-            <legend>Register Form</legend>
+            <legend>Registration</legend>
             <div>
                 <input type="text" id="name" name="name"  value="{$name/}" required  autofocus />
                 <label for="name">Name</label>
@@ -20,8 +20,19 @@
                     <span><i>{$error_email/}</i></span> <br>
                 {/if}
             </div>
-            
-            
+            <div>
+               <textarea rows="4" cols="50" name="personal_information" id="personal_information" required>
+			   				{$personal_information/}
+			   </textarea>
+			   <label for="personal_information">Tell us why you want to register an account</label>
+                {if isset="$error_application"}
+                    <span><i>{$error_application/}</i></span> <br>
+                {/if}
+            </div>
+            {unless isempty="$recaptcha_site_key"}
+        		<div class="g-recaptcha" data-sitekey="{$recaptcha_site_key/}"></div>
+        	<br/>
+			{/unless}
             <button type="submit">Register</button>
         </fieldset>    
     </form>

examples/demo/site/modules/basic_auth/files/js/roc_basic_auth.js

@@ -1,307 +1,291 @@
 var ROC_AUTH = ROC_AUTH || { };
 
-var loginURL = "/basic_auth_login";
-var logoutURL = "/basic_auth_logoff";
+var loginURL = "/roc-basic-login";
+var logoutURL = "/roc-basic-logoff";
 
 var userAgent = navigator.userAgent.toLowerCase();
 var firstLogIn = true;
  
 ROC_AUTH.login = function() {
-    var form = document.forms['cms_basic_auth'];
-    var username = form.username.value;
-    var password = form.password.value;
-	  //var host = form.host.value;
-  	var origin = window.location.origin.concat(window.location.pathname);
-    var _login = function(){
+	var form = document.forms['cms_basic_auth'];
+	var username = form.username.value;
+	var password = form.password.value;
+	//var host = form.host.value;
+	var origin = window.location.origin + window.location.pathname;
+	var _login = function(){
+		if  (document.getElementById('myModalFormId') !== null ) {
+			ROC_AUTH.remove ('myModalFormId');
+		}
 
- 
-    if  (document.getElementById('myModalFormId') !== null ) {
-        ROC_AUTH.remove ('myModalFormId');
-    }
+		if (username === "" || password === "") {
+			if (document.getElementById('myModalFormId') === null ) {
+				var newdiv = document.createElement('div');
+				newdiv.innerHTML = "<br>Invalid Credentials</br>";
+				newdiv.id = 'myModalFormId';
+				$(".login-box").append(newdiv);
+			} 
+		}else{  
+			//Instantiate HTTP Request
+			var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
+			request.open("GET", loginURL, true, username, password);
+			request.send(null);
 
+			//Process Response
+			request.onreadystatechange = function(){
+				if (request.readyState == 4) {
+					if (request.status==200) {
+						delete form;
+						window.location=window.location.origin;
+					} else {
+						if (navigator.userAgent.toLowerCase().indexOf("firefox") != -1){                       
+							// .. ?
+						}
+						if (document.getElementById('myModalFormId') === null ) {
+							var newdiv = document.createElement('div');
+							newdiv.innerHTML = "<br>Invalid Credentials</br>";
+							newdiv.id = 'myModalFormId';
+							$(".login-box").append(newdiv);
+						} 
+					}
+				}
+			}
+		}
+	}
 
-	if (username === "" || password === "") {
-             if (document.getElementById('myModalFormId') === null ) {		
-                    var newdiv = document.createElement('div');
-	                  newdiv.innerHTML = "<br>Invalid Credentials</br>";
-                    newdiv.id = 'myModalFormId';
-                     $(".primary-tabs").append(newdiv);
-               } 
-	}else{  
-         
-          //Instantiate HTTP Request
-          var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
-    	    request.open("GET", loginURL, true, username, password);
-	        request.send(null);
-    
-          //Process Response
-          request.onreadystatechange = function(){
-             if (request.readyState == 4) {
-                 if (request.status==200) {
-                        delete form;
-                        window.location=window.location.origin;
-                }
-                else{
-                  if (navigator.userAgent.toLowerCase().indexOf("firefox") != -1){                       
-                     }
-                   
-		  if (document.getElementById('myModalFormId') === null ) {		
-                    var newdiv = document.createElement('div');
-	                   newdiv.innerHTML = "<br>Invalid Credentials</br>";
-                    newdiv.id = 'myModalFormId';
-                    $(".primary-tabs").append(newdiv);
-                   } 
+	var userAgent = navigator.userAgent.toLowerCase();
+	if (userAgent.indexOf("firefox") != -1) { //TODO: check version number
+		if (firstLogIn) {
+			_login();
+		} else {
+			ROC_AUTH.logoff(_login);
+		}
+	} else {
+		_login();
+	}
 
-                  }
-               }
-            }
-        }
-    }
- 
-    var userAgent = navigator.userAgent.toLowerCase();
-    if (userAgent.indexOf("firefox") != -1){ //TODO: check version number
-        if (firstLogIn) _login();
-        else logoff(_login);
-    }
-    else{
-        _login();
-    }
- 
-    if (firstLogIn) firstLogIn = false;
+	if (firstLogIn) {
+		firstLogIn = false;
+	}
 };
 
 
 ROC_AUTH.login_with_redirect = function() {
-    var form = document.forms[2];
-    var username = form.username.value;
-    var password = form.password.value;
-    var host = form.host.value;
-    var _login = function(){
+	var form = document.forms[2];
+	var username = form.username.value;
+	var password = form.password.value;
+	var host = form.host.value;
+	var _login = function(){
+		var redirectURL = form.redirect && form.redirect.value || "";   
+		$("#imgProgressRedirect").show();  
 
-    var redirectURL = form.redirect && form.redirect.value || "";   
+		if  (document.getElementById('myModalFormId') !== null ) {
+			ROC_AUTH.remove ('myModalFormId');
+		}
+		if (username === "" || password === "") {
+			if (document.getElementById('myModalFormId') === null ) {      
+				var newdiv = document.createElement('div');
+				newdiv.innerHTML = "<br>Invalid Credentials</br>";
+				newdiv.id = 'myModalFormId';
+				$(".login-box").append(newdiv);
+				$("#imgProgressRedirect").hide();
+			} 
+		} else {  
+			//Instantiate HTTP Request
+			var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
+			request.open("GET", host + loginURL, true, username, password);
+			request.send(null);
 
+			//Process Response
+			request.onreadystatechange = function() {
+				if (request.readyState == 4) {
+					if (request.status==200) {
+						if (redirectURL === "") {   
+							window.location=host + "/";
+						} else {
+							window.location=host + redirectURL;
+						}
+					} else{
+						if (navigator.userAgent.toLowerCase().indexOf("firefox") != -1){                       
+						}
+						if (document.getElementById('myModalFormId') === null ) {     
+							var newdiv = document.createElement('div');
+							newdiv.innerHTML = "<br>Invalid Credentials</br>";
+							newdiv.id = 'myModalFormId';
+							$(".login-box").append(newdiv);
+							$("#imgProgressRedirect").hide();    
+						} 
+					}
+				}
+			}
+		}
+	}
 
-    $("#imgProgressRedirect").show();  
-
-    if  (document.getElementById('myModalFormId') !== null ) {
-        ROC_AUTH.remove ('myModalFormId');
-    }
-
-
-    if (username === "" || password === "") {
-             if (document.getElementById('myModalFormId') === null ) {      
-                    var newdiv = document.createElement('div');
-                      newdiv.innerHTML = "<br>Invalid Credentials</br>";
-                    newdiv.id = 'myModalFormId';
-                    $(".primary-tabs").append(newdiv);
-                     $("#imgProgressRedirect").hide();
-               } 
-    }else{  
-         
-          //Instantiate HTTP Request
-          var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
-            request.open("GET", host.concat(loginURL), true, username, password);
-            request.send(null);
-    
-          //Process Response
-          request.onreadystatechange = function(){
-             if (request.readyState == 4) {
-                 if (request.status==200) {
-                     if (redirectURL === "") {   
-                        window.location=host.concat("/");
-                    } else {
-                        window.location=host.concat(redirectURL);
-                    }
-
-        }
-                else{
-                  if (navigator.userAgent.toLowerCase().indexOf("firefox") != -1){                       
-                     }
-                   
-          if (document.getElementById('myModalFormId') === null ) {     
-                    var newdiv = document.createElement('div');
-                       newdiv.innerHTML = "<br>Invalid Credentials</br>";
-                    newdiv.id = 'myModalFormId';
-                    $(".primary-tabs").append(newdiv);
-                    $("#imgProgressRedirect").hide();    
-                   } 
-
-                  }
-               }
-            }
-        }
-    }
- 
-    var userAgent = navigator.userAgent.toLowerCase();
-    if (userAgent.indexOf("firefox") != -1){ //TODO: check version number
-        if (firstLogIn) _login();
-        else logoff(_login);
-    }
-    else{
-        _login();
-    }
- 
-    if (firstLogIn) firstLogIn = false;
+	var userAgent = navigator.userAgent.toLowerCase();
+	if (userAgent.indexOf("firefox") != -1){ //TODO: check version number
+		if (firstLogIn) {
+			_login();
+		} else {
+			ROC_AUTH.logoff(_login);
+		}
+	} else{
+		_login();
+	}
+	if (firstLogIn) {
+		firstLogIn = false;
+	}
 };
 
-
 ROC_AUTH.getQueryParameterByName = function (name) {
-    name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
-    var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"),
-        results = regex.exec(location.search);
-    return results === null ? " " : decodeURIComponent(results[1].replace(/\+/g, " "));
+	name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
+	var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"), results = regex.exec(location.search);
+	return results === null ? " " : decodeURIComponent(results[1].replace(/\+/g, " "));
 } 
  
 ROC_AUTH.logoff = function(callback){
-	   var form = document.forms[0];
-     var host = form.host.value;
-	  
-    if (userAgent.indexOf("msie") != -1) {
-        document.execCommand("ClearAuthenticationCache");
-    }
-    else if (userAgent.indexOf("firefox") != -1){ //TODO: check version number
- 
-        var request1 = new XMLHttpRequest();
-        var request2 = new XMLHttpRequest();
- 
-      //Logout. Tell the server not to return the "WWW-Authenticate" header
-        request1.open("GET", host.concat(logoutURL) + "?prompt=false", true);
-        request1.send("");
-        request1.onreadystatechange = function(){
-            if (request1.readyState == 4) {
- 
-              //Sign in with dummy credentials to clear the auth cache
-                request2.open("GET", host.concat(logoutURL), true, "logout", "logout");
-                request2.send("");
- 
-                request2.onreadystatechange = function(){
-                    if (request2.readyState == 4) {
-                        if (callback!=null) { callback.call();  } else { window.location=host.concat(logoutURL);}
-                    } 
-                }
-                 
-            }
-        }
-    }
-    else {
-        var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
-        request.open("GET", host.concat(logoutURL), true, "logout", "logout");
-        request.send("");
-        request.onreadystatechange = function(){
-                   if (request.status==401 || request.status==403 ) { window.location=host.concat(logoutURL);
-                } 
-            }
-    }
+	var form = document.forms[0];
+	var host = form.host.value;
+
+	if (userAgent.indexOf("msie") != -1) {
+		document.execCommand("ClearAuthenticationCache");
+	} else if (userAgent.indexOf("firefox") != -1){ //TODO: check version number
+		var request1 = new XMLHttpRequest();
+		var request2 = new XMLHttpRequest();
+
+		//Logout. Tell the server not to return the "WWW-Authenticate" header
+		request1.open("GET", host + logoutURL + "?prompt=false", true);
+		request1.send("");
+		request1.onreadystatechange = function(){
+			if (request1.readyState == 4) {
+				//Sign in with dummy credentials to clear the auth cache
+				request2.open("GET", host + logoutURL, true, "logout", "logout");
+				request2.send("");
+				request2.onreadystatechange = function(){
+					if (request2.readyState == 4) {
+						if (callback!=null) {
+							callback.call();  
+						} else { 
+							window.location=host + logoutURL;
+						}
+					} 
+				}
+			}
+		}
+	} else {
+		var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
+		request.open("GET", host + logoutURL, true, "logout", "logout");
+		request.send("");
+		request.onreadystatechange = function(){
+			if (request.status==401 || request.status==403 ) { 
+				window.location=host + logoutURL;
+			} 
+		}
+	}
 };
 
 
-ROC_AUTH.remove = function (id)
-{
-   var element = document.getElementById(id);
-   element.outerHTML = "";
-   delete element;
-   return;
+ROC_AUTH.remove = function (id) {
+	var element = document.getElementById(id);
+	element.outerHTML = "";
+	delete element;
+	return;
 };
 
 
 
 $(document).ready(function() {
-
-  if (typeof String.prototype.contains != 'function') {
-    String.prototype.contains = function (str){
-      return this.indexOf(str) != -1;
-    };
-  }
-   ROC_AUTH.progressive_loging();
-
+	if (typeof String.prototype.contains != 'function') {
+		String.prototype.contains = function (str){
+			return this.indexOf(str) != -1;
+		};
+	}
+	ROC_AUTH.progressive_loging();
 });
 
 
 ROC_AUTH.progressive_loging = function () {
-
-    ROC_AUTH.login_href();
+	ROC_AUTH.login_href();
 };
 
 
 $(document).keypress(function(e) {
-  if ((e.which === 13) && (e.target.localName === 'input' &&  e.target.id === 'password')) {
-      ROC_AUTH.login();
-  }
+	if ((e.which === 13) && (e.target.localName === 'input' &&  e.target.id === 'password')) {
+		ROC_AUTH.login();
+	}
 });
 
 ROC_AUTH.OnOneClick = function(event) {
-  event.preventDefault();
-  if  ( document.forms[0] === undefined ) {
-    ROC_AUTH.create_form();
-  }
-  return false;
+	event.preventDefault();
+	if  ( document.forms[0] === undefined ) {
+		ROC_AUTH.create_form();
+	}
+	return false;
 };
 
 ROC_AUTH.login_href = function() {
-  var els = document.getElementsByTagName("a");
-  for (var i = 0, l = els.length; i < l; i++) {
-      var el = els[i];
-      if (el.href.contains("/basic_auth_login?destination")) {
-        loginURL = el.href;
-        var OneClick = el;
-        OneClick.addEventListener('click', ROC_AUTH.OnOneClick, false);
-     }
-  }
+	var els = document.getElementsByTagName("a");
+	for (var i = 0, l = els.length; i < l; i++) {
+		var el = els[i];
+		if (el.href.contains(loginURL + "?destination")) {
+//			loginURL = el.href;
+			var OneClick = el;
+			OneClick.addEventListener('click', ROC_AUTH.OnOneClick, false);
+		}
+	}
 };
 
 
 ROC_AUTH.create_form = function() {
 
-    // Fetching HTML Elements in Variables by ID.
-  var createform = document.createElement('form'); // Create New Element Form
-  createform.setAttribute("action", ""); // Setting Action Attribute on Form
-  createform.setAttribute("method", "post"); // Setting Method Attribute on Form
-  $("body").append(createform); 
+	// Fetching HTML Elements in Variables by ID.
+	var createform = document.createElement('form'); // Create New Element Form
+	createform.setAttribute("action", ""); // Setting Action Attribute on Form
+	createform.setAttribute("method", "post"); // Setting Method Attribute on Form
+	$("body").append(createform); 
 
-  var heading = document.createElement('h2'); // Heading of Form
-  heading.innerHTML = "Login Form ";
-  createform.appendChild(heading);
+	var heading = document.createElement('h2'); // Heading of Form
+	heading.innerHTML = "Login Form ";
+	createform.appendChild(heading);
 
-  var line = document.createElement('hr'); // Giving Horizontal Row After Heading
-  createform.appendChild(line);
+	var line = document.createElement('hr'); // Giving Horizontal Row After Heading
+	createform.appendChild(line);
 
-  var linebreak = document.createElement('br');
-  createform.appendChild(linebreak);
+	var linebreak = document.createElement('br');
+	createform.appendChild(linebreak);
 
-  var namelabel = document.createElement('label'); // Create Label for Name Field
-  namelabel.innerHTML = "Username : "; // Set Field Labels
-  createform.appendChild(namelabel);
+	var namelabel = document.createElement('label'); // Create Label for Name Field
+	namelabel.innerHTML = "Username : "; // Set Field Labels
+	createform.appendChild(namelabel);
 
-  var inputelement = document.createElement('input'); // Create Input Field for UserName
-  inputelement.setAttribute("type", "text");
-  inputelement.setAttribute("name", "username");
-  inputelement.setAttribute("required","required");
-  createform.appendChild(inputelement);
+	var inputelement = document.createElement('input'); // Create Input Field for UserName
+	inputelement.setAttribute("type", "text");
+	inputelement.setAttribute("name", "username");
+	inputelement.setAttribute("required","required");
+	createform.appendChild(inputelement);
 
-  var linebreak = document.createElement('br');
-  createform.appendChild(linebreak);
+	var linebreak = document.createElement('br');
+	createform.appendChild(linebreak);
 
-  var passwordlabel = document.createElement('label'); // Create Label for Password Field
-  passwordlabel.innerHTML = "Password : ";
-  createform.appendChild(passwordlabel);
+	var passwordlabel = document.createElement('label'); // Create Label for Password Field
+	passwordlabel.innerHTML = "Password : ";
+	createform.appendChild(passwordlabel);
 
-  var passwordelement = document.createElement('input'); // Create Input Field for Password.
-  passwordelement.setAttribute("type", "password");
-  passwordelement.setAttribute("name", "password");
-  passwordelement.setAttribute("id", "password");
-  passwordelement.setAttribute("required","required");
-  createform.appendChild(passwordelement);
+	var passwordelement = document.createElement('input'); // Create Input Field for Password.
+	passwordelement.setAttribute("type", "password");
+	passwordelement.setAttribute("name", "password");
+	passwordelement.setAttribute("id", "password");
+	passwordelement.setAttribute("required","required");
+	createform.appendChild(passwordelement);
 
 
-  var passwordbreak = document.createElement('br');
-  createform.appendChild(passwordbreak);
+	var passwordbreak = document.createElement('br');
+	createform.appendChild(passwordbreak);
 
 
-  var submitelement = document.createElement('button'); // Append Submit Button
-  submitelement.setAttribute("type", "button");
-  submitelement.setAttribute("onclick", "ROC_AUTH.login();");
-  submitelement.innerHTML = "Sign In ";
-  createform.appendChild(submitelement);
+	var submitelement = document.createElement('button'); // Append Submit Button
+	submitelement.setAttribute("type", "button");
+	submitelement.setAttribute("onclick", "ROC_AUTH.login();");
+	submitelement.innerHTML = "Sign In ";
+	createform.appendChild(submitelement);
 
 };
 
@@ -310,16 +294,16 @@ var password = document.getElementById("password");
 var confirm_password = document.getElementById("confirm_password");
 
 ROC_AUTH.validatePassword =function(){
-  if ((password != null) && (confirm_password != null)) {
-    if(password.value != confirm_password.value) {
-      confirm_password.setCustomValidity("Passwords Don't Match");
-    } else {
-      confirm_password.setCustomValidity('');
-    }
-   } 
+	if ((password != null) && (confirm_password != null)) {
+		if(password.value != confirm_password.value) {
+			confirm_password.setCustomValidity("Passwords Don't Match");
+		} else {
+			confirm_password.setCustomValidity('');
+		}
+	} 
 }
 
 if ((password != null) && (confirm_password != null)) {
-  password.onchange = ROC_AUTH.validatePassword();
-  confirm_password.onkeyup = ROC_AUTH.validatePassword;
-}
+	password.onchange = ROC_AUTH.validatePassword();
+	confirm_password.onkeyup = ROC_AUTH.validatePassword;
+}

examples/demo/site/modules/basic_auth/templates/block_login.tpl

@@ -1,29 +1,23 @@
- 	<div class="primary-tabs">
- 		{unless isset="$user"}
-			<h3>Login or <a href="{$site_url/}account/roc-register">Register</a></h3>
+{unless isset="$user"}
+ 	<div class="login-box">
+		<div class="description">The "Basic Auth" relies on the HTTP basic acces authentication.<br/>(see also: <a href="https://en.wikipedia.org/wiki/Basic_access_authentication">https://en.wikipedia.org/wiki/Basic_access_authentication</a> )</div>
+		<h3>Login or <a href="{$site_url/}account/roc-register">Register</a></h3>
 		<div>
-			<div>	
-			    <form name="cms_basic_auth" action method="POST">
-					<div>
-						<input type="text" name="username" id="username" required>
-						<label>Username</label>
-					</div>
-										
-					<div>
-						<input  type="password" name="password"  id="password" required>
-						<label>Password</label>
-					</div>
-        
-					<button type="button" onclick="ROC_AUTH.login();">Login</button>
-				</form>
-			</div>
+			<form name="cms_basic_auth" action="{$site_url/}roc-basic-login" method="POST">
+				<input type="hidden" name="host" id="host" value="{$site_url/}">
+				<div>
+					<input type="text" name="username" id="username" required>
+					<label>Username</label>
+				</div>
+				<div>
+					<input type="password" name="password"  id="password" required>
+					<label>Password</label>
+				</div>
+				<button type="button" onclick="ROC_AUTH.login();">Login</button>
+			</form>
     	</div>
 		<div>
-			<div>
-				<p>
-					<a href="{$site_url/}account/new-password">Forgot password?</a>
-				</p>
-			</div>
+			<a href="{$site_url/}account/new-password">Forgot password?</a>
 		</div>	
-		{/unless}
 	</div>
+{/unless}

examples/demo/site/modules/blog/scripts/install.sql

@@ -0,0 +1,6 @@
+CREATE TABLE blog_post_nodes(
+  `nid` INTEGER NOT NULL CHECK("nid">=0),
+  `revision` INTEGER NOT NULL,
+  `tags` VARCHAR(255),
+  CONSTRAINT PK_nid_revision PRIMARY KEY (nid,revision)
+);

examples/demo/site/modules/contact/config/contact.json

@@ -0,0 +1,8 @@
+{
+	"--email": "webmaster@example.com",
+	"subjet": "Thank you for contacting us",
+	"recaptcha": {
+		"site_key":"",
+		"secret_key":""
+	}
+}

examples/demo/site/modules/contact/files/css/contact.css

@@ -0,0 +1,124 @@
+.contact-box {
+  background-color: #F2F7F9;
+  width: 465px;
+  padding: 20px;
+  border: 6px solid #8FB5C1;
+  -moz-border-radius: 15px;
+  -webkit-border-radius: 15px;
+  border-radius: 15px;
+  position: relative;
+  /* Remove box shadow firefox, chrome and opera put around required fields. 
+   * It looks rubbish. 
+   */
+  /* Normalize placeholder styles */
+  /* chrome, safari */
+  /* mozilla */
+  /* ie (faux placeholder) */
+}
+.contact-box h1 {
+  font-size: 42px;
+}
+.contact-box h2 {
+  margin-bottom: 15px;
+  font-style: italic;
+  font-weight: normal;
+}
+.contact-box label {
+  font-size: 15px;
+  margin-bottom: 2px;
+  display: block;
+}
+.contact-box input, .contact-box select, .contact-box textarea {
+  width: 100%;
+  font-size: 15px;
+  border: 1px solid #CEE1E8;
+  margin-bottom: 20px;
+  padding: 4px;
+}
+.contact-box input:focus, .contact-box select:focus, .contact-box textarea:focus {
+  border: 1px solid #AFCDD8;
+  background-color: #EBF2F4;
+}
+.contact-box textarea {
+  height: 150px;
+  resize: none;
+}
+.contact-box span.required {
+  font-weight: bold;
+  color: #F00;
+}
+.contact-box input[type=submit] {
+  width: 100px;
+  background-color: #333;
+  color: #FFF;
+  border: none;
+  display: block;
+  float: right;
+  margin-bottom: 0px;
+  margin-right: 6px;
+  background-color: #8FB5C1;
+  -moz-border-radius: 8px;
+}
+.contact-box input[type=submit]:hover {
+  background-color: #A6CFDD;
+}
+.contact-box input[type=submit]:active {
+  position: relative;
+  top: 1px;
+}
+.contact-box .message {
+  width: 95%;
+  margin: 25px 0px;
+  padding: 10px;
+  display: block;
+  border: solid 1px #ccc;
+  border-radius: 8px;
+  -webkit-border-radius: 8px;
+  -moz-border-radius: 8px;
+}
+.contact-box .message.hidden {
+  display: none;
+}
+.contact-box .message.error {
+  border-color: #E58E8E;
+  background-color: #FFE6E6;
+}
+.contact-box .message.error li {
+  padding: 2px;
+  list-style: none;
+}
+.contact-box .message.error li:before {
+  content: ' - ';
+}
+.contact-box .message.error #info {
+  font-weight: bold;
+}
+.contact-box .message.error #info:before {
+  content: '';
+}
+.contact-box .message.success {
+  border-color: #83D186;
+  padding-top: 25px;
+  background-color: #D3EDD3;
+}
+.contact-box .req-field-desc {
+  font-style: italic;
+}
+.contact-box input:required, .contact-box textarea:required {
+  -moz-box-shadow: none;
+  -webkit-box-shadow: none;
+  -o-box-shadow: none;
+  box-shadow: none;
+}
+.contact-box ::-webkit-input-placeholder {
+  color: #CCC;
+  font-style: italic;
+}
+.contact-box input:-moz-placeholder, .contact-box textarea:-moz-placeholder {
+  color: #CCC;
+  font-style: italic;
+}
+.contact-box input.placeholder-text, .contact-box textarea.placeholder-text {
+  color: #CCC;
+  font-style: italic;
+}

examples/demo/site/modules/contact/files/scss/contact.scss

@@ -0,0 +1,140 @@
+.contact-box {
+    background-color:#F2F7F9;
+    width:465px;
+    padding:20px;
+    border: 6px solid #8FB5C1;
+    -moz-border-radius:15px;
+    -webkit-border-radius:15px;
+    border-radius:15px;
+    position:relative;
+ 
+	h1 {
+		font-size:42px;
+	}
+	 
+	h2 {
+		margin-bottom:15px;
+		font-style:italic;
+		font-weight:normal;
+	}
+	 
+	label {
+		font-size:15px;
+		margin-bottom:2px;
+		display:block;
+	}
+ 
+	input, select, textarea {
+		width:100%;
+		font-size:15px;
+		border: 1px solid #CEE1E8;
+		margin-bottom:20px;
+		padding:4px;
+		&:focus {
+			border: 1px solid #AFCDD8;
+			background-color: #EBF2F4;
+		}
+	}
+	 
+	textarea {
+		height:150px;
+		resize: none;
+	}
+	 
+	span.required {
+		font-weight:bold;
+		color:#F00;    
+	}
+	 
+	input[type=submit] {
+		width: 100px;
+		background-color:#333;
+		color:#FFF;
+		border:none;
+		display:block;
+		float:right;
+		margin-bottom:0px;
+		margin-right:6px;
+		background-color:#8FB5C1;
+		-moz-border-radius:8px;
+		&:hover {
+			background-color: #A6CFDD;
+		}
+		&:active {
+			position:relative;
+			top:1px;
+		}
+	}
+
+	.message {
+		width:95%;
+		margin:25px 0px;
+		padding:10px;
+		display:block;
+		border:solid 1px #ccc;
+		border-radius:8px;
+		-webkit-border-radius:8px;
+		-moz-border-radius:8px;
+
+		&.hidden {
+			display: none;
+		}
+
+		&.error {
+			border-color: #E58E8E;
+			background-color:#FFE6E6;
+		 
+			li {
+				padding:2px;
+				list-style:none;    
+				&:before { content: ' - ';    }
+			}
+			#info {
+				font-weight:bold;
+				&:before { content: '';    }
+			}
+		}
+
+		&.success {
+			border-color: #83D186;
+			padding-top: 25px;
+			background-color:#D3EDD3;
+		}
+	}
+ 
+	.req-field-desc {
+		font-style:italic;
+	}
+	 
+	/* Remove box shadow firefox, chrome and opera put around required fields. 
+	 * It looks rubbish. 
+	 */
+	input:required, textarea:required {
+		-moz-box-shadow:none;
+		-webkit-box-shadow:none;
+		-o-box-shadow:none;
+		box-shadow:none;
+	}
+	 
+	/* Normalize placeholder styles */
+	 
+	/* chrome, safari */
+	::-webkit-input-placeholder {
+		color:#CCC;
+		font-style:italic;
+	}
+	 
+	/* mozilla */
+	input:-moz-placeholder, textarea:-moz-placeholder {
+		color:#CCC;
+		font-style:italic;
+	}
+	 
+	/* ie (faux placeholder) */
+	input.placeholder-text, textarea.placeholder-text  { 
+		color:#CCC;
+		font-style:italic;
+	}
+
+}
+

examples/demo/site/modules/contact/templates/block_contact.tpl

@@ -0,0 +1,25 @@
+<div class="contact-box clearfix">
+    <h1>Contact us!</h1>
+    <form method="post" action="{$site_url/}contact" id="contact-form">
+        <label for="name">Name: <span class="required">*</span></label>
+        <input type="text" id="name" name="name" value="{$name/}" required="required" autofocus="autofocus" />
+         
+        <label for="email">Email Address: <span class="required">*</span></label>
+        <input type="email" id="email" name="email" value="{$email/}" required="required" />
+         
+        <label for="message">Message: <span class="required">*</span></label>
+        <textarea id="message" name="message" required="required" data-minlength="20" minlength="20" >{$message/}</textarea>
+		{unless isempty="$recaptcha_site_key"}
+        <div class="g-recaptcha" data-sitekey="{$recaptcha_site_key/}"></div>
+        <br/>
+		{/unless}
+        <input type="submit" value="Send" class="submit-button" />
+        <p class="req-field-desc"><span class="required">*</span> indicates a required field</p>
+    </form>
+    {unless isempty="$error_response"}
+        <ul class="message error">
+			{foreach item="item" from="$error_response"}<li class="info">{$item/}</li>{/foreach}
+        </ul>
+        <div class="notice"> Try again later </div>
+    {/unless}        
+</div>

examples/demo/site/modules/contact/templates/block_post_contact.tpl

@@ -0,0 +1,15 @@
+<div class="contact-box">
+{if condition="$has_error"}
+<div class="message error">
+		<strong>Internal Server Error <small>Error 500</small></strong>
+		<p>The page you requested could not be served because the server is down,
+		either contact the webmaster or try again. 
+		Use your browser's <strong>Back</strong> button to navigate to the page you came from.</p>
+		<p><strong>Or you could just press this link:</strong> <a href="{$site_url/}" itemprop="home" rel="home">Take Me Home</a></p> 
+</div>
+{/if}
+{unless condition="$has_error"}
+<p class="message success">Thank you for contacting the Eiffel Programming Language community.<br/>
+We will get back to you promptly on your contact request.</p>	
+{/unless}
+</div>

examples/demo/site/modules/contact/templates/email_message.tpl

@@ -0,0 +1,10 @@
+<p>
+Thank you for contacting {$sitename/}.<br/>
+We will get back to you promptly about your contact message.
+</p>
+<h2>Your contact information:</h2>  
+<div>
+	<strong>Name<strong>: {$name/} <br/>
+	<strong>Email<strong>: {$email/} <br/>
+	<strong>Message<strong>: {$message/} <br/>
+</div>

examples/demo/site/modules/contact/templates/email_notification.tpl

@@ -0,0 +1,6 @@
+<h2>Contact information:</h2>  
+<div>
+	<strong>Name<strong>: {$name/}<br/>
+	<strong>Email<strong>: {$email/} <br/>
+	<strong>Message<strong>: {$message/} <br/>
+</div>

examples/demo/site/modules/node/files/scss/node.scss

@@ -3,22 +3,17 @@ ul.cms-nodes {
 	list-style-type: none;
 	padding: 3px 3px 3px 3px;
 	border: solid 1px #ccc;
-
 	li{
 		border-top: dotted 1px #ccc;
 		&:first-child {
 			border-top: none;
 		}
 	}
-
 	li.cms_type_page a::before {
 		content: "[page] ";
 	}
-
 	li.cms_type_blog a::before {
 		content: "[blog] ";
 	}
-
-
 }
 

examples/demo/site/modules/session_auth/scripts/install.sql

@@ -0,0 +1,9 @@
+
+CREATE TABLE auth_session (
+   `uid` INTEGER PRIMARY KEY NOT NULL CHECK(`uid`>=0),
+   `access_token` VARCHAR(64)  NOT NULL,
+   `created` DATETIME NOT NULL,
+   CONSTRAINT `uid` UNIQUE(`uid`),
+   CONSTRAINT `access_token` UNIQUE(`access_token`) 
+);
+

examples/demo/site/modules/session_auth/templates/block_login.tpl

@@ -0,0 +1,23 @@
+{unless isset="$user"}
+<div class="login-box">
+	<div class="description">The "Session" is the standard authentication system. (based on cookie)</div>
+	<h3>Login or <a href="{$site_url/}account/roc-register">Register</a></h3>
+	<div>
+		<form name="cms_session_auth" action="{$site_url/}account/auth/roc-session-login" method="POST">
+			<div>
+				<input type="text" name="username" id="username" required value="{$username/}">
+				<label>Username</label>
+			</div>
+			<div>
+				<input  type="password" name="password"  id="password" required >
+				<label>Password</label>
+			</div>
+			<button type="submit">Login</button>
+		</form>
+	</div>
+	<div>
+		<a href="{$site_url/}account/new-password">Forgot password?</a>
+	</div>	
+	{if isset="$error"}<div class="error">{$error/}</div>{/if}
+</div>
+{/unless}

examples/demo/site/modules/taxonomy/files/css/taxonomy.css

@@ -0,0 +1,26 @@
+ul.taxonomy {
+  font-size: 80%;
+  list-style-type: none;
+  font-style: italic;
+  margin: 0;
+}
+ul.taxonomy li {
+  padding: 2px;
+  margin-right: 3px;
+  display: inline-block;
+  border: none;
+}
+ul.taxonomy li a:hover {
+  text-decoration: none;
+}
+ul.taxonomy li:hover {
+  padding: 1px;
+  border-top: solid 1px #66f;
+  border-bottom: solid 1px #66f;
+  background-color: #ddf;
+}
+
+table.taxonomy td {
+  border: solid 1px #ccc;
+  padding: 2px;
+}

examples/demo/site/modules/taxonomy/files/scss/taxonomy.scss

@@ -0,0 +1,27 @@
+ul.taxonomy {
+	font-size: 80%;
+	list-style-type: none;
+	font-style: italic;
+	margin: 0;
+	li {
+		a:hover {
+			text-decoration: none;
+		}
+		padding: 2px;
+		margin-right: 3px;
+		display: inline-block;
+		border: none;
+		&:hover {
+			padding: 1px;
+			border-top: solid 1px #66f;
+			border-bottom: solid 1px #66f;
+			background-color: #ddf;
+		}
+	}
+}
+table.taxonomy {
+	td {
+		border: solid 1px #ccc;
+		padding: 2px;
+	}
+}

examples/demo/site/modules/taxonomy/scripts/install.sql

@@ -0,0 +1,24 @@
+
+CREATE TABLE taxonomy_term (
+  `tid`	INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT UNIQUE,
+  `text` VARCHAR(255) NOT NULL,
+  `weight` INTEGER,
+  `description` TEXT,  
+  `langcode` VARCHAR(12)
+);
+
+CREATE TABLE taxonomy_hierarchy (
+  `tid`	INTEGER NOT NULL,
+  `parent` INTEGER,
+  CONSTRAINT PK_tid_parent PRIMARY KEY (tid,parent)
+);
+
+/* Associate tid with unique (type,entity)
+ * for instance: "page" + "$nid" -> "tid"
+ */
+CREATE TABLE taxonomy_index (
+  `tid`	INTEGER NOT NULL,
+  `entity`	VARCHAR(255),
+  `type` VARCHAR(255) NOT NULL,
+  CONSTRAINT PK_tid_entity_type PRIMARY KEY (tid,entity,type)
+);

examples/demo/site/modules/taxonomy/scripts/uninstall.sql

@@ -0,0 +1,3 @@
+DROP TABLE IF EXISTS taxonomy_term;
+DROP TABLE IF EXISTS taxonomy_hierarchy;
+DROP TABLE IF EXISTS taxonomy_index;

examples/demo/site/scripts/user.sql

@@ -46,3 +46,18 @@ CREATE TABLE `users_password_recovery` (
   CONSTRAINT `token` UNIQUE  (`token`)
 );
 
+
+CREATE TABLE `auth_temp_users` (
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
+
+
+
+

examples/demo/site/themes/bootstrap/assets/css/style.css

@@ -90,3 +90,11 @@ ul.horizontal li {
   border: solid 1px red;
   padding: 5px 2px 5px 2px;
 }
+
+table.with_border thead td {
+  font-weight: bold;
+}
+table.with_border td {
+  border: solid 1px #ccc;
+  padding: 2px 5px 2px 5px;
+}

examples/demo/site/themes/bootstrap/assets/scss/style.scss

@@ -95,3 +95,13 @@ ul.horizontal {
 	border: solid 1px red;
 	padding: 5px 2px 5px 2px;
 }
+
+table.with_border {
+	thead td {
+		font-weight: bold;
+	}
+	td {
+		border: solid 1px #ccc;
+		padding: 2px 5px 2px 5px;
+	}
+}

examples/demo/src/demo_cms_execution.e

@@ -35,56 +35,47 @@ feature -- CMS storage
 		do
 			a_setup.storage_drivers.force (create {CMS_STORAGE_SQLITE3_BUILDER}.make, "sqlite3")
 --			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_MYSQL_BUILDER}.make, "mysql")
-			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
+--			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
 		end
 
 feature -- CMS modules
 
 	setup_modules (a_setup: CMS_SETUP)
 			-- Setup additional modules.
-		local
-			m: CMS_MODULE
 		do
-			create {CMS_ADMIN_MODULE} m.make
-			a_setup.register_module (m)
+				-- Admin
+			a_setup.register_module (create {CMS_ADMIN_MODULE}.make)
 
 				-- Auth
-			create {CMS_AUTHENTICATION_MODULE} m.make
-			a_setup.register_module (m)
-
-			create {CMS_BASIC_AUTH_MODULE} m.make
-			a_setup.register_module (m)
-
-			create {CMS_OAUTH_20_MODULE} m.make
-			a_setup.register_module (m)
-
-			create {CMS_OPENID_MODULE} m.make
-			a_setup.register_module (m)
+			a_setup.register_module (create {CMS_AUTHENTICATION_MODULE}.make)
+			a_setup.register_module (create {CMS_BASIC_AUTH_MODULE}.make)
+			a_setup.register_module (create {CMS_OAUTH_20_MODULE}.make)
+			a_setup.register_module (create {CMS_OPENID_MODULE}.make)
+			a_setup.register_module (create {CMS_SESSION_AUTH_MODULE}.make)
 
 				-- Nodes
-			create {CMS_NODE_MODULE} m.make (a_setup)
-			a_setup.register_module (m)
+			a_setup.register_module (create {CMS_NODE_MODULE}.make (a_setup))
+			a_setup.register_module (create {CMS_BLOG_MODULE}.make)
 
-			create {CMS_BLOG_MODULE} m.make
-			a_setup.register_module (m)
+				-- Contact
+			a_setup.register_module (create {CMS_CONTACT_MODULE}.make)
+
+				-- Misc
+			a_setup.register_module (create {CMS_SEO_MODULE}.make)
+
+				-- Taxonomy
+			a_setup.register_module (create {CMS_TAXONOMY_MODULE}.make)
 
 				-- Recent changes
-			create {CMS_RECENT_CHANGES_MODULE} m.make
-			a_setup.register_module (m)
+			a_setup.register_module (create {CMS_RECENT_CHANGES_MODULE}.make)
 
-				-- Recent changes
-			create {FEED_AGGREGATOR_MODULE} m.make
-			a_setup.register_module (m)
+				-- Feed aggregator
+			a_setup.register_module (create {FEED_AGGREGATOR_MODULE}.make)
 
 				-- Miscellanious
-			create {CMS_DEBUG_MODULE} m.make
-			a_setup.register_module (m)
-
-			create {CMS_DEMO_MODULE} m.make
-			a_setup.register_module (m)
-
-			create {GOOGLE_CUSTOM_SEARCH_MODULE} m.make
-			a_setup.register_module (m)
+			a_setup.register_module (create {GOOGLE_CUSTOM_SEARCH_MODULE}.make)
+			a_setup.register_module (create {CMS_DEBUG_MODULE}.make)
+			a_setup.register_module (create {CMS_DEMO_MODULE}.make)
 		end
 
 end

library/email/email_service.e

@@ -35,12 +35,14 @@ feature {NONE} -- Initialization
 	parameters: EMAIL_SERVICE_PARAMETERS
 			-- Associated parameters.
 
-	admin_email: IMMUTABLE_STRING_8
-			-- Site admin's email.
-
 	mailer: NOTIFICATION_MAILER
 			-- SMTP protocol.
 
+feature -- Access
+
+	admin_email: IMMUTABLE_STRING_8
+			-- Site admin's email.
+
 feature -- Basic Operations
 
 	send_internal_email (a_content: READABLE_STRING_GENERAL)

library/gcse/src/gcse_page_item.e

@@ -7,7 +7,6 @@ class
 	GCSE_PAGE_ITEM
 
 inherit
-
 	DEBUG_OUTPUT
 
 feature -- Access
@@ -139,62 +138,62 @@ feature -- Element change
 
 feature -- Output
 
-		debug_output: STRING_8
-				-- <Precursor>
-			do
-				create Result.make_from_string ("%NPage Item details%N")
-				if attached title as l_title then
-					Result.append ("Title:")
-					Result.append (l_title)
-					Result.append_character ('%N')
-				end
-				if attached kind as l_kind then
-					Result.append ("Kind:")
-					Result.append (l_kind)
-					Result.append_character ('%N')
-				end
-				if attached html_title as l_html_title then
-					Result.append ("Html title:")
-					Result.append (l_html_title)
-					Result.append_character ('%N')
-				end
-				if attached link as l_link then
-					Result.append ("Link:")
-					Result.append (l_link)
-					Result.append_character ('%N')
-				end
-				if attached display_link as l_display_link then
-					Result.append ("Display link:")
-					Result.append (l_display_link)
-					Result.append_character ('%N')
-				end
-				if attached snippet as l_snippet then
-					Result.append ("Snippet:")
-					Result.append (l_snippet)
-					Result.append_character ('%N')
-				end
-				if attached html_snippet as l_html_snippet then
-					Result.append ("Html snippet:")
-					Result.append (l_html_snippet)
-					Result.append_character ('%N')
-				end
-				if attached cache_id as l_cache_id then
-					Result.append ("Cache_id:")
-					Result.append (l_cache_id)
-					Result.append_character ('%N')
-				end
-				if attached formatted_url as l_formatted_url then
-					Result.append ("Formatted url:")
-					Result.append (l_formatted_url)
-					Result.append_character ('%N')
-				end
-				if attached html_formatted_url as l_html_formatted_url then
-					Result.append ("Html formatted url:")
-					Result.append (l_html_formatted_url)
-					Result.append_character ('%N')
-				end
-
+	debug_output: STRING_8
+			-- <Precursor>
+		do
+			create Result.make_from_string ("%NPage Item details%N")
+			if attached title as l_title then
+				Result.append ("Title:")
+				Result.append (l_title)
+				Result.append_character ('%N')
 			end
+			if attached kind as l_kind then
+				Result.append ("Kind:")
+				Result.append (l_kind)
+				Result.append_character ('%N')
+			end
+			if attached html_title as l_html_title then
+				Result.append ("Html title:")
+				Result.append (l_html_title)
+				Result.append_character ('%N')
+			end
+			if attached link as l_link then
+				Result.append ("Link:")
+				Result.append (l_link)
+				Result.append_character ('%N')
+			end
+			if attached display_link as l_display_link then
+				Result.append ("Display link:")
+				Result.append (l_display_link)
+				Result.append_character ('%N')
+			end
+			if attached snippet as l_snippet then
+				Result.append ("Snippet:")
+				Result.append (l_snippet)
+				Result.append_character ('%N')
+			end
+			if attached html_snippet as l_html_snippet then
+				Result.append ("Html snippet:")
+				Result.append (l_html_snippet)
+				Result.append_character ('%N')
+			end
+			if attached cache_id as l_cache_id then
+				Result.append ("Cache_id:")
+				Result.append (l_cache_id)
+				Result.append_character ('%N')
+			end
+			if attached formatted_url as l_formatted_url then
+				Result.append ("Formatted url:")
+				Result.append (l_formatted_url)
+				Result.append_character ('%N')
+			end
+			if attached html_formatted_url as l_html_formatted_url then
+				Result.append ("Html formatted url:")
+				Result.append (l_html_formatted_url)
+				Result.append_character ('%N')
+			end
+
+		end
 
 note
 	copyright: "2011-2015 Javier Velilla, Jocelyn Fiat, Eiffel Software and others"

library/gcse/test/application.e

@@ -1,7 +1,7 @@
 note
 	description : "test application root class"
-	date        : "$Date: 2015-10-08 07:51:29 -0300 (ju., 08 oct. 2015) $"
-	revision    : "$Revision: 97966 $"
+	date        : "$Date: 2015-12-02 10:27:38 -0300 (mi. 02 de dic. de 2015) $"
+	revision    : "$Revision: 98180 $"
 
 class
 	APPLICATION
@@ -27,20 +27,20 @@ feature {NONE} -- Initialization
 			if attached {GCSE_RESPONSE} gcse.last_result as l_result then
 				if attached l_result.current_page as l_page then
 					print ("Current Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 				if attached l_result.next_page as l_page then
 					print ("Next Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 				if attached l_result.previous_page as l_page then
 					print ("Previous Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 
 				if attached l_result.items as l_items then
 					print ("Number of items:"  + l_items.count.out)
-					across l_items as ic loop print (ic.item.to_string) end
+					across l_items as ic loop print (ic.item.debug_output) end
 				end
 
 				if attached l_result.next_page as l_page then
@@ -52,20 +52,20 @@ feature {NONE} -- Initialization
 			if attached {GCSE_RESPONSE} gcse.last_result as l_result then
 				if attached l_result.current_page as l_page then
 					print ("Current Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 				if attached l_result.next_page as l_page then
 					print ("Next Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 				if attached l_result.previous_page as l_page then
 					print ("Previous Page%N")
-					print (l_page.to_string)
+					print (l_page.debug_output)
 				end
 
 				if attached l_result.items as l_items then
 					print ("Number of items:"  + l_items.count.out)
-					across l_items as ic loop print (ic.item.to_string) end
+					across l_items as ic loop print (ic.item.debug_output) end
 				end
 
 			end

library/gcse/test/test.ecf

@@ -6,7 +6,6 @@
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
 		</option>
 		<setting name="console_application" value="true"/>
-		<precompile name="base_pre" location="$ISE_PRECOMP\base-safe.ecf"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
 		<library name="gcse" location="..\gcse-safe.ecf" readonly="false"/>
 		<library name="testing" location="$ISE_LIBRARY\library\testing\testing-safe.ecf"/>

library/model/src/link/cms_link.e

@@ -37,6 +37,80 @@ feature -- Access
 	weight: INTEGER
 			-- Optional weight used for order.
 
+	query_string: detachable STRING
+			-- Query string from `location'.
+		local
+			i: INTEGER
+			loc: like location
+		do
+			loc := location
+			i := loc.index_of ('?', 1)
+			if i > 0 then
+				Result := loc.substring (i + 1, loc.count)
+				i := loc.last_index_of ('#', loc.count)
+				if i > 0 then
+					Result.keep_head (i - 1)
+				end
+			end
+		end
+
+	fragment_string: detachable STRING
+			-- Query string from `location'.
+		local
+			i: INTEGER
+			loc: like location
+		do
+			loc := location
+			i := loc.last_index_of ('#', loc.count)
+			if i > 0 then
+				Result := loc.substring (i + 1, loc.count)
+			end
+		end
+
+feature -- Element change
+
+	add_query_parameter (a_encoded_name: READABLE_STRING_8; a_encoded_value: detachable READABLE_STRING_8)
+			-- Add query parameter "$a_encoded_name=$a_encoded_value" to `location'.
+			-- note: the argument must already be url encoded!
+		local
+			q: STRING_8
+			f: detachable READABLE_STRING_8
+			i,j: INTEGER
+			loc: STRING_8
+		do
+			create loc.make_from_string (location)
+
+			j := loc.last_index_of ('#', loc.count)
+			if j > 0 then
+				f := loc.substring (j, loc.count)
+				loc.keep_head (j - 1)
+			end
+			i := loc.index_of ('?', 1)
+			if i > 0 then
+				q := loc.substring (i + 1, loc.count)
+				loc.keep_head (i)
+			else
+				create q.make_empty
+			end
+
+			if not q.is_empty then
+				q.append_character ('&')
+			end
+
+			q.append (a_encoded_name)
+			if a_encoded_value /= Void then
+				q.append_character ('=')
+				q.append (a_encoded_value)
+			end
+
+			loc.append_character ('?')
+			loc.append (q)
+			if f /= Void then
+				loc.append (f)
+			end
+			location := loc
+		end
+
 feature -- Comparison
 
 	is_less alias "<" (other: like Current): BOOLEAN
@@ -134,6 +208,6 @@ feature -- Status report
 		end
 
 note
-	copyright: "2011-2015, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

library/model/src/user/cms_temp_user.e

@@ -0,0 +1,45 @@
+note
+	description: "User for temporary account."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_TEMP_USER
+
+inherit
+	CMS_USER
+
+create
+	make,
+	make_with_id
+
+feature -- Access
+
+	personal_information: detachable STRING_32
+			-- User personal information.
+
+	salt: detachable STRING_32
+			-- User's password salt.
+
+feature -- Element change
+
+	set_personal_information (a_personal_information: like personal_information)
+			-- Assign `personal_information' with `a_personal_information'.
+		do
+			personal_information := a_personal_information
+		ensure
+			personal_information_assigned: personal_information = a_personal_information
+		end
+
+	set_salt (a_salt: like salt)
+			-- Assign `salt' with `a_salt'.
+		do
+			salt := a_salt
+		ensure
+			salt_assigned: salt = a_salt
+		end
+
+note
+	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+end

library/model/src/user/cms_user.e

@@ -62,12 +62,9 @@ feature -- Access
 	hashed_password: detachable READABLE_STRING_8
 			-- Hashed user password.
 
-	email: detachable READABLE_STRING_32
+	email: detachable READABLE_STRING_8
 			-- User email.
 
-	profile: detachable CMS_USER_PROFILE
-			-- User profile.
-
 	creation_date: DATE_TIME
 			-- Creation date.
 
@@ -80,7 +77,6 @@ feature -- Access
 			--			active
 			--			trashed
 
-
 feature -- Access: helper
 
 	utf_8_name: STRING_8
@@ -190,26 +186,6 @@ feature -- Change element
 			email_set: email = a_email
 		end
 
-	set_profile (prof: like profile)
-			-- Set `profile' with `prof'.
-		do
-			profile := prof
-		ensure
-			profile_set: profile = prof
-		end
-
-	set_profile_item (k: READABLE_STRING_8; v: READABLE_STRING_8)
-		local
-			prof: like profile
-		do
-			prof := profile
-			if prof = Void then
-				create prof.make
-				profile := prof
-			end
-			prof.force (v, k)
-		end
-
 	set_last_login_date (dt: like last_login_date)
 		do
 			last_login_date := dt
@@ -285,7 +261,6 @@ feature -- Status change
 			status_set:  status = a_status
 		end
 
-
 feature -- User status
 
 	not_active: INTEGER = 0
@@ -302,6 +277,6 @@ invariant
 	id_or_name_set: id > 0 or else not name.is_whitespace
 
 note
-	copyright: "2011-2015, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

library/model/src/user/cms_user_profile.e

@@ -1,56 +0,0 @@
-note
-	description: "[
-				User profile used to extend information associated with a {CMS_USER}.
-			]"
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_USER_PROFILE
-
-inherit
-	TABLE_ITERABLE [READABLE_STRING_8, READABLE_STRING_GENERAL]
-
-create
-	make
-
-feature {NONE} -- Initialization
-
-	make
-			-- Create Current profile.
-		do
-			create items.make (0)
-		end
-
-feature -- Access
-
-	item (k: READABLE_STRING_GENERAL): detachable READABLE_STRING_8
-			-- Profile item associated with key `k'.
-		do
-			Result := items.item (k)
-		end
-
-feature -- Change
-
-	force (v: READABLE_STRING_8; k: READABLE_STRING_GENERAL)
-			-- Associated value `v' with key `k'.
-		do
-			items.force (v, k)
-		end
-
-feature -- Access
-
-	new_cursor: TABLE_ITERATION_CURSOR [READABLE_STRING_8, READABLE_STRING_GENERAL]
-			-- Fresh cursor associated with current structure
-		do
-			Result := items.new_cursor
-		end
-
-feature {NONE} -- Implementation				
-
-	items: STRING_TABLE [READABLE_STRING_8]
-
-;note
-	copyright: "2011-2014, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
-	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
-end

library/persistence/implementation/store/cms_storage_store_sql.e

@@ -152,6 +152,7 @@ feature -- Query
 			-- Retrieved value at `a_index' position in `item'.
 		local
 			l_item: like sql_item
+			i64: INTEGER_64
 		do
 			l_item := sql_item (a_index)
 			if attached {INTEGER_32} l_item as i then
@@ -159,7 +160,18 @@ feature -- Query
 			elseif attached {INTEGER_32_REF} l_item as l_value then
 				Result := l_value.item
 			else
-				check is_integer_32: False end
+				if attached {INTEGER_64} l_item as i then
+					i64 := i
+				elseif attached {INTEGER_64_REF} l_item as l_value then
+					i64 := l_value.item
+				else
+					check is_integer_32: False end
+				end
+				if i64 <= {INTEGER_32}.max_value then
+					Result := i64.to_integer_32
+				else
+					check is_integer_32: False end
+				end				
 			end
 		end
 

library/persistence/implementation/store/database/database_iteration_cursor.e

@@ -80,7 +80,7 @@ feature -- Cursor
 
 feature -- Action
 
-	action: FUNCTION [ANY, detachable TUPLE, G]
+	action: FUNCTION [DB_TUPLE, G]
 			-- Agent to create a new item of type G.
 
 feature {NONE} -- Implementation

library/persistence/mysql/scripts/core.sql

@@ -1,30 +0,0 @@
-BEGIN;
-
-CREATE TABLE `logs` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `category` VARCHAR(255) NOT NULL,
-  `level` int(11) NOT NULL,
-  `uid` int(11) DEFAULT NULL,
-  `message` text NOT NULL,
-  `info` text,
-  `link` text,
-  `date` datetime NOT NULL,
-  PRIMARY KEY (`id`)
-);
-
-CREATE TABLE   `custom_values`  (
-    `type`   VARCHAR(255) NOT NULL,
-    `name`   VARCHAR(255) NOT NULL,
-    `value`   VARCHAR(255) NOT NULL
-);
-
-CREATE TABLE `path_aliases` (
-  `pid` int(11) NOT NULL AUTO_INCREMENT,
-  `source` varchar(255) NOT NULL,
-  `alias` varchar(255) NOT NULL,
-  `lang` varchar(12) DEFAULT NULL,
-  PRIMARY KEY (`pid`)
-);
-
-COMMIT;
-

library/persistence/mysql/scripts/node.sql

@@ -1,24 +0,0 @@
-BEGIN;
-
-CREATE TABLE  nodes (
-   nid  INTEGER PRIMARY KEY  AUTO_INCREMENT NOT NULL CHECK( nid >=0),
-   revision  INTEGER,
-   type  TEXT NOT NULL,
-   title  VARCHAR(255) NOT NULL,
-   summary  TEXT,
-   content  MEDIUMTEXT NOT NULL,
-   format  VARCHAR(255),
-   author  INTEGER,
-   publish  DATETIME,
-   created  DATETIME NOT NULL,
-   changed  DATETIME NOT NULL,
-   status   INTEGER
-);
-
-CREATE TABLE page_nodes(
-   nid  INTEGER PRIMARY KEY  AUTO_INCREMENT NOT NULL CHECK( nid >=0),
-   revision  INTEGER,
-   parent  INTEGER
-);
-
-COMMIT;

library/persistence/mysql/scripts/user.sql

@@ -1,66 +0,0 @@
-BEGIN;
-
-CREATE TABLE `users` (
-  `uid` int(11) NOT NULL AUTO_INCREMENT,
-  `name` varchar(100) NOT NULL,
-  `password` varchar(100) NOT NULL,
-  `salt` varchar(100) NOT NULL,
-  `email` varchar(250) NOT NULL,
-  `status` int(11)  DEFAULT NULL,
-  `created` datetime NOT NULL,
-  `signed` datetime DEFAULT NULL,
-  CHECK (`uid` >= 0),
-  PRIMARY KEY (`uid`),
-  UNIQUE KEY `name` (`name`)
-);
-
-CREATE TABLE `roles` (
-  `rid` int(11) NOT NULL AUTO_INCREMENT,
-  `name` varchar(100) NOT NULL,
-  CHECK (`rid` >= 0),
-  PRIMARY KEY (`rid`),
-  UNIQUE KEY `name` (`name`)
-);
-
-
-CREATE TABLE `users_roles` (
-  `uid` int(11) NOT NULL,
-  `rid` int(11) NOT NULL,
-  CHECK (`uid` >= 0),
-  CHECK (`rid` >= 0)
-); 
-
-CREATE TABLE `role_permissions` (
-  `rid` int(11) NOT NULL,
-  `permission` varchar(255) NOT NULL,
-  `module` varchar(255) DEFAULT NULL,
-   CHECK (`rid` >= 0)
-);
-
-
-CREATE TABLE `users_activations` (
-  `aid` int(11) NOT NULL AUTO_INCREMENT,
-  `token` varchar(255) NOT NULL,
-  `uid` int(11) NOT NULL,
-  `created` datetime NOT NULL,
-   CHECK (`aid` >= 0),
-   CHECK (`uid` >= 0),
-   PRIMARY KEY (`aid`),
-   UNIQUE KEY `token` (`token`)
-);
-
-
-CREATE TABLE `users_password_recovery` (
-  `aid` int(11) NOT NULL AUTO_INCREMENT,
-  `token` varchar(255) NOT NULL,
-  `uid` int(11) NOT NULL,
-  `created` datetime NOT NULL,
-   CHECK (`aid` >= 0),
-   CHECK (`uid` >= 0),
-   PRIMARY KEY (`aid`),
-   UNIQUE KEY `token` (`token`)
-);
-
-
-
-COMMIT;

library/persistence/store_mysql/store_mysql-safe.ecf

@@ -1,8 +1,9 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="store_mysql" uuid="DC757CBD-D8C4-44D6-A07F-C1148D8D233E" library_target="store_mysql">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="store_mysql" uuid="DC757CBD-D8C4-44D6-A07F-C1148D8D233E" library_target="store_mysql">
+	<description>CMS Eiffel Store MySQL persistence solution</description>
 	<target name="store_mysql">
 		<root all_classes="true"/>
-		<option warning="true" void_safety="all">
+		<option warning="true" is_obsolete_routine_type="false" void_safety="all">
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
 		</option>
 		<setting name="console_application" value="true"/>
@@ -26,9 +27,9 @@
 		</cluster>
 		<cluster name="persistence_store_mysql" location=".\src\" recursive="true">
 			<file_rule>
-				<exclude>/EIFGENs$</exclude>
-				<exclude>/CVS$</exclude>
 				<exclude>/.svn$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/EIFGENs$</exclude>
 			</file_rule>
 		</cluster>
 	</target>

library/persistence/store_odbc/store_odbc-safe.ecf

@@ -1,8 +1,9 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="persistence_store_odbc" uuid="8FD9D3B3-5FC1-495F-A05D-0205EC966841" library_target="persistence_store_odbc">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="persistence_store_odbc" uuid="8FD9D3B3-5FC1-495F-A05D-0205EC966841" library_target="persistence_store_odbc">
 	<target name="persistence_store_odbc">
+		<description>CMS Eiffel Store ODBC persistence solution</description>
 		<root all_classes="true"/>
-		<option warning="true" void_safety="all">
+		<option warning="true" is_obsolete_routine_type="false" void_safety="all">
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
 		</option>
 		<setting name="console_application" value="true"/>
@@ -22,9 +23,9 @@
 		<cluster name="common" location="..\implementation\store\" recursive="true"/>
 		<cluster name="persistence_store_odbc" location=".\src\" recursive="true">
 			<file_rule>
-				<exclude>/EIFGENs$</exclude>
-				<exclude>/CVS$</exclude>
 				<exclude>/.svn$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/EIFGENs$</exclude>
 			</file_rule>
 		</cluster>
 	</target>

library/recaptcha/Readme.md

@@ -0,0 +1,4 @@
+Recaptcha Eiffel Lbrary
+
+Based on https://developers.google.com/recaptcha/
+

library/recaptcha/license.lic

@@ -0,0 +1,10 @@
+${NOTE_KEYWORD}
+	copyright: "2011-${YEAR} Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"

library/recaptcha/recaptcha-safe.ecf

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="recaptcha" uuid="2A966489-284A-48A0-91BC-31E84EA9C3B1" library_target="recaptcha">
+	<target name="recaptcha">
+		<root all_classes="true"/>
+		<file_rule>
+			<exclude>/.git$</exclude>
+			<exclude>/EIFGENs$</exclude>
+			<exclude>/CVS$</exclude>
+			<exclude>/.svn$</exclude>
+		</file_rule>
+		<option warning="true" is_obsolete_routine_type="true" void_safety="all">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
+		<library name="http_client_extension" location="..\http_client_extension\http_client_extension-safe.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
+		<cluster name="recaptcha" location=".\src\" recursive="true"/>
+	</target>
+</system>

library/recaptcha/recaptcha.ecf

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="recaptcha" uuid="2A966489-284A-48A0-91BC-31E84EA9C3B1" library_target="recaptcha">
+	<target name="recaptcha">
+		<root all_classes="true"/>
+			<file_rule>
+				<exclude>/.git$</exclude>
+				<exclude>/EIFGENs$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/.svn$</exclude>
+			</file_rule>
+		<option warning="true" void_safety="none">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
+		<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
+		<library name="http_client_extension" location="..\http_client_extension\http_client_extension.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
+		<cluster name="recaptcha" location=".\src\" recursive="true">
+		</cluster>
+	</target>
+</system>

library/recaptcha/src/recaptcha_api.e

@@ -0,0 +1,147 @@
+note
+	description: "[
+		Simple API to call {RECAPTCHA} Google API.
+		Example call:
+		https://www.google.com/recaptcha/api/siteverify?secret=your_secret&response=response_string&remoteip=user_ip_address
+	]"
+	date: "$Date: 2015-01-28 11:44:15 -0300 (mi. 28 de ene. de 2015) $"
+	revision: "$Revision: 96551 $"
+	EIS: "name=RECAPTCHA", "src=https://developers.google.com/recaptcha/", "protocol=uri"
+	EIS: "name=RECAPTCHA API verify", "src=https://developers.google.com/recaptcha/docs/verify", "protocol=uri"
+
+class
+	RECAPTCHA_API
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make (a_secret_key, a_response: READABLE_STRING_8)
+			-- Create an object Recaptcha with secret key `a_secret_key' and response token `a_response'.
+		do
+			secret := a_secret_key
+			response := a_response
+		ensure
+			secret_set: secret.same_string (a_secret_key)
+			response_set: response.same_string (a_response)
+		end
+
+feature -- Access
+
+	base_uri: STRING_8 = "https://www.google.com/recaptcha/api/siteverify"
+			-- Recaptcha base URI
+
+	secret: READABLE_STRING_8
+			-- Required. The shared key between your site and ReCAPTCHA.
+
+	response: READABLE_STRING_8
+			-- Required. The user response token provided by the reCAPTCHA to the user and provided to your site on.
+
+	remoteip: detachable READABLE_STRING_8
+			-- Optional. The user's IP address.
+
+feature -- Status Reports
+
+	errors: detachable LIST [READABLE_STRING_8]
+			-- optional table of error codes
+			-- missing-input-secret		The secret parameter is missing.
+			-- invalid-input-secret		The secret parameter is invalid or malformed.
+			-- missing-input-response	The response parameter is missing.
+			-- invalid-input-response	The response parameter is invalid or malformed.
+
+feature -- Change Element
+
+	set_remoteip (a_remoteip: READABLE_STRING_8)
+			-- Set `remoteip' with `a_remoteip'.
+		do
+			remoteip := a_remoteip
+		ensure
+			remoteip_set: remoteip = a_remoteip
+		end
+
+feature -- API
+
+	verify: BOOLEAN
+			-- Verify the user's response
+		local
+			l_parser: JSON_PARSER
+		do
+			if attached get as l_response then
+				if attached l_response.body as l_body then
+					create l_parser.make_with_string (l_body)
+					l_parser.parse_content
+					if
+						l_parser.is_parsed and then attached {JSON_OBJECT} l_parser.parsed_json_object as jv and then
+						attached {JSON_BOOLEAN} jv.item ("success") as l_success
+					then
+						Result := l_success.item
+						if not Result and then attached {JSON_ARRAY} jv.item ("error-codes") as l_error_codes then
+							across
+								l_error_codes as c
+							loop
+								if attached {JSON_STRING} c.item as ji then
+									put_error (ji.unescaped_string_32)
+								end
+							end
+						end
+					end
+				else
+					put_error (l_response.status.out)
+				end
+			else
+				put_error ("unknown")
+			end
+		end
+
+feature {NONE} -- REST API
+
+	get: detachable RESPONSE
+			-- Reading Data
+		local
+			l_request: REQUEST
+		do
+			create l_request.make ("GET", new_uri)
+			Result := l_request.execute
+		end
+
+feature {NONE} -- Implementation
+
+	new_uri: STRING_8
+			-- new uri (BaseUri?secret=secret_value&response=response_value[&remoteip=remoteip_value]
+		do
+			create Result.make_from_string (base_uri)
+			Result.append ("?secret=")
+			Result.append (secret)
+			Result.append ("&response=")
+			Result.append (response)
+			if attached remoteip as l_remoteip then
+				Result.append ("&remoteip=" + l_remoteip)
+			end
+		end
+
+	put_error (a_code: READABLE_STRING_GENERAL)
+		local
+			l_errors: like errors
+			utf: UTF_CONVERTER
+		do
+			l_errors := errors
+			if l_errors = Void then
+				create {ARRAYED_LIST [STRING]} l_errors.make (1)
+				errors := l_errors
+			end
+			l_errors.force (utf.utf_32_string_to_utf_8_string_8 (a_code))
+		end
+
+note
+	copyright: "2011-2015 Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"
+
+end

library/recaptcha/test/application.e

@@ -0,0 +1,61 @@
+note
+	description : "test application root class"
+	date        : "$Date: 2015-01-14 15:37:57 -0300 (mi. 14 de ene. de 2015) $"
+	revision    : "$Revision: 96458 $"
+
+class
+	APPLICATION
+
+inherit
+	ARGUMENTS
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make
+			-- Run application.
+		do
+			test_invalid_input
+			test_missing_input
+			test_missing_key_input
+		end
+
+
+	test_invalid_input
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","234")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+	test_missing_input
+			-- missing-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("key","")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+	test_missing_key_input
+			-- missing-input-response
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","")
+			l_captcha.set_remoteip("localhost")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+end

library/recaptcha/test/recaptcha_api_test_set.e

@@ -0,0 +1,69 @@
+note
+	description: "[
+		Eiffel tests that can be executed by testing tool.
+	]"
+	author: "EiffelStudio test wizard"
+	date: "$Date: 2015-01-14 15:37:57 -0300 (mi. 14 de ene. de 2015) $"
+	revision: "$Revision: 96458 $"
+	testing: "type/manual"
+
+class
+	RECAPTCHA_API_TEST_SET
+
+inherit
+	EQA_TEST_SET
+
+feature -- Test routines
+
+	test_invalid_input
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","234")
+			check
+				not_true:not l_captcha.verify
+			end
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error invalid-input-response",has_error (l_captcha,"invalid-input-response"))
+		end
+
+	test_missing_input
+			-- missing-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("key","")
+			check
+				not_true:not l_captcha.verify
+			end
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error missing-input-response",has_error (l_captcha,"missing-input-response"))
+		end
+
+	test_missing_key_input
+			-- missing-input-response
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","")
+			l_captcha.set_remoteip("localhost")
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error missing-input-response",has_error (l_captcha,"missing-input-response"))
+			assert ("Has error invalid-input-response",has_error (l_captcha,"invalid-input-response"))
+		end
+
+feature {NONE} -- Implementation
+
+	has_error (l_captcha: RECAPTCHA_API; a_error: READABLE_STRING_32): BOOLEAN
+		do
+			if attached l_captcha.errors as l_errors then
+				l_errors.compare_objects
+				Result := l_errors.has (a_error)
+			end
+		end
+
+end
+
+

library/recaptcha/test/test.ecf

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="test" uuid="CE9FCE69-EE0A-4028-AA02-BD9F8ABA7586">
+	<target name="test">
+		<root class="APPLICATION" feature="make"/>
+		<option warning="true" void_safety="transitional">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<precompile name="base_pre" location="$ISE_PRECOMP\base-safe.ecf"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
+		<library name="recaptcha" location="..\recaptcha-safe.ecf" readonly="false"/>
+		<library name="testing" location="$ISE_LIBRARY\library\testing\testing-safe.ecf"/>
+		<cluster name="test" location=".\" recursive="true">
+			<file_rule>
+				<exclude>/EIFGENs$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/.svn$</exclude>
+			</file_rule>
+		</cluster>
+	</target>
+</system>

modules/admin/cms_admin_module.e

@@ -9,7 +9,7 @@ class
 inherit
 	CMS_MODULE
 		redefine
-			register_hooks,
+			setup_hooks,
 			permissions
 		end
 
@@ -47,6 +47,8 @@ feature -- Access: router
 	configure_web (a_api: CMS_API; a_router: WSF_ROUTER)
 		local
 			l_admin_handler: CMS_ADMIN_HANDLER
+
+			l_modules_handler: CMS_ADMIN_MODULES_HANDLER
 			l_users_handler: CMS_ADMIN_USERS_HANDLER
 			l_roles_handler: CMS_ADMIN_ROLES_HANDLER
 
@@ -62,6 +64,10 @@ feature -- Access: router
 			create l_uri_mapping.make_trailing_slash_ignored ("/admin", l_admin_handler)
 			a_router.map (l_uri_mapping, a_router.methods_get_post)
 
+			create l_modules_handler.make (a_api)
+			create l_uri_mapping.make_trailing_slash_ignored ("/admin/modules", l_modules_handler)
+			a_router.map (l_uri_mapping, a_router.methods_get_post)
+
 			create l_users_handler.make (a_api)
 			create l_uri_mapping.make_trailing_slash_ignored ("/admin/users", l_users_handler)
 			a_router.map (l_uri_mapping, a_router.methods_get_post)
@@ -110,11 +116,11 @@ feature -- Security
 
 feature -- Hooks
 
-	register_hooks (a_response: CMS_RESPONSE)
+	setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER)
 			-- <Precursor>
 		do
-			a_response.hooks.subscribe_to_menu_system_alter_hook (Current)
-			a_response.hooks.subscribe_to_response_alter_hook (Current)
+			a_hooks.subscribe_to_menu_system_alter_hook (Current)
+			a_hooks.subscribe_to_response_alter_hook (Current)
 		end
 
 	response_alter (a_response: CMS_RESPONSE)
@@ -134,7 +140,13 @@ feature -- Hooks
 				create lnk.make ("Admin", "admin")
 				lnk.set_permission_arguments (<<"manage " + {CMS_ADMIN_MODULE}.name>>)
 				a_menu_system.management_menu.extend (lnk)
+
 			end
+
+			create lnk.make ("Module", "admin/modules")
+			lnk.set_permission_arguments (<<"manage module">>)
+			a_menu_system.management_menu.extend (lnk)
+
 				-- Per module cache permission!
 			create lnk.make ("Cache", "admin/cache")
 			a_menu_system.management_menu.extend (lnk)

modules/admin/handler/cms_admin_cache_handler.e

@@ -44,7 +44,7 @@ feature -- Execution
 			create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
 			f := clear_cache_web_form (l_response)
 			create s.make_empty
-			f.append_to_html (create {CMS_TO_WSF_THEME}.make (l_response, l_response.theme), s)
+			f.append_to_html (l_response.wsf_theme, s)
 			l_response.set_main_content (s)
 			l_response.execute
 		end
@@ -63,14 +63,14 @@ feature -- Execution
 				fd.is_valid
 			then
 				if attached fd.string_item ("op") as l_op and then l_op.same_string (text_clear_all_caches) then
-					l_response.hooks.invoke_clear_cache (Void, l_response)
+					api.hooks.invoke_clear_cache (Void, l_response)
 					l_response.add_notice_message ("Caches cleared (if allowed)!")
 				else
 					fd.report_error ("Invalid form data!")
 				end
 			end
 			create s.make_empty
-			f.append_to_html (create {CMS_TO_WSF_THEME}.make (l_response, l_response.theme), s)
+			f.append_to_html (l_response.wsf_theme, s)
 			l_response.set_main_content (s)
 			l_response.execute
 		end

modules/admin/handler/cms_admin_export_handler.e

@@ -44,7 +44,7 @@ feature -- Execution
 			create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
 			f := exportation_web_form (l_response)
 			create s.make_empty
-			f.append_to_html (create {CMS_TO_WSF_THEME}.make (l_response, l_response.theme), s)
+			f.append_to_html (l_response.wsf_theme, s)
 			l_response.set_main_content (s)
 			l_response.execute
 		end
@@ -69,8 +69,7 @@ feature -- Execution
 					else
 						create l_exportation_parameters.make (api.site_location.extended ("export").extended ((create {DATE_TIME}.make_now_utc).formatted_out ("yyyy-[0]mm-[0]dd---hh24-[0]mi-[0]ss")))
 					end
-
-					l_response.hooks.invoke_export_to (Void, l_exportation_parameters, l_response)
+					api.hooks.invoke_export_to (Void, l_exportation_parameters, l_response)
 					l_response.add_notice_message ("All data exported (if allowed)!")
 					create s.make_empty
 					across
@@ -86,7 +85,7 @@ feature -- Execution
 				end
 			end
 			create s.make_empty
-			f.append_to_html (create {CMS_TO_WSF_THEME}.make (l_response, l_response.theme), s)
+			f.append_to_html (l_response.wsf_theme, s)
 			l_response.set_main_content (s)
 			l_response.execute
 		end

modules/admin/handler/cms_admin_modules_handler.e

@@ -0,0 +1,320 @@
+note
+	description: "[
+			Administrate modules.
+		]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_ADMIN_MODULES_HANDLER
+
+inherit
+	CMS_HANDLER
+
+	WSF_URI_HANDLER
+		rename
+			new_mapping as new_uri_mapping
+		end
+
+	WSF_RESOURCE_HANDLER_HELPER
+		redefine
+			do_get, do_post
+		end
+
+	REFACTORING_HELPER
+
+	CMS_SETUP_ACCESS
+
+	CMS_ACCESS
+
+create
+	make
+
+feature -- Execution
+
+	execute (req: WSF_REQUEST; res: WSF_RESPONSE)
+			-- Execute request handler
+		do
+			execute_methods (req, res)
+		end
+
+	do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
+		local
+			r: CMS_RESPONSE
+			s: STRING
+			f: CMS_FORM
+			l_denied: BOOLEAN
+		do
+			if
+				attached {WSF_STRING} req.query_parameter ("op") as l_op and then l_op.same_string ("uninstall") and then
+				attached {WSF_TABLE} req.query_parameter ("module_uninstallation") as tb
+			then
+				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if attached api.setup.string_8_item ("admin.installation_access") as l_access then
+					if l_access.is_case_insensitive_equal ("none") then
+						l_denied := True
+					elseif l_access.is_case_insensitive_equal ("permission") then
+						l_denied := not r.has_permission ("install modules")
+					end
+				else
+					l_denied := True
+				end
+				if l_denied then
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.set_main_content ("You do not have permission to access CMS module uninstallation procedure!")
+				else
+					create s.make_empty
+					across
+						tb as ic
+					loop
+						if attached api.setup.modules.item_by_name (ic.item.string_representation) as l_module then
+							if api.is_module_installed (l_module) then
+								api.uninstall_module (l_module)
+								if api.is_module_installed (l_module) then
+									s.append ("<p>ERROR: Module " + l_module.name + " failed to be uninstalled!</p>")
+								else
+									s.append ("<p>Module " + l_module.name + " was successfully uninstalled.</p>")
+								end
+							else
+								s.append ("<p>Module " + l_module.name + " is not installed.</p>")
+							end
+						end
+					end
+					s.append (r.link ("Back to modules management", r.location, Void))
+					r.set_main_content (s)
+				end
+				r.execute
+			else
+				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				f := modules_collection_web_form (r)
+				create s.make_empty
+				f.append_to_html (r.wsf_theme, s)
+				r.set_page_title ("Modules")
+				r.set_main_content (s)
+				r.execute
+			end
+		end
+
+	do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
+		local
+			r: CMS_RESPONSE
+			s: STRING
+			f: CMS_FORM
+			l_denied: BOOLEAN
+		do
+			if attached {WSF_STRING} req.item ("op") as l_op then
+				if l_op.same_string ("Install modules") then
+					create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+
+					if attached api.setup.string_8_item ("admin.installation_access") as l_access then
+						if l_access.is_case_insensitive_equal ("none") then
+							l_denied := True
+						elseif l_access.is_case_insensitive_equal ("permission") then
+							l_denied := not r.has_permission ("install modules")
+						end
+					else
+						l_denied := True
+					end
+					if l_denied then
+						create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+						r.set_main_content ("You do not have permission to access CMS module installation procedure!")
+					else
+						f := modules_collection_web_form (r)
+						if l_op.same_string ("Install modules") then
+							f.submit_actions.extend (agent on_installation_submit)
+							f.process (r)
+						elseif l_op.same_string ("uninstall") then
+							f.submit_actions.extend (agent on_uninstallation_submit)
+							f.process (r)
+						end
+						if
+							not attached f.last_data as l_data or else
+							not l_data.is_valid
+						then
+							r.add_error_message ("Error occurred.")
+							create s.make_empty
+							f.append_to_html (r.wsf_theme, s)
+							r.set_page_title ("Modules")
+							r.set_main_content (s)
+						else
+							r.add_notice_message ("Operation on module(s) succeeded.")
+							r.set_redirection (r.location)
+						end
+					end
+					r.execute
+				else
+					create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
+				end
+			else
+				do_get (req, res)
+			end
+		end
+
+	modules_collection_web_form (a_response: CMS_RESPONSE): CMS_FORM
+		local
+			mod: CMS_MODULE
+			f_cb: WSF_FORM_CHECKBOX_INPUT
+			w_tb: WSF_WIDGET_TABLE
+			w_row: WSF_WIDGET_TABLE_ROW
+			w_item: WSF_WIDGET_TABLE_ITEM
+			w_submit: WSF_FORM_SUBMIT_INPUT
+			w_set: WSF_FORM_FIELD_SET
+
+			l_mods_to_install: ARRAYED_LIST [CMS_MODULE]
+		do
+			create Result.make (a_response.url (a_response.location, Void), "modules_collection")
+			create w_tb.make
+			w_tb.add_css_class ("modules_table")
+			create w_row.make (5)
+			create w_item.make_with_text ("Enabled ")
+			w_row.add_item (w_item)
+			create w_item.make_with_text ("Module")
+			w_row.add_item (w_item)
+			create w_item.make_with_text ("Version")
+			w_row.add_item (w_item)
+			create w_item.make_with_text ("Description")
+			w_row.add_item (w_item)
+			w_tb.add_head_row (w_row)
+
+			create l_mods_to_install.make (0)
+			across
+				a_response.api.setup.modules as ic
+			loop
+				mod := ic.item
+				if not a_response.api.is_module_installed (mod) then
+					l_mods_to_install.extend (mod)
+				else
+					create w_row.make (5)
+					create f_cb.make ("module_" + mod.name)
+					f_cb.set_text_value (mod.name)
+					f_cb.set_checked (mod.is_enabled)
+					f_cb.set_is_readonly (True)
+					create w_item.make_with_content (f_cb)
+					w_row.add_item (w_item)
+
+					create w_item.make_with_text (mod.name)
+					w_row.add_item (w_item)
+
+					create w_item.make_with_text (mod.version)
+					w_row.add_item (w_item)
+
+					if attached mod.description as l_desc then
+						create w_item.make_with_text (l_desc)
+						w_row.add_item (w_item)
+					else
+						create w_item.make_with_text ("")
+						w_row.add_item (w_item)
+					end
+					create w_item.make_with_text (a_response.link ("Uninstall", a_response.location + "?op=uninstall&module_uninstallation[]=" + mod.name, Void))
+					w_row.add_item (w_item)
+
+					w_tb.add_row (w_row)
+				end
+			end
+			create w_set.make
+			w_set.set_legend ("Installed modules")
+			w_set.extend (w_tb)
+--			create w_submit.make ("op")
+--			w_submit.set_text_value ("Save")
+--			w_set.extend (w_submit)
+			Result.extend (w_set)
+
+			Result.extend_html_text ("<br/>")
+
+			if not l_mods_to_install.is_empty then
+				create w_tb.make
+				w_tb.add_css_class ("modules_table")
+				create w_row.make (3)
+				create w_item.make_with_text ("Install ")
+				w_row.add_item (w_item)
+				create w_item.make_with_text ("Module")
+				w_row.add_item (w_item)
+				create w_item.make_with_text ("Description")
+				w_row.add_item (w_item)
+				w_tb.add_head_row (w_row)
+				across
+					l_mods_to_install as ic
+				loop
+					mod := ic.item
+					create w_row.make (3)
+					create f_cb.make ("module_installation[" + mod.name + "]")
+					f_cb.set_text_value (mod.name)
+					create w_item.make_with_content (f_cb)
+					w_row.add_item (w_item)
+
+					create w_item.make_with_text (mod.name)
+					w_row.add_item (w_item)
+
+					if attached mod.description as l_desc then
+						create w_item.make_with_text (l_desc)
+						w_row.add_item (w_item)
+					else
+						create w_item.make_with_text ("")
+						w_row.add_item (w_item)
+					end
+					w_tb.add_row (w_row)
+				end
+				create w_set.make
+				w_set.set_legend ("Available modules for installation")
+				w_set.extend (w_tb)
+				create w_submit.make ("op")
+				w_submit.set_text_value ("Install modules")
+				w_set.extend (w_submit)
+				Result.extend (w_set)
+			end
+		end
+
+	on_installation_submit (fd: WSF_FORM_DATA)
+		local
+			l_mods: CMS_MODULE_COLLECTION
+		do
+			if attached {WSF_TABLE} fd.table_item ("module_installation") as tb and then not tb.is_empty then
+				l_mods := api.setup.modules
+				across
+					tb as ic
+				loop
+					if
+						attached {WSF_STRING} ic.item as l_mod_name and then
+						attached l_mods.item_by_name (l_mod_name.value) as m
+					then
+						api.install_module (m)
+						if not api.is_module_installed (m) then
+							fd.report_error ("Installation failed for module " + m.name)
+						end
+					else
+						fd.report_error ("Can not find associated module" + ic.item.as_string.url_encoded_value)
+					end
+				end
+			else
+				fd.report_error ("No module to install!")
+			end
+		end
+
+	on_uninstallation_submit (fd: WSF_FORM_DATA)
+		local
+			l_mods: CMS_MODULE_COLLECTION
+		do
+			if attached {WSF_TABLE} fd.table_item ("module_uninstallation") as tb and then not tb.is_empty then
+				l_mods := api.setup.modules
+				across
+					tb as ic
+				loop
+					if
+						attached {WSF_STRING} ic.item as l_mod_name and then
+						attached l_mods.item_by_name (l_mod_name.value) as m
+					then
+						api.uninstall_module (m)
+						if api.is_module_installed (m) then
+							fd.report_error ("Un-Installation failed for module " + m.name)
+						end
+					else
+						fd.report_error ("Can not find associated module" + ic.item.as_string.url_encoded_value)
+					end
+				end
+			else
+				fd.report_error ("No module to uninstall!")
+			end
+		end
+
+end

modules/admin/handler/cms_admin_response.e

@@ -8,30 +8,10 @@ class
 
 inherit
 	CMS_RESPONSE
-		redefine
-			make,
-			initialize
-		end
 
 create
 	make
 
-feature {NONE} -- Initialization
-
-	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
-		do
-			create {WSF_NULL_THEME} wsf_theme.make
-			Precursor (req, res, a_api)
-		end
-
-	initialize
-		do
-			Precursor
-			create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
-		end
-
-	wsf_theme: WSF_THEME
-
 feature -- Process
 
 	process

modules/admin/handler/role/cms_role_form_response.e

@@ -8,32 +8,12 @@ class
 
 inherit
 	CMS_RESPONSE
-		redefine
-			make,
-			initialize
-		end
 
 	CMS_SHARED_SORTING_UTILITIES
 
 create
 	make
 
-feature {NONE} -- Initialization
-
-	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
-		do
-			create {WSF_NULL_THEME} wsf_theme.make
-			Precursor (req, res, a_api)
-		end
-
-	initialize
-		do
-			Precursor
-			create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
-		end
-
-	wsf_theme: WSF_THEME
-
 feature -- Query
 
 	role_id_path_parameter (req: WSF_REQUEST): INTEGER_64
@@ -84,7 +64,7 @@ feature -- Process Edit
 		do
 			create b.make_empty
 			f := new_edit_form (a_role, url (request.percent_encoded_path_info, Void), "edit-user")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.validation_actions.extend (agent edit_form_validate(?,a_role, b))
 				f.submit_actions.extend (agent edit_form_submit(?, a_role, b))
@@ -117,7 +97,7 @@ feature -- Process Delete
 		do
 			create b.make_empty
 			f := new_delete_form (a_role, url (request.percent_encoded_path_info, Void), "edit-user")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.process (Current)
 				fd := f.last_data
@@ -149,7 +129,7 @@ feature -- Process New
 		do
 			create b.make_empty
 			f := new_edit_form (l_role, url (request.percent_encoded_path_info, Void), "create-role")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.validation_actions.extend (agent new_form_validate(?, b))
 				f.submit_actions.extend (agent edit_form_submit(?, l_role, b))

modules/admin/handler/role/cms_role_handler.e

@@ -166,7 +166,7 @@ feature -- Error
 	do_delete (req: WSF_REQUEST; res: WSF_RESPONSE)
 			-- <Precursor>
 		do
-			if attached current_user (req) as l_user then
+			if attached api.user as l_user then
 				if attached {WSF_STRING} req.path_parameter ("id") as l_id then
 					if
 						l_id.is_integer and then

modules/admin/handler/role/cms_role_view_response.e

@@ -8,31 +8,10 @@ class
 
 inherit
 	CMS_RESPONSE
-		redefine
-			make,
-			initialize
-		end
 
 create
 	make
 
-
-feature {NONE} -- Initialization
-
-	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api;)
-		do
-			create {WSF_NULL_THEME} wsf_theme.make
-			Precursor (req, res, a_api)
-		end
-
-	initialize
-		do
-			Precursor
-			create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
-		end
-
-	wsf_theme: WSF_THEME
-
 feature -- Query
 
 	role_id_path_parameter (req: WSF_REQUEST): INTEGER_64

modules/admin/handler/user/cms_user_form_response.e

@@ -7,32 +7,11 @@ class
 	CMS_USER_FORM_RESPONSE
 
 inherit
-
 	CMS_RESPONSE
-		redefine
-			make,
-			initialize
-		end
 
 create
 	make
 
-feature {NONE} -- Initialization
-
-	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
-		do
-			create {WSF_NULL_THEME} wsf_theme.make
-			Precursor (req, res, a_api)
-		end
-
-	initialize
-		do
-			Precursor
-			create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
-		end
-
-	wsf_theme: WSF_THEME
-
 feature -- Query
 
 	user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
@@ -86,7 +65,7 @@ feature -- Process Edit
 		do
 			create b.make_empty
 			f := new_edit_form (a_user, url (location, Void), "edit-user")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.submit_actions.extend (agent edit_form_submit (?, a_user, b))
 				f.process (Current)
@@ -118,7 +97,7 @@ feature -- Process Delete
 		do
 			create b.make_empty
 			f := new_delete_form (a_user, url (location, Void), "edit-user")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.process (Current)
 				fd := f.last_data
@@ -151,7 +130,7 @@ feature -- Process New
 		do
 			create b.make_empty
 			f := new_edit_form (l_user, url (location, Void), "create-user")
-			hooks.invoke_form_alter (f, fd, Current)
+			api.hooks.invoke_form_alter (f, fd, Current)
 			if request.is_post_request_method then
 				f.validation_actions.extend (agent new_form_validate (?, b))
 				f.submit_actions.extend (agent edit_form_submit (?, l_user, b))

modules/admin/handler/user/cms_user_handler.e

@@ -166,7 +166,7 @@ feature -- Error
 	do_delete (req: WSF_REQUEST; res: WSF_RESPONSE)
 			-- <Precursor>
 		do
-			if attached current_user (req) as l_user then
+			if attached api.user as l_user then
 				if attached {WSF_STRING} req.path_parameter ("id") as l_id then
 					if
 						l_id.is_integer and then

modules/admin/handler/user/cms_user_view_response.e

@@ -8,31 +8,10 @@ class
 
 inherit
 	CMS_RESPONSE
-		redefine
-			make,
-			initialize
-		end
 
 create
 	make
 
-
-feature {NONE} -- Initialization
-
-	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api;)
-		do
-			create {WSF_NULL_THEME} wsf_theme.make
-			Precursor (req, res, a_api)
-		end
-
-	initialize
-		do
-			Precursor
-			create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
-		end
-
-	wsf_theme: WSF_THEME
-
 feature -- Query
 
 	user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
@@ -94,7 +73,7 @@ feature -- Execution
 			s.append ("<div class=%"info%"> ")
 			s.append ("<h4>Account Information</h4>")
 			s.append ("<p>Username: ")
-			s.append (a_user.name)
+			s.append (html_encoded (a_user.name))
 			s.append ("</p>")
 			if attached a_user.email as l_email then
 				s.append ("<p>Email: ")
@@ -107,12 +86,13 @@ feature -- Execution
 			   	not l_roles.is_empty
 			then
 				s.append ("<h4>Role(s):</h4>")
+				s.append ("<ul class=%"user-roles%">")
 				across l_roles as ic loop
 					l_role := ic.item
-					s.append ("<i>")
+					s.append ("<li>")
 					s.append (link (l_role.name, "admin/role/" + l_role.id.out, Void))
-					s.append ("</i>")
-					debug
+					s.append ("</li>")
+					if request.query_parameter ("debug") /= Void then
 						s.append ("<h5>Permissions:</h5>")
 						s.append ("<ul class=%"cms-permissions%">%N")
 						across l_role.permissions as perms_ic loop
@@ -121,6 +101,7 @@ feature -- Execution
 						s.append ("</ul>%N")
 					end
 				end
+				s.append ("</ul>%N")
 			end
 
 			s.append ("</div>")

modules/auth/auth-safe.ecf

@@ -1,34 +1,31 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="auth_module" uuid="AAB9EE7D-A671-4727-8658-D417A48B2B57" library_target="auth_module">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="auth_module" uuid="AAB9EE7D-A671-4727-8658-D417A48B2B57" library_target="auth_module">
 	<target name="auth_module">
 		<root all_classes="true"/>
 		<file_rule>
 			<exclude>/.git$</exclude>
-			<exclude>/EIFGENs$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
-		<option warning="true" full_class_checking="true" is_attached_by_default="true" void_safety="all" syntax="standard">
+		<option warning="true" full_class_checking="true" is_attached_by_default="true" is_obsolete_routine_type="true" void_safety="all" syntax="standard">
 		</option>
+		<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
 		<library name="cms" location="..\..\cms-safe.ecf" readonly="false"/>
 		<library name="cms_app_env" location="..\..\library\app_env\app_env-safe.ecf" readonly="false"/>
 		<library name="cms_model" location="..\..\library\model\cms_model-safe.ecf" readonly="false"/>
 		<library name="config" location="..\..\library\configuration\config-safe.ecf"/>
+		<library name="cypress_consumer" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer-safe.ecf" readonly="false"/>
+		<library name="email_service" location="..\..\library\email\email-safe.ecf"/>
 		<library name="encoder" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\text\encoder\encoder-safe.ecf"/>
+		<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
 		<library name="http" location="$ISE_LIBRARY\contrib\library\network\protocol\http\http-safe.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
+		<library name="recaptcha" location="..\..\library\recaptcha\recaptcha-safe.ecf"/>
 		<library name="time" location="$ISE_LIBRARY\library\time\time-safe.ecf"/>
 		<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
 		<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
 		<library name="wsf_html" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf_html\wsf_html-safe.ecf" readonly="false"/>
-		<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
-
-		<library name="email_service" location="..\..\library\email\email-safe.ecf"/>
-
-		<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>	
-		<library name="cypress_consumer" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer-safe.ecf" readonly="false"/>
-		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
-
-
 		<cluster name="src" location=".\" recursive="true"/>
 	</target>
 </system>

modules/auth/cms_auth_api_i.e

@@ -0,0 +1,17 @@
+note
+	description: "[
+			Common interface for Auth module API.
+		]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_AUTH_API_I
+
+inherit
+	CMS_MODULE_API
+
+create
+	make
+
+end

modules/auth/cms_auth_filter_i.e

@@ -0,0 +1,44 @@
+note
+	description: "[
+				Processes a HTTP request, and depending on header, authenticate a current user or not.
+			]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+deferred class
+	CMS_AUTH_FILTER_I
+
+inherit
+	WSF_FILTER
+
+feature {NONE} -- Initialization
+
+	make (a_api: CMS_API)
+			-- Initialize Current handler with `a_api'.
+		do
+			api := a_api
+		end
+
+feature -- API Service
+
+	api: CMS_API
+
+feature -- Basic operations
+
+	execute (req: WSF_REQUEST; res: WSF_RESPONSE)
+			-- <Precursor>
+		deferred
+		end
+
+	auth_strategy: STRING
+		deferred
+		end
+
+	set_current_user (u: CMS_USER)
+		do
+			api.set_user (u)
+				-- Record auth strategy:
+			api.set_execution_variable ("auth_strategy", auth_strategy)
+		end
+
+end

modules/auth/cms_auth_module_i.e

@@ -0,0 +1,108 @@
+note
+	description: "Common ancestor for Authentication modules."
+	date: "$Date$"
+	revision: "$Revision$"
+
+deferred class
+	CMS_AUTH_MODULE_I
+
+inherit
+	CMS_MODULE
+		redefine
+			setup_hooks
+		end
+
+	CMS_HOOK_AUTO_REGISTER
+
+	CMS_HOOK_MENU_SYSTEM_ALTER
+
+	SHARED_LOGGER
+
+feature {NONE} -- Initialization
+
+	make
+		do
+			package := "authentication"
+			add_dependency ({CMS_AUTHENTICATION_MODULE})
+		end
+
+feature -- Access: auth strategy
+
+	login_title: READABLE_STRING_GENERAL
+			-- Module specific login title.
+		deferred
+		end
+
+	login_location: STRING
+			-- Login cms location for Current module.
+		deferred
+		end
+
+	logout_location: STRING
+			-- Logout cms location for Current module.
+		deferred
+		end
+
+	is_authenticating (a_response: CMS_RESPONSE): BOOLEAN
+			-- Is Current module strategy currently authenticating active user?
+		deferred
+		ensure
+			Result implies a_response.is_authenticated
+		end
+
+feature -- Hooks configuration
+
+	setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER)
+			-- Module hooks configuration.
+		do
+			auto_subscribe_to_hooks (a_hooks)
+			a_hooks.subscribe_to_menu_system_alter_hook (Current)
+		end
+
+feature -- Hooks
+
+	menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE)
+			-- <Precursor>
+		local
+			lnk: CMS_LOCAL_LINK
+			l_destination: READABLE_STRING_8
+		do
+			if attached {WSF_STRING} a_response.request.query_parameter ("destination") as p_destination then
+				l_destination := p_destination.value
+			else
+				l_destination := a_response.location
+			end
+			if is_authenticating (a_response) then
+
+			else
+				if a_response.location.starts_with ("account/auth/") then
+					create lnk.make (login_title, login_location)
+					if not l_destination.starts_with ("account/auth/") then
+						lnk.add_query_parameter ("destination", l_destination)
+					end
+					lnk.set_expandable (True)
+					a_response.add_to_primary_tabs (lnk)
+				end
+			end
+		end
+
+feature {NONE} -- Helpers
+
+	template_block (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE): detachable CMS_SMARTY_TEMPLATE_BLOCK
+			-- Smarty content block for `a_block_id'
+		local
+			p: detachable PATH
+		do
+			create p.make_from_string ("templates")
+			p := p.extended ("block_").appended (a_block_id).appended_with_extension ("tpl")
+			p := a_response.api.module_theme_resource_location (Current, p)
+			if p /= Void then
+				if attached p.entry as e then
+					create Result.make (a_block_id, Void, p.parent, e)
+				else
+					create Result.make (a_block_id, Void, p.parent, p)
+				end
+			end
+		end
+
+end

modules/auth/cms_authentication_email_service.e

@@ -0,0 +1,209 @@
+note
+	description: "Summary description for {CMS_AUTHENTICATION_EMAIL_SERVICE}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_AUTHENTICATION_EMAIL_SERVICE
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make (a_params: like parameters)
+			-- Create instance of email service with `a_params' data.
+		do
+			parameters := a_params
+			initialize
+		end
+
+	initialize
+			-- Initialize service.
+		do
+			create error_handler.make
+			reset_error
+		end
+
+feature -- Access
+
+	parameters: CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS
+			-- Associated parameters.
+
+	cms_api: CMS_API
+		do
+			Result := parameters.cms_api
+		end
+
+	contact_email_address: IMMUTABLE_STRING_8
+			-- contact email.
+		do
+			Result := parameters.contact_email_address
+		end
+
+	notif_email_address: IMMUTABLE_STRING_8
+			-- Site admin's email.
+		do
+			Result := parameters.notif_email_address
+		end
+
+	sender_email_address: IMMUTABLE_STRING_8
+			-- Site sender's email.
+		do
+			Result := parameters.sender_email_address
+		end
+
+feature -- Error
+
+	error_handler: ERROR_HANDLER
+
+	has_error: BOOLEAN
+		do
+			Result := error_handler.has_error
+		end
+
+	reset_error
+		do
+			error_handler.reset
+		end
+
+feature -- Basic Operations / Internal
+
+	send_internal_email (a_content: READABLE_STRING_GENERAL)
+		do
+			send_message (sender_email_address, notif_email_address, "Notification Contact", a_content)
+		end
+
+	send_email_internal_server_error (a_content: READABLE_STRING_GENERAL)
+		do
+			send_message (sender_email_address, notif_email_address, "Internal Server Error", a_content)
+		end
+
+feature -- Basic Operations / Contact
+
+	send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject, a_host: READABLE_STRING_8)
+			-- Send new user register to webmaster to confirm or reject itt.
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_evaluation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$user", a_user.utf_8_name)
+			if attached a_user.email as l_email then
+				l_message.replace_substring_all ("$email", l_email)
+			else
+				l_message.replace_substring_all ("$email", "unknown email")
+			end
+			l_message.replace_substring_all ("$application", a_application)
+			l_message.replace_substring_all ("$activation_url", a_url_activate)
+			l_message.replace_substring_all ("$rejection_url", a_url_reject)
+			send_message (contact_email_address, contact_email_address, parameters.contact_subject_account_evaluation, l_message)
+		end
+
+	send_contact_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_host: READABLE_STRING_8)
+			-- Send successful contact message for user `a_user' to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_activation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$user", a_user.utf_8_name)
+			send_message (contact_email_address, a_to, parameters.contact_subject_register, l_message)
+		end
+
+	send_contact_activation_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_link, a_host: READABLE_STRING_8)
+			-- Send successful message activation to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_re_activation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$link", a_link)
+			send_message (contact_email_address, a_to, parameters.contact_subject_activate, l_message)
+		end
+
+	send_contact_activation_confirmation_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_host: READABLE_STRING_8)
+			-- Send successful message activation to a_to.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_activation_confirmation)
+			l_message.replace_substring_all ("$hot", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$user", a_user.utf_8_name)
+			l_message.replace_substring_all ("$email", a_to)
+			send_message (contact_email_address, a_to, parameters.contact_subject_activated, l_message)
+		end
+
+	send_contact_activation_reject_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_host: READABLE_STRING_8)
+			-- Send successful contact activation reject message to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_rejected)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$email", a_to)
+			l_message.replace_substring_all ("$user", a_user.utf_8_name)
+			send_message (contact_email_address, a_to, parameters.contact_subject_rejected, l_message)
+		end
+
+	send_contact_password_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_link, a_host: READABLE_STRING_8)
+			-- Send successful new account password message to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_password)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$link", a_link)
+			send_message (contact_email_address, a_to, parameters.contact_subject_password, l_message)
+		end
+
+	send_contact_welcome_email (a_to: READABLE_STRING_8; a_user: CMS_USER; a_host: READABLE_STRING_8)
+			-- Send successful welcome message to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_welcome)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.utf_8_site_name)
+			l_message.replace_substring_all ("$email", a_to)
+			l_message.replace_substring_all ("$user", a_user.utf_8_name)
+			send_message (contact_email_address, a_to, parameters.contact_subject_oauth, l_message)
+		end
+
+feature {NONE} -- Implementation
+
+	send_message (a_from_address, a_to_address: READABLE_STRING_8; a_subjet: READABLE_STRING_GENERAL; a_content: READABLE_STRING_GENERAL)
+		local
+			l_email: CMS_EMAIL
+			utf: UTF_CONVERTER
+		do
+			reset_error
+			l_email := cms_api.new_email (a_to_address, utf.escaped_utf_32_string_to_utf_8_string_8 (a_subjet), utf.escaped_utf_32_string_to_utf_8_string_8 (a_content))
+			l_email.set_from_address (a_from_address)
+			l_email.add_header_line ("MIME-Version:1.0")
+			l_email.add_header_line ("Content-Type: text/html; charset=utf-8")
+			cms_api.process_email (l_email)
+			if cms_api.has_error then
+				error_handler.add_custom_error (-1, generator + "send_message failed", cms_api.string_representation_of_errors)
+			end
+		end
+
+end

modules/auth/cms_authentication_email_service_parameters.e

@@ -6,9 +6,6 @@ note
 class
 	CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS
 
-inherit
-	EMAIL_SERVICE_PARAMETERS
-
 create
 	make
 
@@ -17,25 +14,21 @@ feature {NONE} -- Initialization
 	make (a_cms_api: CMS_API)
 		local
 			utf: UTF_CONVERTER
-			l_site_name: READABLE_STRING_8
 			s: detachable READABLE_STRING_32
+			l_utf8_site_name: IMMUTABLE_STRING_8
 			l_contact_email, l_subject_register, l_subject_activate, l_subject_password, l_subject_oauth: detachable READABLE_STRING_8
 		do
 			cms_api := a_cms_api
-				-- Use global smtp setting if any, otherwise "localhost"
-			smtp_server := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.text_item_or_default ("smtp", "localhost"))
-			l_site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name)
-			admin_email := a_cms_api.setup.site_email
+			create l_utf8_site_name.make_from_string (a_cms_api.setup.utf_8_site_name)
+			utf_8_site_name := l_utf8_site_name
+			notif_email_address := a_cms_api.setup.site_notification_email
+			sender_email_address := a_cms_api.setup.site_email
 
-			if not admin_email.has ('<') then
-				admin_email := l_site_name + " <" + admin_email +">"
+			if not notif_email_address.has ('<') then
+				notif_email_address := l_utf8_site_name + " <" + notif_email_address + ">"
 			end
 
-			if attached {CONFIG_READER} a_cms_api.module_configuration_by_name ({CMS_AUTHENTICATION_MODULE}.name, Void) as cfg then
-				if attached cfg.text_item ("smtp") as l_smtp then
-						-- Overwrite global smtp setting if any.
-					smtp_server := utf.utf_32_string_to_utf_8_string_8 (l_smtp)
-				end
+			if attached a_cms_api.module_configuration_by_name ({CMS_AUTHENTICATION_MODULE}.name, Void) as cfg then
 				s := cfg.text_item ("email")
 				if s /= Void then
 					l_contact_email := utf.utf_32_string_to_utf_8_string_8 (s)
@@ -56,16 +49,15 @@ feature {NONE} -- Initialization
 				if s /= Void then
 					l_subject_oauth := utf.utf_32_string_to_utf_8_string_8 (s)
 				end
+			end
+			if l_contact_email = Void then
+				l_contact_email := notif_email_address
+			end
+			if not l_contact_email.has ('<') then
+				l_contact_email := l_utf8_site_name + " <" + l_contact_email + ">"
+			end
+			contact_email_address := l_contact_email
 
-			end
-			if l_contact_email /= Void then
-				if not l_contact_email.has ('<') then
-					l_contact_email := l_site_name + " <" + l_contact_email + ">"
-				end
-				contact_email := l_contact_email
-			else
-				contact_email := admin_email
-			end
 			if l_subject_register /= Void then
 				contact_subject_register := l_subject_register
 			else
@@ -88,23 +80,40 @@ feature {NONE} -- Initialization
 				contact_subject_oauth := "Welcome."
 			end
 
+			contact_subject_account_evaluation := "New register, account evalution."
+			contact_subject_rejected := "Your account was rejected."
+			contact_subject_activated := "Your account was activated."
 		end
 
+
+
 feature	-- Access
 
 	cms_api: CMS_API
 
-	smtp_server: IMMUTABLE_STRING_8
+	notif_email_address: IMMUTABLE_STRING_8
 
-	admin_email: IMMUTABLE_STRING_8
+	sender_email_address: IMMUTABLE_STRING_8
 
-	contact_email: IMMUTABLE_STRING_8
+	contact_email_address: IMMUTABLE_STRING_8
 			-- Contact email.
 
+	utf_8_site_name: IMMUTABLE_STRING_8
+			-- UTF-8 encoded Site name.
+
+	contact_subject_account_evaluation: IMMUTABLE_STRING_8
 	contact_subject_register: IMMUTABLE_STRING_8
 	contact_subject_activate: IMMUTABLE_STRING_8
 	contact_subject_password: IMMUTABLE_STRING_8
 	contact_subject_oauth: IMMUTABLE_STRING_8
+	contact_subject_rejected: IMMUTABLE_STRING_8
+	contact_subject_activated: IMMUTABLE_STRING_8
+
+	account_evaluation: STRING
+			-- Account evaluation template email message.
+		do
+			Result := template_string ("admin_account_evaluation.html", default_template_account_evaluation)
+		end
 
 	account_activation: STRING
 			-- Account activation template email message.
@@ -112,10 +121,22 @@ feature	-- Access
 			Result := template_string ("account_activation.html", default_template_account_activation)
 		end
 
+	account_activation_confirmation: STRING
+			-- Account activation confirmation template email message.
+		do
+			Result := template_string ("account_activation_confirmation.html", default_template_account_activation_confirmation)
+		end
+
 	account_re_activation: STRING
 			-- Account re_activation template email message.
 		do
-			Result := template_string ("accunt_re_activation.html", default_template_account_re_activation)
+			Result := template_string ("account_re_activation.html", default_template_account_re_activation)
+		end
+
+	account_rejected: STRING
+			-- Account rejected template email message.
+		do
+			Result := template_string ("account_rejected.html", default_template_account_rejected)
 		end
 
 	account_password: STRING
@@ -146,7 +167,7 @@ feature {NONE} -- Implementation: Template
 		local
 			p: PATH
 		do
-			p := template_path ("account_activation.html")
+			p := template_path (a_name)
 			if attached read_template_file (p) as l_content then
 				Result := l_content
 			else
@@ -177,6 +198,36 @@ feature {NONE} -- Implementation
 
 feature {NONE} -- Message email
 
+	default_template_account_evaluation: STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>Account Evaluation</title>
+		  <meta name="description" content="Account Evaluation">
+		  <meta name="author" content="$sitename">
+		</head>
+
+		<body>
+		    <h2> Account Evaluation </h2>
+			<p>The user $user ($email) wants to register to the site  <a href="$host">$sitename</a></p>
+
+			<blockquote><p>This is his/her application.</p>
+  				<p>$application</p>
+			</blockquote>
+
+			<p>To complete the registration, please click on the following link to activate the user account:<p>
+
+			<p><a href="$activation_url">$activation_url</a></p>
+
+			<p>To reject the registration, please click on the following link <p>
+
+			<p><a href="$rejection_url">$rejection_url</a></p>
+		</body>
+		</html>
+	]"
+
+
 	default_template_account_activation: STRING = "[
 		<!doctype html>
 		<html lang="en">
@@ -184,21 +235,53 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Activation</title>
 		  <meta name="description" content="Activation">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>Thank you for registering at <a href="...">ROC CMS</a></p>
+			<p>Thank you for applying to  <a href="$host">$sitename</a> $user</p>
 
-			<p>To complete your registration, please click on the following link to activate your account:<p>
-
-			<p><a href="$link">$link</a></p>
+			<p>We will review your application and send you an email<p>
 			<p>Thank you for joining us.</p>
 		</body>
 		</html>
 	]"
 
 
+	default_template_account_activation_confirmation: STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>Activation</title>
+		  <meta name="description" content="Activation Confirmation">
+		  <meta name="author" content="$sitename">
+		</head>
+
+		<body>
+			<p>Your account has been confirmed  <a href="$host">$sitename</a> $email</p>
+
+			<p>Thank you for joining us.</p>
+		</body>
+		</html>
+	]"
+
+	default_template_account_rejected:  STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>Application Rejected</title>
+		  <meta name="description" content="Application Rejected">
+		  <meta name="author" content="$sitename">
+		</head>
+
+		<body>
+			<p>Your account application is rejected, it does not conform our rules <a href="$host">$sitename</a></p>
+		</body>
+		</html>
+	]"
+
 	default_template_account_re_activation: STRING = "[
 		<!doctype html>
 		<html lang="en">
@@ -206,11 +289,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>New Activation</title>
 		  <meta name="description" content="New Activation token">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>You have requested a new activation token at <a href="...">ROC CMS</a></p>
+			<p>You have requested a new activation token at <a href="$host">$sitename</a></p>
 
 			<p>To complete your registration, please click on the following link to activate your account:<p>
 
@@ -229,11 +312,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>New Password</title>
 		  <meta name="description" content="New Password">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>You have required a new password at <a href="...">ROC CMS</a></p>
+			<p>You have requested a new password at <a href="$host">$sitename</a></p>
 
 			<p>To complete your request, please click on this link to generate a new password:<p>
 
@@ -250,11 +333,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Welcome</title>
 		  <meta name="description" content="Welcome">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>Welcome to<a href="...">ROC CMS</a></p>
+			<p>Welcome to <a href="$host">$sitename</a>.</p>
 			<p>Thank you for joining us.</p>
 		</body>
 		</html>

modules/auth/cms_authenticaton_email_service.e

@@ -1,88 +0,0 @@
-note
-	description: "Summary description for {CMS_AUTHENTICATON_EMAIL_SERVICE}."
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_AUTHENTICATON_EMAIL_SERVICE
-
-inherit
-	EMAIL_SERVICE
-		redefine
-			initialize,
-			parameters
-		end
-
-create
-	make
-
-feature {NONE} -- Initialization	
-
-	initialize
-		do
-			Precursor
-			contact_email := parameters.contact_email
-		end
-
-	parameters: CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS
-			-- Associated parameters.		
-
-feature -- Access		
-
-	contact_email: IMMUTABLE_STRING_8
-			-- contact email.
-
-feature -- Basic Operations
-
-	send_contact_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
-		require
-			attached_to: a_to /= Void
-		local
-			l_message: STRING
-		do
-			create l_message.make_from_string (parameters.account_activation)
-			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_register, l_message)
-		end
-
-
-	send_contact_activation_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
-		require
-			attached_to: a_to /= Void
-		local
-			l_message: STRING
-		do
-			create l_message.make_from_string (parameters.account_re_activation)
-			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_activate, l_message)
-		end
-
-
-	send_contact_password_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
-		require
-			attached_to: a_to /= Void
-		local
-			l_message: STRING
-		do
-			create l_message.make_from_string (parameters.account_password)
-			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_password, l_message)
-		end
-
-	send_contact_welcome_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
-		require
-			attached_to: a_to /= Void
-		local
-			l_message: STRING
-		do
-			create l_message.make_from_string (parameters.account_welcome)
-			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_oauth, l_message)
-		end
-
-
-end

modules/auth/site/config/auth.json

@@ -0,0 +1,7 @@
+{
+	"subject": "Thank you for contacting us",
+	"recaptcha": {
+		"site_key":"6Lex9RMTAAAAAKleC4x6TaRlFcpLbEWgH_U7MSiD",
+		"secret_key":"6Lex9RMTAAAAAAkBczvX5DUiyg_xoM_EthVVgRRx"
+	}	
+}

modules/auth/site/files/css/auth.css

@@ -0,0 +1,28 @@
+ul.cms-temp-users {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc;
+}
+ul.cms-temp-users li {
+  border-top: dotted 1px #ccc;
+}
+ul.cms-temp-users li:first-child {
+  border-top: none;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li {
+  border-top: dotted 1px #ccc;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child {
+  border-top: none;
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before {
+  content: "[personal information] ";
+}
+ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before {
+  content: "[email] ";
+}

modules/auth/site/files/scss/auth.scss

@@ -0,0 +1,37 @@
+ul.cms-temp-users {
+	
+	list-style-type: none;
+	padding: 3px 3px 3px 3px;
+	border: solid 1px #ccc;
+
+	li{
+		border-top: dotted 1px #ccc;
+		&:first-child {
+			border-top: none;
+		}
+	}
+
+	li.cms_temp_user {
+
+		ul.cms_temp_user_details {
+			list-style-type: none;
+			padding: 3px 3px 3px 3px;
+			border: solid 1px #ccc;
+			
+			li{
+				border-top: dotted 1px #ccc;
+				&:first-child {
+					border-top: none;
+				}
+			}
+			li.cms_temp_user_detail_information::before{
+				content: "[personal information] "
+			}
+			li.cms_temp_user_detail_email::before{
+				content: "[email] "
+			}
+		}		
+	}
+}
+
+

modules/auth/site/mail_templates/account_activation.html

@@ -4,15 +4,10 @@
 	  <meta charset="utf-8">
 	  <title>Activation</title>
 	  <meta name="description" content="Activation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>Thank you for registering at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
-		<p>Thank you for joining us.</p>
+		<p>"$user ($email)", thank you for applying to <a href="$host">$sitename</a>.</p>
+		<p>We will review your application and send you a resolution.<p>
 	</body>
 </html>

modules/auth/site/mail_templates/account_activation_confirmation.html

@@ -0,0 +1,13 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>Activation Confirmation</title>
+	  <meta name="description" content="Activation Confirmation">
+	  <meta name="author" content="$sitename">
+	</head>
+	<body>
+		<p>Your account "$user ($email)" is confirmed at <a href="$host">$sitename</a>.</p>
+		<p>Thank you for joining us.</p>
+	</body>
+</html>

modules/auth/site/mail_templates/account_new_password.html

@@ -4,14 +4,12 @@
 	  <meta charset="utf-8">
 	  <title>New Password</title>
 	  <meta name="description" content="New Password">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>You have required a new password at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your request, please click on this link to genereate a new password:<p>
-
-		<p><a href="$link">$link</a></p>
+		<p>You have requested a new password at <a href="$host">$sitename</a>.</p>
+		<p>To complete your request, please click on the following link to generate a new password:
+			<ul><a href="$link">$link</a></ul>
+		</p>
 	</body>
 </html>

modules/auth/site/mail_templates/account_re_activation.html

@@ -4,15 +4,14 @@
 	  <meta charset="utf-8">
 	  <title>New Activation</title>
 	  <meta name="description" content="New Activation token">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
-
 	<body>
-		<p>You have request a new activation token at <a href="$host">ROC CMS</a></p>
+		<p>You have requested a new activation token at <a href="$host">$sitename</a>.</p>
 
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
+		<p>To complete your registration, please click on the following link to re-activate your account:
+		<ul><a href="$link">$link</a></ul>
+		</p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>