/**
* Get HTML component select all users
*
* @return string HTML component select
*/
function credit_html_select_user()
{
global $user_config;
if (auth_isadmin()) {
$admins = user_getallwithstatus(2);
$users = user_getallwithstatus(3);
}
$subusers = user_getsubuserbyuid($user_config['uid']);
if (count($admins) > 0) {
$option_user .= '<optgroup label="' . _('Administrators') . '">';
foreach ($admins as $admin) {
$option_user .= '<option value="' . $admin['uid'] . '">' . $admin['name'] . ' (' . $admin['username'] . ') - ' . _('Administrator') . '</option>';
}
$option_user .= '</optgroup>';
}
if (count($users) > 0) {
$option_user .= '<optgroup label="' . _('Users') . '">';
foreach ($users as $user) {
$option_user .= '<option value="' . $user['uid'] . '">' . $user['name'] . ' (' . $user['username'] . ') - ' . _('User') . '</option>';
}
$option_user .= '</optgroup>';
}
if (count($subusers) > 0) {
$option_user .= '<optgroup label="' . _('Subusers') . '">';
foreach ($subusers as $subuser) {
$option_user .= '<option value="' . $subuser['uid'] . '">' . $subuser['name'] . ' (' . $subuser['username'] . ') - ' . _('Subuser') . '</option>';
}
$option_user .= '</optgroup>';
}
$select_user = '******' . $option_user . '</select>';
return $select_user;
}
function siteexport_add_page_export(&$event)
{
global $ID;
if ($this->getConf('allowallusers') || auth_isadmin() || auth_ismanager()) {
$event->data['items'][] = '<li>' . tpl_link(wl($ID, array('do' => 'siteexport_addpage')), '<span>Export Page</span>', 'class="action siteexport_addpage" title="Add page"', 1) . '</li>';
}
}
/**
* Create the detail info for a single plugin
*
* @param Doku_Event $event
* @param $param
*/
public function info(Doku_Event &$event, $param)
{
global $USERINFO;
global $INPUT;
if ($event->data != 'plugin_extension') {
return;
}
$event->preventDefault();
$event->stopPropagation();
if (empty($_SERVER['REMOTE_USER']) || !auth_isadmin($_SERVER['REMOTE_USER'], $USERINFO['grps'])) {
http_status(403);
echo 'Forbidden';
exit;
}
header('Content-Type: text/html; charset=utf-8');
$ext = $INPUT->str('ext');
if (!$ext) {
echo 'no extension given';
return;
}
/** @var helper_plugin_extension_extension $extension */
$extension = plugin_load('helper', 'extension_extension');
$extension->setExtension($ext);
/** @var helper_plugin_extension_list $list */
$list = plugin_load('helper', 'extension_list');
echo $list->make_info($extension);
}
/**
* Injects the necessary trackingcodes for piwik tracking (v2.x) into DOM
* like specified in the plugin manager fields
*/
function piwik_code()
{
global $conf;
if (isset($conf['plugin']['piwik2']['js_tracking_code'])
|| (isset($conf['plugin']['piwik2']['img_tracking_code']))
) {
// Config does not contain keys if they are default;
// so check whether they are set & to non-default value
// default 0, so check if it's not set or 0
if (!isset($conf['plugin']['piwik2']['track_admin_user']) || $conf['plugin']['piwik2']['track_admin_user'] == 0) {
if (isset($_SERVER['REMOTE_USER']) && auth_isadmin()) { return; }
}
// default 1, so check if it's set and 0
if (isset($conf['plugin']['piwik2']['track_user']) && $conf['plugin']['piwik2']['track_user'] == 0) {
if (isset($_SERVER['REMOTE_USER'])) { return; }
}
//changes made by Marcel Lange (info@bravehartk2.de)
$trackingCode = (isset($conf['plugin']['piwik2']['js_tracking_code']))? $conf['plugin']['piwik2']['js_tracking_code'] : '';
if(isset($conf['plugin']['piwik2']['use_img_tracking']) && $conf['plugin']['piwik2']['use_img_tracking'] == 1 && isset($conf['plugin']['piwik2']['img_tracking_code'])){
$trackingCode = $conf['plugin']['piwik2']['img_tracking_code'];
}
ptln($trackingCode);
} else {
// Show configuration tip for admin
if (isset($_SERVER['REMOTE_USER']) && auth_isadmin()) {
msg('Please configure the piwik2 plugin');
}
}
}
public function doDownload($filename)
{
if (!auth_isadmin()) {
throw new Exception('you must have AUTH_ADMIN permissions to download backup');
}
Backup::downloadFile($filename);
}
/**
* Remove an entry from ACL config
*
* @param string $scope
* @param string $user
* @throws RemoteAccessDeniedException
* @return bool
*/
public function delAcl($scope, $user)
{
if (!auth_isadmin()) {
throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
}
/** @var admin_plugin_acl $apa */
$apa = plugin_load('admin', 'acl');
return $apa->_acl_del($scope, $user);
}
/**
* Adds the preview parameter to the stylesheet loading in non-js mode
*
* @param Doku_Event $event event object by reference
* @param mixed $param [the parameters passed as fifth argument to register_hook() when this
* handler was registered]
* @return void
*/
public function handle_header(Doku_Event &$event, $param)
{
global $ACT;
global $INPUT;
if ($ACT != 'admin' || $INPUT->str('page') != 'styling') {
return;
}
if (!auth_isadmin()) {
return;
}
// set preview
$len = count($event->data['link']);
for ($i = 0; $i < $len; $i++) {
if ($event->data['link'][$i]['rel'] == 'stylesheet' && strpos($event->data['link'][$i]['href'], 'lib/exe/css.php') !== false) {
$event->data['link'][$i]['href'] .= '&preview=1&tseed=' . time();
}
}
}
/**
* Create the detail info for a single plugin
*
* @param Doku_Event $event
* @param $param
*/
public function info(Doku_Event &$event, $param)
{
global $USERINFO;
global $INPUT;
if ($event->data != 'plugin_extension') {
return;
}
$event->preventDefault();
$event->stopPropagation();
if (empty($_SERVER['REMOTE_USER']) || !auth_isadmin($_SERVER['REMOTE_USER'], $USERINFO['grps'])) {
http_status(403);
echo 'Forbidden';
exit;
}
$ext = $INPUT->str('ext');
if (!$ext) {
http_status(400);
echo 'no extension given';
return;
}
/** @var helper_plugin_extension_extension $extension */
$extension = plugin_load('helper', 'extension_extension');
$extension->setExtension($ext);
$act = $INPUT->str('act');
switch ($act) {
case 'enable':
case 'disable':
$json = new JSON();
$extension->{$act}();
//enables/disables
$reverse = $act == 'disable' ? 'enable' : 'disable';
$return = array('state' => $act . 'd', 'reverse' => $reverse, 'label' => $extension->getLang('btn_' . $reverse));
header('Content-Type: application/json');
echo $json->encode($return);
break;
case 'info':
default:
/** @var helper_plugin_extension_list $list */
$list = plugin_load('helper', 'extension_list');
header('Content-Type: text/html; charset=utf-8');
echo $list->make_info($extension);
}
}
/**
* AJAX call handler for ACL plugin
*
* @param Doku_Event $event event object by reference
* @param mixed $param empty
* @return void
*/
public function handle_ajax_call_acl(Doku_Event &$event, $param)
{
if ($event->data !== 'plugin_acl') {
return;
}
$event->stopPropagation();
$event->preventDefault();
global $ID;
global $INPUT;
if (!auth_isadmin()) {
echo 'for admins only';
return;
}
if (!checkSecurityToken()) {
echo 'CRSF Attack';
return;
}
$ID = getID();
/** @var $acl admin_plugin_acl */
$acl = plugin_load('admin', 'acl');
$acl->handle();
$ajax = $INPUT->str('ajax');
header('Content-Type: text/html; charset=utf-8');
if ($ajax == 'info') {
$acl->_html_info();
} elseif ($ajax == 'tree') {
$ns = $INPUT->str('ns');
if ($ns == '*') {
$ns = '';
}
$ns = cleanID($ns);
$lvl = count(explode(':', $ns));
$ns = utf8_encodeFN(str_replace(':', '/', $ns));
$data = $acl->_get_tree($ns, $ns);
foreach (array_keys($data) as $item) {
$data[$item]['level'] = $lvl + 1;
}
echo html_buildlist($data, 'acl', array($acl, '_html_list_acl'), array($acl, '_html_li_acl'));
}
}
<?php
defined('_SECURE_') or die('Forbidden');
// sms_command bin path should be secured from unwanted access
$plugin_config['sms_command']['bin'] = '/var/lib/playsms/sms_command';
// set to TRUE will allow regular users in playSMS to access this feature
// since 1.0 by default its FALSE (read: https://github.com/antonraharja/playSMS/pull/146)
$plugin_config['sms_command']['allow_user_access'] = FALSE;
if (auth_isadmin() || $plugin_config['sms_command']['allow_user_access']) {
// insert to left menu array
$menutab = $core_config['menutab']['features'];
$menu_config[$menutab][] = array("index.php?app=main&inc=feature_sms_command&op=sms_command_list", _('Manage command'));
}
}
header("Location: " . _u('index.php?app=main&inc=core_sender_id&op=sender_id_edit&id=' . $_REQUEST['id']));
exit;
break;
case "toggle_status":
$search = array('id' => $_REQUEST['id'], 'registry_family' => 'sender_id');
foreach (registry_search_record($search) as $row) {
$status = $row['registry_value'] == 0 ? 1 : 0;
$items[$row['registry_key']] = $status;
registry_update($row['uid'], 'features', 'sender_id', $items);
}
$_SESSION['dialog']['info'][] = ($status == 1 ? _('Sender ID is now approved') : _('Sender ID is now disabled')) . ' (' . _('Sender ID') . ': ' . $row['registry_key'] . ')';
header("Location: " . _u('index.php?app=main&inc=core_sender_id&op=sender_id_list'));
exit;
break;
case "sender_id_delete":
$nav = themes_nav_session();
$search = themes_search_session();
$ref = $nav['url'] . '&search_keyword=' . $search['keyword'] . '&page=' . $nav['page'] . '&nav=' . $nav['nav'];
$uid = auth_isadmin() && $data_sender_id[0]['uid'] ? $data_sender_id[0]['uid'] : $user_config['uid'];
registry_remove($uid, 'features', 'sender_id', $data_sender_id[0]['registry_key']);
registry_remove($uid, 'features', 'sender_id_description', $data_sender_id[0]['registry_key']);
$default_sender_id = sender_id_default_get($uid);
if (strtoupper($data_sender_id[0]['registry_key']) == strtoupper($default_sender_id)) {
sender_id_default_set($data_sender_id[0]['uid'], '');
}
$_SESSION['dialog']['info'][] = _('Sender ID has been removed') . ' (' . _('Sender ID') . ': ' . $data_sender_id[0]['registry_key'] . ')';
header("Location: " . _u($ref));
exit;
break;
}
/**
* Update sender ID
*
* @param integer $uid
* User ID
* @param string $sender_id
* Sender ID
* @param string $sender_id_description
* Sender ID description
* @param integer $isdefault
* Flag 1 for default sender ID
* @param integer $isapproved
* Flag 1 for approved sender ID
* @return boolean TRUE when new sender ID has been updated
*/
function sender_id_update($uid, $sender_id, $sender_id_description = '', $isdefault = '_', $isapproved = '_')
{
global $user_config;
if (sender_id_check($uid, $sender_id)) {
$default = '_';
if ($isdefault !== '_') {
$default = (int) $isdefault ? 1 : 0;
}
if ($isapproved !== '_') {
if (auth_isadmin()) {
$approved = (int) $isapproved ? 1 : 0;
$data_sender_id = array($sender_id => $approved);
}
}
$sender_id_description = trim($sender_id_description) ? trim($sender_id_description) : $sender_id;
$data_description = array($sender_id => $sender_id_description);
$uid = auth_isadmin() && $uid ? $uid : $user_config['uid'];
if ($uid) {
if ($data_sender_id) {
registry_update($uid, 'features', 'sender_id', $data_sender_id);
}
registry_update($uid, 'features', 'sender_id_desc', $data_description);
} else {
// unknown error
return FALSE;
}
// set default
if ($default !== '_') {
if (auth_isadmin() && $default && $approved) {
// set default if isadmin, default and approved
sender_id_default_set($uid, $sender_id);
} else {
// set to empty (remove default)
sender_id_default_set($uid, '');
}
}
return TRUE;
} else {
// not found
return FALSE;
}
}
$keywords = $search['dba_keywords'];
$count = dba_count(_DB_PREF_ . '_tblUser', $conditions, $keywords);
$nav = themes_nav($count, "index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list");
$extras = array('ORDER BY' => 'register_datetime DESC, username', 'LIMIT' => $nav['limit'], 'OFFSET' => $nav['offset']);
$list = dba_search(_DB_PREF_ . '_tblUser', '*', $conditions, $keywords, $extras);
if ($err = $_SESSION['error_string']) {
$content = "<div class=error_string>{$err}</div>";
}
$content .= "\n\t\t\t<h2>" . _('Manage subuser') . "</h2>\n\t\t\t<h3>" . _('List of subusers') . "</h3>\n\t\t\t<p>" . $search['form'] . "</p>\t\t\t\n\t\t\t<div class=actions_box>\n\t\t\t\t<div class=pull-left>\n\t\t\t\t\t<a href=\"" . _u('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_add') . "\">" . $icon_config['add'] . "</a>\n\t\t\t\t</div>\n\t\t\t\t<div class=pull-right>\n\t\t\t\t</div>\n\t\t\t</div>\n\t\t\t<div class=table-responsive>\n\t\t\t<table class=playsms-table-list>\n\t\t\t<thead><tr>\n\t\t\t\t<th width='20%'>" . _('Registered') . "</th>\n\t\t\t\t<th width='15%'>" . _('Username') . "</th>\n\t\t\t\t<th width='20%'>" . _('Name') . "</th>\n\t\t\t\t<th width='15%'>" . _('Mobile') . "</th>\n\t\t\t\t<th width='15%'>" . _('Credit') . "</th>\n\t\t\t\t<th width='15%'>" . _('Action') . "</th>\n\t\t\t</tr></thead>\n\t\t\t<tbody>";
$j = $nav['top'];
for ($i = 0; $i < count($list); $i++) {
$action = "";
// login as
if ($list[$i]['uid'] != $user_config['uid']) {
$main_config = $core_config['main'];
if (!$main_config['disable_login_as'] || auth_isadmin()) {
$action = "<a href=\"" . _u('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=login_as&uname=' . $list[$i]['username']) . "\">" . $icon_config['login_as'] . "</a>";
}
}
// subuser preferences
$action .= "<a href=\"" . _u('index.php?app=main&inc=core_user&route=user_pref&op=user_pref&uname=' . $list[$i]['username']) . "\">" . $icon_config['user_pref'] . "</a>";
// subuser configurations
$action .= "<a href=\"" . _u('index.php?app=main&inc=core_user&route=user_config&op=user_config&uname=' . $list[$i]['username']) . "\">" . $icon_config['user_config'] . "</a>";
if ($list[$i]['uid'] != '1' || $list[$i]['uid'] != $user_config['uid']) {
if (user_banned_get($list[$i]['uid'])) {
// unban
$action .= "<a href=\"javascript: ConfirmURL('" . addslashes(_("Are you sure you want to unban subuser")) . " " . $list[$i]['username'] . " ?','" . _u('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_unban&uname=' . $list[$i]['username']) . "')\">" . $icon_config['unban'] . "</a>";
$banned_icon = $icon_config['ban'];
} else {
// ban
$action .= "<a href=\"javascript: ConfirmURL('" . addslashes(_("Are you sure you want to ban subuser")) . " " . $list[$i]['username'] . " ?','" . _u('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_ban&uname=' . $list[$i]['username']) . "')\">" . $icon_config['ban'] . "</a>";
/**
* Returns the maximum rights a user has for
* the given ID or its namespace
*
* @author Andreas Gohr <*****@*****.**>
*
* @param string $id page ID
* @param string $user Username
* @param array $groups Array of groups the user is in
* @return int permission level
*/
function auth_aclcheck($id, $user, $groups)
{
global $conf;
global $AUTH_ACL;
// if no ACL is used always return upload rights
if (!$conf['useacl']) {
return AUTH_UPLOAD;
}
//make sure groups is an array
if (!is_array($groups)) {
$groups = array();
}
//if user is superuser or in superusergroup return 255 (acl_admin)
if (auth_isadmin($user, $groups)) {
return AUTH_ADMIN;
}
$user = auth_nameencode($user);
//prepend groups with @ and nameencode
$cnt = count($groups);
for ($i = 0; $i < $cnt; $i++) {
$groups[$i] = '@' . auth_nameencode($groups[$i]);
}
$ns = getNS($id);
$perm = -1;
if ($user || count($groups)) {
//add ALL group
$groups[] = '@ALL';
//add User
if ($user) {
$groups[] = $user;
}
//build regexp
$regexp = join('|', $groups);
} else {
$regexp = '@ALL';
}
//check exact match first
$matches = preg_grep('/^' . preg_quote($id, '/') . '\\s+(' . $regexp . ')\\s+/', $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/\\s+/', $match);
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
if ($perm > -1) {
//we had a match - return it
return $perm;
}
}
//still here? do the namespace checks
if ($ns) {
$path = $ns . ':\\*';
} else {
$path = '\\*';
//root document
}
do {
$matches = preg_grep('/^' . $path . '\\s+(' . $regexp . ')\\s+/', $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/\\s+/', $match);
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
//we had a match - return it
return $perm;
}
//get next higher namespace
$ns = getNS($ns);
if ($path != '\\*') {
$path = $ns . ':\\*';
if ($path == ':\\*') {
$path = '\\*';
}
} else {
//we did this already
//looks like there is something wrong with the ACL
//break here
msg('No ACL setup yet! Denying access to everyone.');
return AUTH_NONE;
}
} while (1);
//this should never loop endless
//still here? return no permissions
return AUTH_NONE;
}
/**
* Checks if current user is authorized according to given rule.
*
* The rule is a comma-separated list of usernames and groups (after
* preceeding @ character), e.g.
*
* admin,@user
*
* authorizing user admin and every user in group "user".
*
* @param string $rule rule describing authorizations
* @return boolean true if current user is authorized, false otherwise
*/
protected function isAuthorized($rule)
{
global $USERINFO;
if (auth_isadmin()) {
return true;
}
if ($rule) {
$granted = true;
foreach (explode(',', $rule) as $role) {
$role = trim($role);
if ($role === '') {
continue;
}
if (!strcasecmp($role, '@ALL')) {
return true;
}
if (!strcasecmp($role, '@NONE')) {
return false;
}
if ($_SERVER['REMOTE_USER']) {
if ($role[0] == '!') {
$role = substr($role, 1);
$match = false;
} else {
$match = true;
}
if ($role[0] == '@') {
if (in_array(substr($role, 1), $USERINFO['grps'])) {
if ($match && $granted) {
return true;
}
if (!$match) {
$granted = false;
}
}
} else {
if ($role == $_SERVER['REMOTE_USER']) {
if ($match && $granted) {
return true;
}
if (!$match) {
$granted = false;
}
}
}
}
}
}
return false;
}
function phonebook_hook_phonebook_search_user($uid, $keyword = "", $count = 0, $exact = FALSE)
{
$ret = array();
$keywords = $keyword;
$fields = 'username, name, mobile, email';
if ((int) $count) {
$extras = 'LIMIT ' . (int) $count;
}
$users = user_search($keywords, $fields, $extras, $exact);
foreach ($users as $user) {
if ($name = phonebook_number2name($uid, $user['mobile'])) {
$user['name'] = $name . '/' . $user['name'];
}
if (auth_isadmin()) {
$ret[] = $user;
} else {
if ($name) {
$ret[] = $user;
}
}
}
return $ret;
}
function themes_select_users_single($select_field_name, $selected_value = '', $tag_params = array(), $css_id = '', $css_class = '')
{
global $user_config;
$ret = '';
if (core_themes_get()) {
$ret = core_hook(core_themes_get(), 'themes_select_users_single', array($select_field_name, $selected_value, $tag_params, $css_id, $css_class));
}
if (!$ret) {
if (!is_array($selected_value)) {
$selected_value = array($selected_value);
}
if (auth_isadmin()) {
$admins = user_getallwithstatus(2);
$users = user_getallwithstatus(3);
}
$subusers = user_getsubuserbyuid($user_config['uid']);
$option_user .= '<option value="0">' . _('Select users') . '</option>';
if (count($admins) > 0) {
$option_user .= '<optgroup label="' . _('Administrators') . '">';
foreach ($admins as $admin) {
$selected = '';
foreach ($selected_value as $sv) {
if ($admin['uid'] == $sv) {
$selected = 'selected';
break;
}
}
$option_user .= '<option value="' . $admin['uid'] . '" ' . $selected . '>' . $admin['name'] . ' (' . $admin['username'] . ') - ' . _('Administrator') . '</option>';
}
$option_user .= '</optgroup>';
}
if (count($users) > 0) {
$option_user .= '<optgroup label="' . _('Users') . '">';
foreach ($users as $user) {
$selected = '';
foreach ($selected_value as $sv) {
if ($user['uid'] == $sv) {
$selected = 'selected';
break;
}
}
$option_user .= '<option value="' . $user['uid'] . '" ' . $selected . '>' . $user['name'] . ' (' . $user['username'] . ') - ' . _('User') . '</option>';
}
$option_user .= '</optgroup>';
}
if (count($subusers) > 0) {
$option_user .= '<optgroup label="' . _('Subusers') . '">';
foreach ($subusers as $subuser) {
$selected = '';
foreach ($selected_value as $sv) {
if ($subuser['uid'] == $sv) {
$selected = 'selected';
break;
}
}
$option_user .= '<option value="' . $subuser['uid'] . '"' . $selected . '>' . $subuser['name'] . ' (' . $subuser['username'] . ') - ' . _('Subuser') . '</option>';
}
$option_user .= '</optgroup>';
}
$css_id = trim($css_id) ? trim($css_id) : 'playsms-select-users-single-' . core_sanitize_alphanumeric($select_field_name);
if (is_array($tag_params)) {
foreach ($tag_params as $key => $val) {
$params .= ' ' . $key . '="' . $val . '"';
}
}
$placeholder = $tag_params['placeholder'] ? $tag_params['placeholder'] : _('Select users');
$width = $tag_params['width'] ? $tag_params['width'] : 'resolve';
$js = '
<script language="javascript" type="text/javascript">
$(document).ready(function() {
$("#' . $css_id . '").select2({
placeholder: "' . $placeholder . '",
width: "' . $width . '",
separator: [\',\'],
tokenSeparators: [\',\'],
});
});
</script>
';
$ret = $js . PHP_EOL . '<select name="' . $select_field_name . '" id="' . $css_id . '" class="playsms-select ' . $css_class . '" ' . $params . '>' . $option_user . '</select>';
return $ret;
}
}
$show_personal_information = FALSE;
}
// get country option
$option_country = "<option value=\"0\">--" . _('Please select') . "--</option>\n";
$result = country_search();
for ($i = 0; $i < count($result); $i++) {
$country_id = $result[$i]['country_id'];
$country_name = $result[$i]['country_name'];
$selected = "";
if ($country_id == $country) {
$selected = "selected";
}
$option_country .= "<option value=\"{$country_id}\" {$selected}>{$country_name}</option>\n";
}
// admin or users
if ($uname && (auth_isadmin() || $is_parent)) {
$form_title = _('Manage account');
if ($is_parent) {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete subuser ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_del" . $url_uname . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list');
} else {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete user ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=user_mgmnt&op=user_del" . $url_uname . "&view=" . $view . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=user_mgmnt&op=user_list&view=' . $view);
}
} else {
$form_title = _('Preferences');
}
// error string
if ($err = TRUE) {
$error_content = _dialog();
}
/**
* Checks if the current user may edit data in this schema
*
* @return bool
*/
public function isEditable()
{
global $USERINFO;
if ($this->editors == '') {
return true;
}
if (blank($_SERVER['REMOTE_USER'])) {
return false;
}
if (auth_isadmin()) {
return true;
}
return auth_isMember($this->editors, $_SERVER['REMOTE_USER'], $USERINFO['grps']);
}
/**
* default ACL check method
*
* DO NOT CALL DIRECTLY, use auth_aclcheck() instead
*
* @author Andreas Gohr <*****@*****.**>
* @param array $data event data
* @return int permission level
*/
function auth_aclcheck_cb($data)
{
$id =& $data['id'];
$user =& $data['user'];
$groups =& $data['groups'];
global $conf;
global $AUTH_ACL;
/* @var DokuWiki_Auth_Plugin $auth */
global $auth;
// if no ACL is used always return upload rights
if (!$conf['useacl']) {
return AUTH_UPLOAD;
}
if (!$auth) {
return AUTH_NONE;
}
//make sure groups is an array
if (!is_array($groups)) {
$groups = array();
}
//if user is superuser or in superusergroup return 255 (acl_admin)
if (auth_isadmin($user, $groups)) {
return AUTH_ADMIN;
}
if (!$auth->isCaseSensitive()) {
$user = utf8_strtolower($user);
$groups = array_map('utf8_strtolower', $groups);
}
$user = $auth->cleanUser($user);
$groups = array_map(array($auth, 'cleanGroup'), (array) $groups);
$user = auth_nameencode($user);
//prepend groups with @ and nameencode
$cnt = count($groups);
for ($i = 0; $i < $cnt; $i++) {
$groups[$i] = '@' . auth_nameencode($groups[$i]);
}
$ns = getNS($id);
$perm = -1;
if ($user || count($groups)) {
//add ALL group
$groups[] = '@ALL';
//add User
if ($user) {
$groups[] = $user;
}
} else {
$groups[] = '@ALL';
}
//check exact match first
$matches = preg_grep('/^' . preg_quote($id, '/') . '[ \\t]+([^ \\t]+)[ \\t]+/', $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/[ \\t]+/', $match);
if (!$auth->isCaseSensitive() && $acl[1] !== '@ALL') {
$acl[1] = utf8_strtolower($acl[1]);
}
if (!in_array($acl[1], $groups)) {
continue;
}
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
if ($perm > -1) {
//we had a match - return it
return (int) $perm;
}
}
//still here? do the namespace checks
if ($ns) {
$path = $ns . ':*';
} else {
$path = '*';
//root document
}
do {
$matches = preg_grep('/^' . preg_quote($path, '/') . '[ \\t]+([^ \\t]+)[ \\t]+/', $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/[ \\t]+/', $match);
if (!$auth->isCaseSensitive() && $acl[1] !== '@ALL') {
$acl[1] = utf8_strtolower($acl[1]);
}
if (!in_array($acl[1], $groups)) {
continue;
}
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
//we had a match - return it
if ($perm != -1) {
return (int) $perm;
}
}
//get next higher namespace
$ns = getNS($ns);
if ($path != '*') {
$path = $ns . ':*';
if ($path == ':*') {
$path = '*';
}
} else {
//we did this already
//looks like there is something wrong with the ACL
//break here
msg('No ACL setup yet! Denying access to everyone.');
return AUTH_NONE;
}
} while (1);
//this should never loop endless
return AUTH_NONE;
}
<?php
defined('_SECURE_') or die('Forbidden');
if (auth_isadmin()) {
$menutab = $core_config['menutab']['settings'];
$menu_config[$menutab][] = array('index.php?app=main&inc=feature_outgoing&op=outgoing_list', _('Route outgoing SMS'), 2);
}
/**
* Delete existing user
*
* @param integer $uid
* User ID
* @return array $ret('error_string', 'status')
*/
function user_remove($uid, $forced = FALSE)
{
global $user_config;
$ret['error_string'] = _('Unknown error has occurred');
$ret['status'] = FALSE;
if ($forced || auth_isadmin() || $user_config['status'] == 3) {
if ($username = user_uid2username($uid)) {
if (!($uid == 1)) {
if ($uid == $user_config['uid']) {
$ret['error_string'] = _('Currently logged in user is immune to deletion');
} else {
$subusers = user_getsubuserbyuid($uid);
if (count($subusers) > 0) {
$ret['error_string'] = _('Unable to delete this user until all subusers under this user have been removed');
return $ret;
}
if ($user_config['status'] == 3) {
$parent_uid = user_getparentbyuid($uid);
if ($parent_uid != $user_config['uid']) {
$ret['error_string'] = _('Unable to delete other users');
return $ret;
}
}
if (dba_update(_DB_PREF_ . '_tblUser', array('c_timestamp' => mktime(), 'flag_deleted' => 1), array('flag_deleted' => 0, 'uid' => $uid))) {
user_banned_remove($uid);
_log('user removed u:' . $username . ' uid:' . $uid, 2, 'user_remove');
$ret['error_string'] = _('Account has been removed') . " (" . _('username') . ": " . $username . ")";
$ret['status'] = TRUE;
}
}
} else {
$ret['error_string'] = _('User is immune to deletion') . " (" . _('username') . ": " . $username . ")";
}
} else {
$ret['error_string'] = _('User does not exist');
}
} else {
$ret['error_string'] = _('User deletion unavailable');
}
return $ret;
}
private function oauth_isadmin()
{
/*{{{*/
if (auth_isadmin() || $this->getConf('manager_admin') && auth_ismanager()) {
return true;
}
return false;
}
/**
* Returns the maximum rights a user has for
* the given ID or its namespace
*
* @author Andreas Gohr <*****@*****.**>
*
* @param string $id page ID (needs to be resolved and cleaned)
* @param string $user Username
* @param array|null $groups Array of groups the user is in
* @return int permission level
*/
function auth_aclcheck($id, $user, $groups)
{
global $conf;
global $AUTH_ACL;
/* @var auth_basic $auth */
global $auth;
// for PART-DB
return !$conf['useacl'] && file_exists(DOKU_INC . '../../data/ENABLE-DOKUWIKI-WRITE-PERMS.txt') ? AUTH_ADMIN : AUTH_READ;
// if no ACL is used always return upload rights
if (!$conf['useacl']) {
return AUTH_UPLOAD;
}
if (!$auth) {
return AUTH_NONE;
}
//make sure groups is an array
if (!is_array($groups)) {
$groups = array();
}
//if user is superuser or in superusergroup return 255 (acl_admin)
if (auth_isadmin($user, $groups)) {
return AUTH_ADMIN;
}
$ci = '';
if (!$auth->isCaseSensitive()) {
$ci = 'ui';
}
$user = $auth->cleanUser($user);
$groups = array_map(array($auth, 'cleanGroup'), (array) $groups);
$user = auth_nameencode($user);
//prepend groups with @ and nameencode
$cnt = count($groups);
for ($i = 0; $i < $cnt; $i++) {
$groups[$i] = '@' . auth_nameencode($groups[$i]);
}
$ns = getNS($id);
$perm = -1;
if ($user || count($groups)) {
//add ALL group
$groups[] = '@ALL';
//add User
if ($user) {
$groups[] = $user;
}
} else {
$groups[] = '@ALL';
}
//check exact match first
$matches = preg_grep('/^' . preg_quote($id, '/') . '\\s+(\\S+)\\s+/' . $ci, $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/\\s+/', $match);
if (!in_array($acl[1], $groups)) {
continue;
}
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
if ($perm > -1) {
//we had a match - return it
return $perm;
}
}
//still here? do the namespace checks
if ($ns) {
$path = $ns . ':*';
} else {
$path = '*';
//root document
}
do {
$matches = preg_grep('/^' . preg_quote($path, '/') . '\\s+(\\S+)\\s+/' . $ci, $AUTH_ACL);
if (count($matches)) {
foreach ($matches as $match) {
$match = preg_replace('/#.*$/', '', $match);
//ignore comments
$acl = preg_split('/\\s+/', $match);
if (!in_array($acl[1], $groups)) {
continue;
}
if ($acl[2] > AUTH_DELETE) {
$acl[2] = AUTH_DELETE;
}
//no admins in the ACL!
if ($acl[2] > $perm) {
$perm = $acl[2];
}
}
//we had a match - return it
if ($perm != -1) {
return $perm;
}
}
//get next higher namespace
$ns = getNS($ns);
if ($path != '*') {
$path = $ns . ':*';
if ($path == ':*') {
$path = '*';
}
} else {
//we did this already
//looks like there is something wrong with the ACL
//break here
msg('No ACL setup yet! Denying access to everyone.');
return AUTH_NONE;
}
} while (1);
//this should never loop endless
return AUTH_NONE;
}
function dba_valid($db_table, $field, $value)
{
global $user_config;
$ret = false;
if ($db_table && $field && $value) {
$conditions[$field] = $value;
if (!auth_isadmin()) {
$conditions['uid'] = $user_config['uid'];
}
if ($list = dba_search($db_table, $field, $conditions)) {
$ret = $list[0][$field];
}
}
return $ret;
}
/**
* This file is part of playSMS.
*
* playSMS is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* playSMS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
include $core_config['apps_path']['plug'] . "/gateway/dev/config.php";
switch (_OP_) {
case "manage":
if ($err = TRUE) {
$content = _dialog();
}
$content .= "\n\t\t\t<h2>" . _('Manage dev') . "</h2>\n\t\t\t<table class=playsms-table>\n\t\t\t\t<tbody><tr><td class=label-sizer>" . _('Gateway name') . "</td><td>dev</td></tr></tbody>\n\t\t\t</table>\n\t\t";
$content .= _back('index.php?app=main&inc=core_gateway&op=gateway_list');
_p($content);
break;
}
/**
* Check if visitor has certain ACL
*
* @param string $acl
* Access Control List
* @return boolean TRUE if valid and visitor has certain ACL
*/
function auth_isacl($acl)
{
if (auth_isvalid()) {
if (auth_isadmin()) {
return TRUE;
} else {
$user_acl_id = user_getfieldbyuid($_SESSION['uid'], 'acl_id');
$user_acl_name = acl_getname($user_acl_id);
if ($acl && $user_acl_name && strtoupper($acl) == strtoupper($user_acl_name)) {
return TRUE;
}
}
}
return FALSE;
}
