function streamContent($file, $type)
{
if ($type == "image") {
$file_bits = preg_split('/\\./', $file);
if (count($file_bits) == 2) {
if ($file_bits[1] == "png") {
$content = "image/png";
} else {
if ($file_bits[1] == "gif") {
$content = "image/gif";
}
}
}
}
if (!isset($content)) {
errorOut("Invalid Static Content", 404, array("Type specified - {$type}", "File specified - {$file}"));
}
$real_file = BASEPATH . "static/{$type}/" . $file;
if (is_file($real_file)) {
header("Content-Length:" . filesize($real_file));
header("Content-Type: " . $content);
$fh = fopen($real_file, "r");
fpassthru($fh);
fclose($fh);
} else {
errorOut("Invalid Static Content", 404, array("Filename - {$real_file}"));
}
exit;
}
public function combineTo($dest)
{
// create the final destination file
if (($fp = @fopen($dest, 'w')) !== false) {
for ($i = 1; $i <= $this->totalchunks; $i++) {
fwrite($fp, file_get_contents($this->ckpath . '/' . $this->filename . '.part' . $i));
}
fclose($fp);
} else {
upldLog('failed to open destination file: ' . $dest);
errorOut(sprintf($GLOBALS['lang_plugin_html5upload']['dest_fail'], $dest));
}
upldLog('combined chunks: ' . $dest);
}
function _check_fn_ext($picname)
{
global $CONFIG, $lang_db_input_php, $matches;
// Analyze the file extension using regular expressions.
if (!preg_match('/(.+)\\.(.*?)\\Z/', $picname, $matches)) {
// The file name is invalid.
$matches[1] = 'invalid_fname';
// Make a bogus file extension to trigger Coppermine's defenses.
$matches[2] = 'xxx';
}
// If there is no extension, or if the extension is unknown/not permitted by Coppermine, zap the intruder.
if ($matches[2] == '' || !is_known_filetype($matches)) {
// We reject the file, and make a note of the error.
errorOut($lang_db_input_php['err_invalid_fext'] . ' ' . preg_replace('/\\//', ', ', $CONFIG['allowed_file_extensions']), 0, __FILE__, __LINE__);
}
return $matches[2];
}
<!-- -- -- -- -- -- List portion -- -- -- -- -- -->
<?php
if (isset($_POST['submit1'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());
$result = mysql_query("SELECT label FROM server WHERE server_id = '{$serverAID}';");
$row = mysql_fetch_array($result);
if (!$row) {
errorOut("Server A ID not a valid Server ID");
}
$serverALabel = $row["label"];
$result = mysql_query("SELECT label FROM server WHERE server_id = '{$serverBID}';");
$row = mysql_fetch_array($result);
if (!$row) {
errorOut("Server B ID not a valid Server ID");
}
$serverBLabel = $row["label"];
echo " <hr>\n";
echo " <form name='reallocate' action='' method='post'>\n";
echo " <input type='hidden' name='serverAID' value='" . $serverAID . "' />\n";
echo " <input type='hidden' name='serverBID' value='" . $serverBID . "' />\n";
echo " <input type='hidden' name='serverALabel' value='" . $serverALabel . "' />\n";
echo " <input type='hidden' name='serverBLabel' value='" . $serverBLabel . "' />\n";
echo " <b>Server A: " . $serverAID . " (" . $serverALabel . ")</b><br />\n";
$result = mysql_query("SELECT ip_id, ip, bitmask FROM ipallocate WHERE server_id = '{$serverAID}';");
while ($row = mysql_fetch_array($result)) {
echo " <input type='checkbox' name='assign" . $row["ip_id"] . "to" . $serverBID . "' />";
echo long2ip($row["ip"]) . "/" . $row["bitmask"] . "<br />\n";
}
echo " <b>Server B: " . $serverBID . " (" . $serverBLabel . ")</b><br />\n";
{
$value = stripslashes($value);
}
array_walk_recursive($_GET, 'stripslashes_gpc');
array_walk_recursive($_POST, 'stripslashes_gpc');
array_walk_recursive($_COOKIE, 'stripslashes_gpc');
array_walk_recursive($_REQUEST, 'stripslashes_gpc');
}
function errorOut($data)
{
$output = array('status' => 0, 'data' => $data);
die(json_encode($output));
}
function succOut()
{
$output = array('status' => 1);
die(json_encode($output));
}
$queuename = isset($_REQUEST['queuename']) ? trim($_REQUEST['queuename']) : '';
$queuedata = isset($_REQUEST['queuedata']) ? trim($_REQUEST['queuedata']) : '';
if (empty($queuename) || empty($queuedata)) {
errorOut('param empty');
}
$queueProcess = Queue_Factory::getQueueProcess($queuename);
if (!$queueProcess) {
errorOut('queue no exists');
}
if (!$queueProcess->sendMessage($queuedata)) {
errorOut('system error');
}
succOut();
function makeDatabase()
{
global $newDBName, $isNewDB, $done, $isDefineNewDatabase, $dbTemplateName, $errorCreatingTables;
$isTemplateDB = $dbTemplateName != null && $dbTemplateName != '0';
$dataInsertionSQLFile = null;
$error = false;
$warning = false;
if (isset($_REQUEST['dbname'])) {
// Check that there is a current administrative user who can be made the owner of the new database
$message = "MySQL username and password have not been set in configIni.php " . "or heuristConfigIni.php<br/> - Please do so before trying to create a new database.<br>";
if (ADMIN_DBUSERNAME == "" || ADMIN_DBUSERPSWD == "") {
errorOut($message);
return false;
}
// checking for current administrative user
if (!is_logged_in()) {
//this is creation+registration
$captcha_code = getUsrField('ugr_Captcha');
//check capture
if (@$_SESSION["captcha_code"] && $_SESSION["captcha_code"] != $captcha_code) {
errorOut('Are you a bot? Please enter the correct answer to the challenge question');
print '<script type="text/javascript">isRegdataEntered=false;</script>';
$isDefineNewDatabase = true;
return false;
}
if (@$_SESSION["captcha_code"]) {
unset($_SESSION["captcha_code"]);
}
$firstName = getUsrField('ugr_FirstName');
$lastName = getUsrField('ugr_LastName');
$eMail = getUsrField('ugr_eMail');
$name = getUsrField('ugr_Name');
$password = getUsrField('ugr_Password');
if ($firstName == '' || $lastName == '' || $eMail == '' || $name == '' || $password == '') {
errorOut('Mandatory data for your registration profile (first and last name, email, password) are not completed. Please fill out registration form');
print '<script type="text/javascript">isRegdataEntered=false;</script>';
$isDefineNewDatabase = true;
return false;
}
}
// Create a new blank database
$newDBName = trim($_REQUEST['uname']) . '_';
if ($newDBName == '_') {
$newDBName = '';
}
// don't double up underscore if no user prefix
$newDBName = $newDBName . trim($_REQUEST['dbname']);
$newname = HEURIST_DB_PREFIX . $newDBName;
// all databases have common prefix then user prefix
$list = mysql__getdatabases();
$list = array_map("arraytolower", $list);
if (false && in_array(strtolower($newDBName), $list)) {
errorOut('Warning: database "' . $newname . '" already exists. Please choose a different name');
$isDefineNewDatabase = true;
return false;
}
//get path to registered db template and download coreDefinitions.txt
$reg_url = @$_REQUEST['url_template'];
$exemplar_db = @$_REQUEST['exemplar'];
$name = '';
//user name
if (true) {
// For debugging: set to false to avoid real database creation
if ($exemplar_db != null) {
//from example db
//1a. verify that sample dump exists
$templateFoldersContent = HEURIST_DIR . "admin/setup/exemplars/" . $exemplar_db . '.zip';
if (!file_exists($templateFoldersContent) || filesize($templateFoldersContent) < 1) {
errorOut('Sorry, unable to find the exemplar zip file (' . $templateFoldersContent . ')containing the database folders and SQL script.');
return false;
}
//1b. verify that sample dump can be extracted
$exemplar_dir = HEURIST_DIR . "admin/setup/exemplars/";
$exemplar_dir = str_replace('//', '/', $exemplar_dir);
$dataInsertionSQLFile = HEURIST_FILESTORE_DIR . 'scratch/' . $exemplar_db . ".sql";
if (!file_exists($dataInsertionSQLFile) || filesize($templateFoldersContent) < 0) {
//extract dump from archive
unzip($templateFoldersContent, HEURIST_FILESTORE_DIR . 'scratch/', $exemplar_db . '.sql');
if (!file_exists($dataInsertionSQLFile) || filesize($dataInsertionSQLFile) < 0) {
errorOut('Sorry, unable to extract the database script "' . $exemplar_db . '.sql" from the zipped file "' . $templateFoldersContent . '". This may be due to incorrect permissions on the program code - please consult your system administrator.');
return false;
}
}
//2. create empty database
if (!db_create($newname)) {
errorOut('Sorry, unable to create new database ' . $newname);
return false;
}
//3. restore from dump
if (!db_script($newname, $dataInsertionSQLFile)) {
errorOut('Error importing sample data from ' . $dataInsertionSQLFile);
cleanupNewDB($newname);
return false;
}
$dataInsertionSQLFile = null;
} else {
//$exemplar_db
// this is global variable that is used in buildCrosswalks.php
$templateFileName = "NOT DEFINED";
$templateFoldersContent = "NOT DEFINED";
if ($reg_url) {
// getting definitions from an external registered database
$nouse_proxy = true;
$isTemplateDB = true;
$data = loadRemoteURLContent($reg_url, $nouse_proxy);
//without proxy
$resval = isDefinitionsInvalid($data);
if ($resval) {
if (defined("HEURIST_HTTP_PROXY")) {
$nouse_proxy = false;
$data = loadRemoteURLContent($reg_url, $nouse_proxy);
//with proxy
$resval = isDefinitionsInvalid($data);
if ($resval) {
$data = null;
}
} else {
$data = null;
}
}
if ($resval) {
errorOut("Error importing core definitions from template database {$reg_url} for database {$newname}<br>" . $resval . '<br>Please check whether this database is valid; consult Heurist support if needed');
return false;
}
//save data into file
if (defined('HEURIST_SETTING_DIR')) {
$templateFileName = HEURIST_SETTING_DIR . get_user_id() . '_dbtemplate.txt';
} else {
$templateFileName = HEURIST_UPLOAD_ROOT . '0_dbtemplate.txt';
}
$res = file_put_contents($templateFileName, $data);
if (!$res) {
errorOut('Error: cannot save definitions from template database into local file.' . ' Please verify that folder ' . (defined('HEURIST_SETTING_DIR') ? HEURIST_SETTING_DIR : HEURIST_UPLOAD_ROOT) . ' is writeable');
return false;
}
//download content of some folder from template database ======================
$reg_url = str_replace("getDBStructureAsSQL", "getDBFoldersForNewDB", $reg_url);
//replace to other script
$data = loadRemoteURLContent($reg_url, $nouse_proxy);
//with proxy
if ($data) {
if (defined('HEURIST_SETTING_DIR')) {
$templateFoldersContent = HEURIST_SETTING_DIR . get_user_id() . '_dbfolders.zip';
} else {
$templateFoldersContent = HEURIST_UPLOAD_ROOT . '0_dbfolders.zip';
}
$res = file_put_contents($templateFoldersContent, $data);
if (!$res) {
errorOut('Warning: cannot save content of settings folders from template database into local file. ' . ' Please verify that folder ' . (defined('HEURIST_SETTING_DIR') ? HEURIST_SETTING_DIR : HEURIST_UPLOAD_ROOT) . ' is writeable');
return false;
}
} else {
errorOut('Warning: server does not return the content of settings folders from template database. ' . 'Please ask system adminstrator to verify that zip extension on remote server is installed and that upload folder is writeable');
return false;
}
// Example database: download data to insert into new database =================================
if ($dbTemplateName != '1') {
// TODO: Artem: correct way is the donwloading data from sample database, however at the moment it is included into code. Ian: NASAT - would exposes databases to easy harvesting, but potentially OK as long as data marked public
// $dbTemplateNsme is the name of the database which is used to populate the example database, the corresponding data file has the same name with _data.sql appended
$dataInsertionSQLFile = HEURIST_DIR . "admin/setup/dbcreate/" . $dbTemplateName . "_data.sql";
if (!file_exists($dataInsertionSQLFile)) {
errorOut('Warning: cannot find sample data file in code ' . $dataInsertionSQLFile);
return false;
}
}
} else {
if ($isTemplateDB) {
errorOut('Wrong parameters: Template database is not defined.');
return false;
} else {
$templateFileName = HEURIST_DIR . "admin/setup/dbcreate/coreDefinitions.txt";
}
}
if (!file_exists($templateFileName)) {
errorOut('Error: template database structure file ' . $templateFileName . ' not found');
return false;
}
if (!createDatabaseEmpty($newDBName)) {
$isDefineNewDatabase = true;
return false;
}
// Run buildCrosswalks to import minimal definitions from coreDefinitions.txt into the new DB
// yes, this is badly structured, but it works - if it ain't broke ...
$isNewDB = true;
// flag of context for buildCrosswalks, tells it to use coreDefinitions.txt
require_once dirname(__FILE__) . '/../../structure/import/buildCrosswalks.php';
// errorCreatingTables is set to true by buildCrosswalks if an error occurred
if ($errorCreatingTables) {
errorOut('Error importing core definitions from ' . ($isTemplateDB ? "template database" : "coreDefinitions.txt") . ' for database ' . $newname . '<br>' . 'Please check whether this file or database is valid; consult Heurist support if needed');
cleanupNewDB($newname);
return false;
}
}
//not $exemplar_db
// Get and clean information for the user creating the database
if (!is_logged_in()) {
// getUsrField sanitises data entered
$longName = "";
$firstName = getUsrField('ugr_FirstName');
$lastName = getUsrField('ugr_LastName');
$eMail = getUsrField('ugr_eMail');
$name = getUsrField('ugr_Name');
$password = getUsrField('ugr_Password');
$department = getUsrField('ugr_Department');
$organisation = getUsrField('ugr_Organisation');
$city = getUsrField('ugr_City');
$state = getUsrField('ugr_State');
$postcode = getUsrField('ugr_Postcode');
$interests = getUsrField('ugr_Interests');
$ugr_IncomingEmailAddresses = getUsrField('ugr_IncomingEmailAddresses');
$ugr_TargetEmailAddresses = getUsrField('ugr_TargetEmailAddresses');
$ugr_URLs = getUsrField('ugr_URLs');
$s = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./';
$salt = $s[rand(0, strlen($s) - 1)] . $s[rand(0, strlen($s) - 1)];
$password = crypt($password, $salt);
} else {
mysql_connection_insert(DATABASE);
$query = mysql_query('SELECT ugr_LongName, ugr_FirstName, ugr_LastName, ugr_eMail, ugr_Name, ugr_Password, ' . 'ugr_Department, ugr_Organisation, ugr_City, ugr_State, ugr_Postcode, ugr_Interests, ' . 'ugr_IncomingEmailAddresses, ugr_TargetEmailAddresses, ugr_URLs ' . 'FROM sysUGrps WHERE ugr_ID=' . get_user_id());
$details = mysql_fetch_row($query);
$longName = mysql_real_escape_string($details[0]);
$firstName = mysql_real_escape_string($details[1]);
$lastName = mysql_real_escape_string($details[2]);
$eMail = mysql_real_escape_string($details[3]);
$name = mysql_real_escape_string($details[4]);
$password = mysql_real_escape_string($details[5]);
$department = mysql_real_escape_string($details[6]);
$organisation = mysql_real_escape_string($details[7]);
$city = mysql_real_escape_string($details[8]);
$state = mysql_real_escape_string($details[9]);
$postcode = mysql_real_escape_string($details[10]);
$interests = mysql_real_escape_string($details[11]);
$ugr_IncomingEmailAddresses = mysql_real_escape_string($details[12]);
$ugr_TargetEmailAddresses = mysql_real_escape_string($details[13]);
$ugr_URLs = mysql_real_escape_string($details[14]);
}
// todo: code location of upload directory into sysIdentification, remove from edit form (should not be changed)
// todo: might wish to control ownership rather than leaving it to the O/S, although this works well at present
createDatabaseFolders($newDBName);
if (file_exists($templateFoldersContent) && filesize($templateFoldersContent) > 0) {
//override content of setting folders with template database files - rectype icons, smarty templates etc
unzip($templateFoldersContent, HEURIST_UPLOAD_ROOT . $newDBName . "/");
}
// Prepare to write to the newly created database
mysql_connection_insert($newname);
// Make the current user the owner and admin of the new database
$res = mysql_query('UPDATE sysUGrps SET ugr_Enabled="Y", ugr_LongName="' . $longName . '", ugr_FirstName="' . $firstName . '",
ugr_LastName="' . $lastName . '", ugr_eMail="' . $eMail . '", ugr_Name="' . $name . '",
ugr_Password="******", ugr_Department="' . $department . '", ugr_Organisation="' . $organisation . '",
ugr_City="' . $city . '", ugr_State="' . $state . '", ugr_Postcode="' . $postcode . '",
ugr_IncomingEmailAddresses="' . $ugr_IncomingEmailAddresses . '",
ugr_TargetEmailAddresses="' . $ugr_TargetEmailAddresses . '",
ugr_URLs="' . $ugr_URLs . '",
ugr_interests="' . $interests . '" WHERE ugr_ID=2');
if (!$res) {
?>
<b>Warning: Failed to make the current user the owner and admin of the new database, error:</b>
<?php
print mysql_error();
}
// Add the default navigation tree for the DATABASE MANAGERS group (user #1). This is copied from the Heurist_Core_Definitions database}
$navTree = '{"expanded":true,"key":"root_3","title":"root","children":[{"expanded":true,"folder":true,"key":"_6","title":"Recent changes","children":[{"folder":false,"key":"19","title":"Recent changes (last week)","data":{"isfaceted":false}},{"folder":false,"key":"20","title":"Recent changes (last month)","data":{"isfaceted":false}},{"folder":false,"key":"21","title":"Recent changes (last year)","data":{"isfaceted":false}},{"folder":false,"key":"14","title":"All (most recent first)","data":{"isfaceted":false}}]},{"expanded":true,"folder":true,"key":"_1","title":"Specific types","children":[{"key":"27","title":"Bibliographic records","data":{"isfaceted":false}},{"key":"28","title":"Organisations","data":{"isfaceted":false}},{"key":"29","title":"People","data":{"isfaceted":false}},{"key":"30","title":"Media items","data":{"isfaceted":false}},{"expanded":true,"folder":true,"key":"_5","title":"Facet searches","children":[{"key":"25","title":"Persons","data":{"isfaceted":true}},{"key":"26","title":"Organisations","data":{"isfaceted":true}},{"expanded":true,"folder":true,"key":"_1","title":"Facet searches with rules","children":[{"key":"31","title":"Persons with related recs","data":{"isfaceted":true}}]}]}]},{"expanded":true,"folder":true,"key":"_5","title":"Experiments","children":[{"key":"24","title":"Mapping (layers, data sources)","data":{"isfaceted":false}}]}]}';
$res = mysql__insertupdate($newname, 'sysUGrps', 'ugr', array('ugr_ID' => 1, 'ugr_NavigationTree' => $navTree));
if (!is_int($res)) {
print '<b>Warning: Failed to copy navigation tree for user (group) 1 (DB Managers) to new database, error:</b>' . $res;
}
// Add the default navigation tree for the DATABASE OWNER (user #2). This is copied from the Heurist_Core_Definitions database}
$navTree = '"bookmark":{"expanded":true,"key":"root_1","title":"root","children":[{"folder":false,"key":"_1","title":"Recent changes","data":{"url":"?w=bookmark&q=sortby:-m after:\\"1 week ago\\"&label=Recent changes"}},{"folder":false,"key":"_2","title":"All (date order)","data":{"url":"?w=bookmark&q=sortby:-m&label=All records"}}]},"all":{"expanded":true,"key":"root_2","title":"root","children":[{"folder":false,"key":"_3","title":"Recent changes","data":{"url":"?w=all&q=sortby:-m after:\\"1 week ago\\"&label=Recent changes"}},{"folder":false,"key":"_4","title":"All (date order)","data":{"url":"?w=all&q=sortby:-m&label=All records"}},{"folder":true,"key":"_5","title":"Rules","children":[{"folder":false,"key":"12","title":"Person > anything they created","data":{"isfaceted":false}},{"folder":false,"key":"13","title":"Organisation > Assoc. places","data":{"isfaceted":false}}]}]}';
$res = mysql__insertupdate($newname, 'sysUGrps', 'ugr', array('ugr_ID' => 2, 'ugr_NavigationTree' => $navTree));
if (!is_int($res)) {
print '<b>Warning: Failed to copy navigation tree for user 2 (DB Owner) to new database, error:</b>' . $res;
}
// email the system administrator to tell them a new database has been created
user_EmailAboutNewDatabase($name, $firstName . ' ' . $lastName, $organisation, $eMail, $newDBName, $interests);
}
if ($dataInsertionSQLFile != null && file_exists($dataInsertionSQLFile)) {
if (!db_script($newname, $dataInsertionSQLFile)) {
errorOut('Error importing sample data from ' . $dataInsertionSQLFile);
}
}
?>
<div style='padding:0px 0 10px 0; font-size:larger;'>
<h2 style='padding-bottom:10px'>Congratulations, your new database [ <?php
echo $newDBName;
?>
] has been created</h2>
<?php
if (@$_REQUEST['db'] != '' && @$_REQUEST['db'] != null) {
?>
<p style="padding-left:10px"><strong>Admin username:</strong> <?php
echo $name;
?>
</p>
<p style="padding-left:10px"><strong>Admin password:</strong> <<i>same as the account you are currently logged in as</i>></p>
<?php
}
?>
<p style="padding-left:10px">Log into your new database with the following link:</p>
<p style="padding-left:6em"><b><a href="<?php
echo HEURIST_BASE_URL . "?db=" . $newDBName;
?>
"
title="" onclick="{closeDialog()}" target="blank">
<?php
echo HEURIST_BASE_URL . "?db=" . $newDBName;
?>
</a></b> <i>(we suggest bookmarking this link)</i></p>
<p style="padding-left:6em">
After logging in to your new database, we suggest you import some additional entity types from one of the<br />
curated Heurist databases, or from one of the other databases listed in the central database catalogue,<br />
using Database > Structure > Acquire from Databases
<!--or Database > Structure > Acquire from Templates -->
</p>
</div>
<?php
// TODO: automatically redirect to the new database in a new window
// this is a point at which people tend to get lost
return false;
}
// isset
}