static function modules($admin = false)
{
$results = array();
if (!isset($_SESSION["username"]) or !isset($_SESSION["disabled_modules"]) or sys_is_super_admin($_SESSION["username"])) {
$admin = true;
}
$data = trans(file_get_contents(sys_custom("modules/schema/modules.txt")));
if ($admin) {
$data .= "\n" . trans(file_get_contents(sys_custom("modules/schema_sys/modules.txt")));
}
if (file_exists(sys_custom("modules/schema/modules_ext.txt"))) {
$data .= "\n{t}Extensions{/t}\n" . trans(file_get_contents(sys_custom("modules/schema/modules_ext.txt")));
}
if ($admin and file_exists(sys_custom("modules/schema_sys/modules_ext.txt"))) {
$data .= "\n" . trans(file_get_contents(sys_custom("modules/schema_sys/modules_ext.txt")));
}
$groups = explode("\n\n", $data);
foreach ($groups as $group) {
$result = array();
$group = explode("\n", $group);
foreach ($group as $module) {
if ($module == "") {
continue;
}
$module = explode("|", $module);
if (!isset($module[1])) {
$result[] = " " . $module[0];
} else {
$result[$module[0]] = $module[1];
}
}
if (!DEBUG) {
asort($result);
}
$results = array_merge($results, $result);
}
if (!$admin) {
return array_diff_key($results, $_SESSION["disabled_modules"]);
}
return $results;
}
static function username($username)
{
if (defined("SETUP_ADMIN_USER") and sys_is_super_admin($username)) {
return "username: {t}Username must be different from the super administrator.{/t}";
}
if (strlen($username) < 129 and strlen($username) > 2 and preg_match('/^[a-z0-9-_@\\.]*$/', $username)) {
return "";
}
return "{t}Name must be not null, lowercase, min 3 characters, max 128 containing [a-z0-9_-@.].{/t}";
}
function sys_process_session_request()
{
if (!empty($_REQUEST["popup"]) and !empty($_REQUEST["iframe"])) {
unset($_REQUEST["iframe"]);
}
if (!empty($_REQUEST["iframe"])) {
sys::$smarty->assign("iframe", 1);
}
$keep_vars = array("popup", "preview", "lookup", "eto");
foreach ($keep_vars as $var) {
if (empty($_REQUEST[$var])) {
continue;
}
sys::$urladdon .= "&" . $var . "=" . $_REQUEST[$var];
sys::$smarty->assign($var, $_REQUEST[$var]);
}
$_SESSION["view"]["_" . $GLOBALS["tfolder"]] = $GLOBALS["tview"];
sys::$urladdon = "folder2=" . rawurlencode($GLOBALS["tfolder"]) . "&view2=" . $GLOBALS["tview"] . sys::$urladdon;
sys::$smarty->assign("urladdon", sys::$urladdon);
if (!empty($_REQUEST["action_sys"]) and !empty($_SESSION["username"]) and sys_is_super_admin($_SESSION["username"])) {
admin::process_action_sys();
}
if (!empty($_REQUEST["style"])) {
$_SESSION["theme"] = basename($_REQUEST["style"]);
}
sys::$smarty->assign("sys_style", !empty($_SESSION["theme"]) ? $_SESSION["theme"] : DEFAULT_STYLE);
$table = $GLOBALS["table"];
if ($GLOBALS["tview"] != $table["view"]) {
$GLOBALS["tview"] = $table["view"];
}
$tview = $GLOBALS["tview"];
$tfolder = $GLOBALS["tfolder"];
$tfolders = $GLOBALS["tfolders"];
$tname = $GLOBALS["tname"];
$tquota = $GLOBALS["tquota"];
$anchor = $GLOBALS["sel_folder"]["anchor"];
if (!empty($_REQUEST["reset_view"])) {
$_SESSION[$tname][$tview] = array();
$_SESSION["_" . $tfolder] = array();
$_SESSION["view"]["_" . $tfolder] = $tview;
$_SESSION[$tname]["_" . $tfolder] = array();
}
$current_view = $table["views"][$tview];
$cview = $current_view;
$template = $tview;
if ($current_view["TEMPLATE"] != "") {
$template = $current_view["TEMPLATE"];
}
if (isset($current_view["SCHEMA"]) and $current_view["SCHEMA"] != "") {
$table2 = db_get_schema(sys_find_module($current_view["SCHEMA"]));
$current_view = array_shift($table2["views"]);
// preserve in search, override for schema=x
if (!empty($table["att"]["SQL_HANDLER"]) and empty($current_view["SQL_HANDLER"])) {
$current_view["SQL_HANDLER"] = $table["att"]["SQL_HANDLER"];
}
$GLOBALS["table"] = $table2;
// needed for asset-functions and triggers
$table["att"] = $table2["att"];
if ($current_view["TEMPLATE"] != "") {
$template = $current_view["TEMPLATE"];
}
}
$GLOBALS["current_view"] = $current_view;
$field_names = array();
foreach ($current_view["fields"] as $key => $field) {
if (isset($field["NODB"]) and empty($current_view["SQL_HANDLER"])) {
continue;
}
$field_names[] = $key;
}
if (!empty($_SESSION["alert"])) {
sys::$alert = array_merge(sys::$alert, $_SESSION["alert"]);
$_SESSION["alert"] = array();
}
if (!empty($_SESSION["notification"])) {
sys::$notification = array_merge(sys::$notification, $_SESSION["notification"]);
$_SESSION["notification"] = array();
}
if (!empty($_SESSION["warning"])) {
sys::$warning = array_merge(sys::$warning, $_SESSION["warning"]);
$_SESSION["warning"] = array();
}
if ($table["views"][$tview]["SCHEMA_MODE"] != "") {
$tfolders = _build_merge_folders(array_keys($tfolders), $tfolder, $tview, true);
}
$dclick = $current_view["DOUBLECLICK"];
if ($dclick == "") {
if (in_array($template, array("display", "free")) and isset($current_view["views"]["details"])) {
$dclick = "details";
} else {
$dclick = "edit";
}
}
if (isset($current_view["MERGE_TABS"])) {
unset($current_view["tabs"]);
foreach (array_keys($current_view["fields"]) as $key) {
$current_view["fields"][$key]["SIMPLE_TAB"] = array("general");
}
}
$tfield_1 = isset($current_view["TFIELD_1"]) ? $current_view["TFIELD_1"] : modify::get_required_field($current_view["fields"]);
$tfield_2 = isset($current_view["TFIELD_2"]) ? $current_view["TFIELD_2"] : "";
// TODO2 reduce ??
$t = array("anchor" => $anchor, "att" => $table["att"], "buttons" => $current_view["buttons"], "custom_name" => $table["att"]["CUSTOM_NAME"], "data" => array(), "default_sql" => $current_view["DEFAULT_SQL"], "disable_tabs" => isset($current_view["DISABLE_TABS"]) ? $current_view["DISABLE_TABS"] : "", "doubleclick" => array_key_exists($dclick, $current_view["views"]) ? $dclick : "", "fields" => $current_view["fields"], "fields_all" => $table["fields"], "fields_query" => array_unique(array_merge(array($current_view["id"]), $field_names, array("created", "lastmodified", "createdby", "lastmodifiedby", "folder"))), "field_1" => $tfield_1, "field_2" => $tfield_2, "filter" => isset($current_view["FILTERS"]) ? $current_view["FILTERS"] : "", "filters" => $current_view["filters"], "folder" => $tfolder, "folders" => $tfolders, "folder_preview" => isset($_REQUEST["tpreview"]), "function" => isset($current_view["FUNCTION"]) ? $current_view["FUNCTION"] : "", "id" => $current_view["id"], "isdbfolder" => is_numeric($tfolder) ? true : false, "limit" => $current_view["LIMIT"], "links" => $current_view["links"], "linkstext" => $current_view["linkstext"], "load_css" => isset($table["att"]["LOAD_CSS"]) ? $table["att"]["LOAD_CSS"] : "", "load_js" => isset($table["att"]["LOAD_JS"]) ? $table["att"]["LOAD_JS"] : "", "lookup" => isset($_REQUEST["lookup"]) ? $_REQUEST["lookup"] : "", "order" => $current_view["ORDER"], "orderby" => $current_view["ORDERBY"], "groupby" => $current_view["GROUPBY"], "group" => $current_view["GROUP"], "handler" => $current_view["SQL_HANDLER"], "hidedata" => $_SESSION["hidedata"], "nosinglebuttons" => isset($cview["NOSINGLEBUTTONS"]) ? $cview["NOSINGLEBUTTONS"] : "", "notification" => &sys::$notification, "warning" => &sys::$warning, "noviewbuttons" => isset($cview["NOVIEWBUTTONS"]) ? $cview["NOVIEWBUTTONS"] : "", "page" => 1, "quota" => $tquota, "restore" => $current_view["restore"], "rights" => $GLOBALS["sel_folder"]["rights"], "vright" => isset($cview["RIGHT"]) ? $cview["RIGHT"] : "", "rowfilters" => $current_view["rowfilters"], "rowvalidates" => $current_view["rowvalidates"], "schema_mode" => $current_view["SCHEMA_MODE"], "singlebuttons" => $current_view["singlebuttons"], "sqllimit" => array(), "sqlorder" => "", "sqlvars" => array("folder" => $tfolder, "folders" => array_keys($tfolders)), "sqlvarsnoquote" => array(), "sqlwhere" => $current_view["SQLWHERE"], "sqlwhere_default" => $current_view["SQLWHERE_DEFAULT"], "subitem" => 0, "tabs" => isset($current_view["tabs"]) ? $current_view["tabs"] : array("general" => array("NAME" => "general")), "template" => "asset_" . $template . ".tpl", "template_mode" => isset($current_view["TEMPLATE_MODE"]) ? $current_view["TEMPLATE_MODE"] : "", "title" => $tname, "view" => $tview, "views" => $table["views"][$tview]["views"]);
$GLOBALS["t"] = $t;
if (!empty($current_view["SCHEMA_MODE"])) {
sys_process_schema_request();
}
}
<?php
/**
* @package Simple Groupware
* @link http://www.simple-groupware.de
* @copyright Simple Groupware Solutions Thomas Bley 2002-2012
* @license GPLv2
*/
define("NOCONTENT", true);
require "index.php";
if (!sys_is_super_admin($_SESSION["username"])) {
sys_die(t("{t}Not allowed. Please log in as super administrator.{/t}"));
}
sysconfig::header();
sysconfig::init();
$show_form = true;
if (!empty($_REQUEST["token"])) {
$no_hash = false;
if ($_REQUEST["setup_admin_pw"] == "" and $_REQUEST["setup_admin_user"] == SETUP_ADMIN_USER) {
$_REQUEST["setup_admin_pw"] = SETUP_ADMIN_PW;
$no_hash = true;
}
$no_hash2 = false;
if ($_REQUEST["setup_admin_pw2"] == "" and $_REQUEST["setup_admin_user2"] == SETUP_ADMIN_USER2) {
$_REQUEST["setup_admin_pw2"] = SETUP_ADMIN_PW2;
$no_hash2 = true;
}
$error = sysconfig::validate();
if ($error == "") {
sysconfig::write_config($no_hash, $no_hash2);
echo t("{t}Setup: setup-data written to %s.{/t}", "simple_store/config.php");
static function process_login($username, $password = "")
{
$id = session_id();
if (!APC_SESSION and $id and (empty($_SESSION["username"]) or $_SESSION["username"] != $username)) {
$row = db_select_first("simple_sys_session", array("id", "data", "expiry"), "username=@username@", "lastmodified desc", array("username" => $username));
if (!empty($row["id"])) {
$_SESSION = array();
session_decode(rawurldecode($row["data"]));
if ($row["expiry"] < NOW) {
db_delete("simple_sys_session", array("id=@id@"), array("id" => $row["id"]));
}
}
if (!db_count("simple_sys_session", array("id=@id@"), array("id" => $id))) {
db_insert("simple_sys_session", array("expiry" => NOW + LOGIN_TIMEOUT, "id" => $id));
}
}
$_SESSION["username"] = $username;
if ($password != "") {
$_SESSION["password"] = sys_encrypt($password, $id);
}
if (!isset($_SESSION["history"])) {
$_SESSION["history"] = array();
}
$_SESSION["groups"] = array();
$_SESSION["folder_states"] = array();
$base = dirname($_SERVER["SCRIPT_FILENAME"]) . "/";
if (sys_is_super_admin($_SESSION["username"])) {
$_SESSION["ALLOWED_PATH"] = array($base . SIMPLE_STORE . "/home/", $base . SIMPLE_CACHE . "/debug/", $base . SIMPLE_STORE . "/trash/", $base . SIMPLE_CACHE . "/preview/", $base . SIMPLE_STORE . "/backup/");
} else {
$_SESSION["ALLOWED_PATH"] = array($base . SIMPLE_STORE . "/home/" . $_SESSION["username"] . "/", $base . SIMPLE_CACHE . "/preview/");
}
foreach (explode(",", SIMPLE_IMPORT) as $folder) {
if ($folder == "" or !is_dir($folder)) {
continue;
}
if ($folder[0] != "/" and !strpos($folder, ":")) {
$folder = $base . $folder;
}
$_SESSION["ALLOWED_PATH"][] = rtrim(str_replace("\\", "/", $folder), "/") . "/";
}
// TODO2 put in extra function and configure it with setup to fetch groups from somewhere else
if (sys_is_super_admin($_SESSION["username"])) {
$_SESSION["permission_sql"] = "1=1";
$_SESSION["permission_sql_exception"] = "1=0";
$_SESSION["disabled_modules"] = array();
} else {
$_SESSION["permission_sql"] = sql_regexp("r@right@_users", array($username, "anonymous"));
$_SESSION["permission_sql_exception"] = "(rexception_users!='' and " . sql_regexp("rexception_users", array($username, "anonymous"), "|@view@:@right@:%s|") . ")";
$_SESSION["disabled_modules"] = array_flip(explode("|", DISABLED_MODULES));
$rows = db_select("simple_sys_groups", "groupname", array("activated=1", "members like @username_sql@"), "", "", array("username_sql" => "%|" . $username . "|%"));
if (is_array($rows) and count($rows) > 0) {
foreach ($rows as $val) {
$_SESSION["groups"][] = $val["groupname"];
}
$_SESSION["permission_sql"] = "(" . $_SESSION["permission_sql"] . " or " . sql_regexp("r@right@_groups", $_SESSION["groups"]) . ")";
$_SESSION["permission_sql_exception"] = "(" . $_SESSION["permission_sql_exception"] . " or (rexception_groups!='' and " . sql_regexp("rexception_groups", $_SESSION["groups"], "|@view@:@right@:%s|") . "))";
}
}
$_SESSION["permission_sql_read"] = str_replace("@right@", "read", $_SESSION["permission_sql"]);
$_SESSION["permission_sql_write"] = str_replace("@right@", "write", $_SESSION["permission_sql"]);
$_SESSION["ip"] = _login_get_remoteaddr();
$_SESSION["tickets"] = array("templates" => array("dbselect", "simple_templates", array("tplcontent", "tplname"), array("tplname like @search@"), "tplname asc"));
$_SESSION["treevisible"] = true;
$row = db_select_first("simple_sys_users", "*", "username=@username@", "", array("username" => $username));
if (!empty($row["cal_day_begin"])) {
$_SESSION["day_begin"] = sys_date("G", $row["cal_day_begin"] - 1) * 3600;
$_SESSION["day_end"] = sys_date("G", $row["cal_day_end"]) * 3600;
} else {
$_SESSION["day_begin"] = 25200;
// 7:00 = 7*3600
$_SESSION["day_end"] = 64800;
// 18:00 = 18*3600
}
if (!empty($row["enabled_modules"])) {
$row["enabled_modules"] = array_flip(explode("|", trim($row["enabled_modules"], "|")));
$_SESSION["disabled_modules"] = array_diff_key($_SESSION["disabled_modules"], $row["enabled_modules"]);
}
if (!empty($row["timezone"])) {
$_SESSION["timezone"] = $row["timezone"];
} else {
$_SESSION["timezone"] = "";
}
if (!empty($row["theme"])) {
$_SESSION["theme"] = $row["theme"];
} else {
$_SESSION["theme"] = "core";
}
if (!empty($row["home_folder"])) {
$_SESSION["home_folder"] = "index.php?folder=" . rawurlencode($row["home_folder"]);
} else {
if (sys_is_super_admin($username)) {
$anchor = "system";
} else {
$anchor = "home_" . $username;
}
$_SESSION["home_folder"] = "index.php?folder=^" . $anchor;
}
if ($id or isset($_REQUEST["login"])) {
sys_log_stat("logins", 1);
sys_log_message_log("login", sprintf("{t}login %s from %s with %s{/t}", $_SESSION["username"], $_SESSION["ip"], sys::$browser));
}
trigger::login();
if (!empty($row["pwdexpires"]) and $row["pwdexpires"] < NOW) {
sys_warning(sprintf("{t}Password expired. (password of %s has expired){/t}", $username));
self::_redirect("index.php?view=changepwd&find=asset|simple_sys_users|1|username="******"username"]);
} else {
if (!empty($_REQUEST["page"])) {
if (CMS_REAL_URL) {
self::_redirect(CMS_REAL_URL . $_REQUEST["page"]);
}
self::_redirect("cms.php/" . $_REQUEST["page"]);
} else {
if (!empty($_REQUEST["redirect"])) {
self::_redirect($_SESSION["home_folder"]);
}
}
}
}