function index() { if (!$this->auth) { $this->error('403', 'Forbidden'); return; } $image_processing = new Setting(); $image_processing->where('name', 'image_processing_library')->get(); include FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'DarkroomUtils.php'; $libs = DarkroomUtils::libraries(); if ($image_processing->exists()) { if (!isset($libs[$image_processing->value])) { $top = array_shift(array_keys($libs)); $lib = $libs[$top]; $image_processing->value = $lib['key']; $image_processing->save(); } } else { if (!defined('MAGICK_PATH_FINAL') || (MAGICK_PATH_FINAL === 'convert' || !isset($libs[MAGICK_PATH_FINAL]))) { $top = array_shift(array_keys($libs)); $lib = $libs[$top]; } else { $lib = $libs[MAGICK_PATH_FINAL]; } $image_processing->name = 'image_processing_library'; $image_processing->value = $lib['key']; $image_processing->save(); } $last_check = new Setting(); $last_check->where('name', 'last_migration'); $last_check_count = $last_check->count(); if ($last_check_count > 1) { $last_check->where('name', 'last_migration')->order_by('value ASC')->limit($last_check_count - 1)->get(); $last_check->delete_all(); } $s = new Setting(); $settings = $s->get_iterated(); $data = array('image_processing_libraries' => array_values($libs)); $bools = array('has_toured', 'site_hidpi', 'retain_image_metadata', 'image_use_defaults', 'use_default_labels_links', 'uploading_publish_on_captured_date'); foreach ($settings as $setting) { // Don't allow dupes to screw things up if (isset($data[$setting->name])) { continue; } $value = $setting->value; if (in_array($setting->name, $bools)) { $value = $value == 'true'; } if ($setting->name === 'last_upload') { $value = $value === 'false' ? false : (int) $value; } $data[$setting->name] = $value; } if (!isset($data['uploading_publish_on_captured_date'])) { $data['uploading_publish_on_captured_date'] = false; } if (!isset($data['uploading_default_album_visibility'])) { $data['uploading_default_album_visibility'] = 'public'; } if (!isset($data['email_handler'])) { $data['email_handler'] = 'DDI_Email'; } $data['email_handlers'] = Shutter::get_email_handlers(); $disable_cache_file = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'cache' . DIRECTORY_SEPARATOR . 'no-site-cache'; $data['enable_site_cache'] = !file_exists($disable_cache_file); if ($this->method != 'get') { if ($this->auth_role !== 'god') { $this->error('403', 'Forbidden'); return; } if (isset($_POST['signin_bg'])) { $c = new Content(); $c->get_by_id($_POST['signin_bg']); if ($c->exists()) { $_c = $c->to_array(); $large = array_pop($_c['presets']); // TODO: Error checking for permissions reject $f = $large['url']; $to = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'wallpaper' . DIRECTORY_SEPARATOR . 'signin.jpg'; if (extension_loaded('curl')) { $cp = curl_init($f); $fp = fopen($to, "w+"); if (!$fp) { curl_close($cp); } else { curl_setopt($cp, CURLOPT_FILE, $fp); curl_exec($cp); curl_close($cp); fclose($fp); } } elseif (ini_get('allow_url_fopen')) { copy($f, $to); } } } else { if (isset($_POST['enable_site_cache'])) { if ($_POST['enable_site_cache'] === 'true') { @unlink($disable_cache_file); } else { touch($disable_cache_file); delete_files(dirname($disable_cache_file) . DIRECTORY_SEPARATOR . 'site', true, 1); } unset($_POST['enable_site_cache']); } // TODO: Make sure new path is not inside real_base // TODO: Ensure that real_base is not deleted under any circumstances if (isset($_POST['site_url']) && $_POST['site_url'] !== $data['site_url']) { $_POST['site_url'] = strtolower(rtrim($_POST['site_url'], '/')); if (empty($_POST['site_url'])) { $_POST['site_url'] = '/'; } if (isset($_SERVER['PHP_SELF']) && isset($_SERVER['SCRIPT_FILENAME'])) { $php_self = str_replace('/', DIRECTORY_SEPARATOR, $_SERVER['PHP_SELF']); $doc_root = preg_replace('~' . $php_self . '$~i', '', $_SERVER['SCRIPT_FILENAME']); } else { $doc_root = $_SERVER['DOCUMENT_ROOT']; } $doc_root = realpath($doc_root); $target = $doc_root . str_replace('/', DIRECTORY_SEPARATOR, $_POST['site_url']); $php_include_base = rtrim(preg_replace('~^' . $doc_root . '~', '', FCPATH), DIRECTORY_SEPARATOR); $real_base = $doc_root; if (empty($php_include_base)) { $real_base .= DIRECTORY_SEPARATOR; } else { $real_base .= $php_include_base; } @($target_dir = dir($target)); $real_base_dir = dir($real_base); function compare_paths($one, $two) { return rtrim($one, DIRECTORY_SEPARATOR) === rtrim($two, DIRECTORY_SEPARATOR); } if ($target_dir && compare_paths($target_dir->path, $real_base_dir->path)) { $_POST['site_url'] = 'default'; $htaccess = create_htaccess(); $root_htaccess = FCPATH . '.htaccess'; $current = file_get_contents($root_htaccess); preg_match('/#MARK#.*/s', $htaccess, $match); $htaccess = preg_replace('/#MARK#.*/s', str_replace('$', '\\$', $match[0]), $current); file_put_contents($root_htaccess, $htaccess); } else { if ($target_dir) { $reserved = array('admin', 'app', 'storage'); foreach ($reserved as $dir) { $_dir = dir(rtrim($real_base_dir->path, '/') . "/{$dir}"); if (compare_paths($target_dir->path, $_dir->path)) { $this->error('400', "This directory is reserved for Koken core files. Please choose another location."); return; } } } if (!make_child_dir($target)) { $this->error('500', "Koken was not able to create the Site URL directory. Make sure the path provided is writable by the web server and try again."); return; } $php_include_rel = str_replace(DIRECTORY_SEPARATOR, '/', $php_include_base); $php_include_base = str_replace('\\', '\\\\', $php_include_base); $doc_root_php = str_replace('\\', '\\\\', $doc_root); $php = <<<OUT <?php \t\$rewrite = false; \t\$real_base_folder = '{$php_include_rel}'; \trequire '{$doc_root_php}{$php_include_base}' . DIRECTORY_SEPARATOR . 'app' . DIRECTORY_SEPARATOR . 'site' . DIRECTORY_SEPARATOR . 'site.php'; OUT; $htaccess = create_htaccess($_POST['site_url']); if ($this->check_for_rewrite()) { $file = $target . DIRECTORY_SEPARATOR . '.htaccess'; $file_data = $htaccess; $put_mode = FILE_APPEND; if ($_POST['site_url'] !== 'default' && "{$doc_root}" . DIRECTORY_SEPARATOR !== FCPATH) { $root_htaccess = FCPATH . '.htaccess'; if (file_exists($root_htaccess)) { $current = file_get_contents($root_htaccess); $redirect = create_htaccess($_POST['site_url'], true); preg_match('/#MARK#.*/s', $redirect, $match); $redirect = preg_replace('/#MARK#.*/s', str_replace('$', '\\$', $match[0]), $current); file_put_contents($root_htaccess, $redirect); } } } else { $file = $target . DIRECTORY_SEPARATOR . 'index.php'; $file_data = $php; $put_mode = 0; } if (file_exists($file)) { rename($file, "{$file}.bkup"); } if (!file_put_contents($file, $file_data, $put_mode)) { $this->error('500', "Koken was not able to create the necessary files in the Site URL directory. Make sure that path has sufficient permissions so that Koken may write the files."); return; } } if ($data['site_url'] !== 'default') { $old = $doc_root . str_replace('/', DIRECTORY_SEPARATOR, $data['site_url']); $old_dir = dir($old); if (!compare_paths($old_dir->path, $real_base_dir->path)) { if ($this->check_for_rewrite()) { $old_file = $old . DIRECTORY_SEPARATOR . '.htaccess'; } else { $old_file = $old . DIRECTORY_SEPARATOR . 'index.php'; } unlink($old_file); $backup = $old_file . '.bkup'; if (file_exists($backup)) { rename($backup, $old_file); } // This will only remove the dir if it is empty @rmdir($old); } } } global $raw_input_data; if (isset($raw_input_data['url_data'])) { $url_data = json_decode($raw_input_data['url_data'], true); $u = new Url(); $u->order_by('id DESC')->get(); $existing_data = unserialize($u->data); $transformed = array(); foreach ($url_data as $key => $udata) { $transformed[] = array('type' => $key, 'data' => $udata); } if ($existing_data !== $transformed) { $n = new Url(); $n->data = serialize($transformed); $n->save(); } unset($_POST['url_data']); } $save = array(); foreach ($_POST as $key => $val) { if (isset($data[$key]) && $data[$key] !== $val) { if ($key === 'retain_image_metadata' || $key !== 'image_processing_library' && strpos($key, 'image_') === 0) { delete_files(FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'cache' . DIRECTORY_SEPARATOR . 'images', true, 1); } $save[$key] = $val; } } foreach ($save as $k => $v) { $s = new Setting(); $s->where('name', $k)->get(); if ($s->exists()) { $s->value = $v; $s->save(); } else { if (in_array($k, array('uploading_default_album_visibility', 'uploading_publish_on_captured_date', 'email_handler'))) { $n = new Setting(); $n->name = $k; $n->value = $v; $n->save(); } } } if (isset($save['email_handler']) || isset($save['email_delivery_address'])) { $this->_compile_plugins(); } } $this->redirect('/settings'); } if (!isset($data['site_timezone']) || empty($data['site_timezone']) || $data['site_timezone'] === 'Etc/UTC') { $data['site_timezone'] = 'UTC'; } else { if ($data['site_timezone'] === 'Etc/GMT+12') { $data['site_timezone'] = 'Pacific/Auckland'; } } $data['image_processing_library_label'] = $libs[$data['image_processing_library']]['label']; $migrate_path = FCPATH . 'app' . DIRECTORY_SEPARATOR . 'application' . DIRECTORY_SEPARATOR . 'models' . DIRECTORY_SEPARATOR . 'migrations' . DIRECTORY_SEPARATOR; $migrations = scandir($migrate_path); $data['migrations'] = array(); if (!isset($data['last_migration'])) { $migration_setting = new Setting(); $migration_setting->name = 'last_migration'; $migration_setting->value = '26'; $migration_setting->save(); $data['last_migration'] = '26'; } if (!isset($data['has_toured']) || ENVIRONMENT === 'development') { $data['has_toured'] = true; } foreach ($migrations as $migration) { $migration = str_replace('.php', '', $migration); $migration_int = (int) $migration; if ($migration_int > $data['last_migration']) { $data['migrations'][] = $migration; } } unset($data['last_migration']); $data = Shutter::filter('api.settings', array($data)); $this->set_response_data($data); }
function migrate($n = false) { if ($this->method !== 'post') { $this->error('403', 'Forbidden'); return; } $CI =& get_instance(); $this->db =& $CI->db; $db_config = Shutter::get_db_configuration(); $this->load->dbforge(); if ($n === 'schema') { require FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'schema.php'; foreach ($koken_tables as $table_name => $info) { $table = $db_config['prefix'] . "{$table_name}"; if ($this->db->table_exists($table)) { $existing_fields = array(); foreach ($this->db->field_data($table) as $field) { $existing_fields[$field->name] = $field; } foreach ($info['fields'] as $field_name => $field_info) { if (array_key_exists($field_name, $existing_fields)) { $field_info['type'] = strtolower($field_info['type']); $compare = (array) $existing_fields[$field_name]; unset($compare['name']); unset($compare['primary_key']); if (isset($compare['max_length'])) { $compare['constraint'] = (int) $compare['max_length']; unset($compare['max_length']); } if (in_array(strtolower($field_info['type']), array('text', 'varchar', 'longtext'))) { $field_info['null'] = true; } $diff = array_diff_assoc($field_info, $compare); if (isset($diff['null']) && $diff['null'] === true && is_null($compare['default']) && $field_info['type'] !== 'text' && $field_info['type'] !== 'varchar') { unset($diff['null']); } if (!empty($diff)) { $this->dbforge->modify_column($table, array($field_name => $field_info)); } } else { if (in_array(strtolower($field_info['type']), array('text', 'varchar', 'longtext'))) { $field_info['null'] = true; } $this->dbforge->add_column($table, array($field_name => $field_info)); } } if (isset($info['keys'])) { foreach ($info['keys'] as $key) { if (is_array($key)) { $key_name = $this->db->_protect_identifiers(implode('_', $key)); $key = $this->db->_protect_identifiers($key); } else { $key_name = $this->db->_protect_identifiers($key); $key = array($key_name); } $sql = "ALTER TABLE {$table} ADD KEY {$key_name} (" . implode(', ', $key) . ")"; $this->db->query($sql); } } if (isset($info['uniques'])) { foreach ($info['uniques'] as $key) { $this->db->query("CREATE UNIQUE INDEX {$key} ON {$table} ({$key})"); } } } else { if (!isset($info['no_id'])) { $this->dbforge->add_field('id'); } $this->dbforge->add_field($info['fields']); if (isset($info['keys'])) { foreach ($info['keys'] as $key) { $primary = false; if ($key == 'id') { $primary = true; } $this->dbforge->add_key($key, $primary); } } $this->dbforge->create_table($db_config['prefix'] . "{$table_name}"); if (isset($info['uniques'])) { $table = $db_config['prefix'] . "{$table_name}"; foreach ($info['uniques'] as $key) { $this->db->query("CREATE UNIQUE INDEX {$key} ON {$table} ({$key})"); } } } } $this->_clear_system_caches(); $s = new Setting(); $s->where('name', 'uuid')->get(); if (!$s->exists()) { $s = new Setting(); $s->name = 'uuid'; $s->value = md5($_SERVER['HTTP_HOST'] . uniqid('', true)); $s->save(); } $uuid = $s->value; $base_folder = trim(preg_replace('/\\/api\\.php(.*)?$/', '', $_SERVER['SCRIPT_NAME']), '/'); include FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'DarkroomUtils.php'; $s->where('name', 'image_processing_library')->get(); $libs = DarkroomUtils::libraries(); $processing_string = $libs[$s->value]['label']; $themes = array('axis' => '86d2f683-9f90-ca3f-d93f-a2e0a9d0a089', 'blueprint' => '1a355994-6217-c7ce-b67a-4241be3feae8', 'boulevard' => 'b30686d9-3490-9abb-1049-fe419a211502', 'chastain' => 'd174e766-5a5f-19eb-d735-5b46ae673a6d', 'elementary' => 'be1cb2d9-ed05-2d81-85b4-23282832eb84', 'madison' => '618e0b9f-fba0-37eb-810a-6d615d0f0e08', 'observatory' => '605ea246-fa37-11f0-f078-d54c8a7cbd3c', 'regale' => 'efde04b6-657d-33b6-767d-67af8ef15e7b', 'repertoire' => 'fa8a5d39-01a5-dfd6-92ff-65a22af5d5ac'); $themes_dir = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR; foreach ($themes as $name => $guid) { $dir = $themes_dir . $name; $guid_path = $dir . DIRECTORY_SEPARATOR . 'koken.guid'; $old_guid_path = $dir . DIRECTORY_SEPARATOR . '.guid'; if (file_exists($old_guid_path)) { rename($old_guid_path, $guid_path); } else { if (is_dir($dir) && !file_exists($guid_path)) { file_put_contents($guid_path, $guid); } } } $plugins = array('google-analytics' => 'c4e5bc2b-be8b-3ae7-ccbe-d7e7a1a26136', 'font-loader' => '5b6016ae-9d1a-2336-78c4-63dbb74d39b3', 'koken-spotify' => 'e24a53fc-ac9a-5ab6-5777-237f6dc98496', 'koken-rdio' => '84eb1b9a-ea40-c204-5420-c1af5e1bcbe6', 'koken-html-injector' => '045cb01a-07a6-02b6-a0df-2ae377ce18af', 'koken-pulse-timer' => '6e5cbaa3-9fee-ca89-c989-a7969aa491f3', 'koken-pulse-transition-pack' => '7e958135-8e3e-3b34-5ccd-defe39db9400', 'koken-disqus' => '0a430465-cb52-be7d-a160-94bf73e40c03', 'koken-timeago' => 'bf4ceae8-b2b8-dc16-a439-46a4d915161c'); $plugins_dir = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR; foreach ($plugins as $name => $guid) { $dir = $plugins_dir . $name; $guid_path = $dir . DIRECTORY_SEPARATOR . 'koken.guid'; if (is_dir($dir) && !file_exists($guid_path)) { file_put_contents($guid_path, $guid); } } $this->load->library('webhostwhois'); $host = new WebhostWhois(array('useDns' => false)); if ($host->key === 'unknown' && isset($_SERVER['KOKEN_HOST'])) { $host->key = $_SERVER['KOKEN_HOST']; } $data = array('domain' => $_SERVER['HTTP_HOST'], 'path' => '/' . $base_folder, 'uuid' => $uuid, 'php' => PHP_VERSION, 'version' => KOKEN_VERSION, 'ip' => $_SERVER['SERVER_ADDR'], 'image_processing' => urlencode($processing_string), 'host' => $host->key, 'plugins' => array()); $s = new Setting(); $s->where('name', 'site_url')->get(); if ($s->value !== 'default') { $data['published_path'] = $s->value; } $t = new Theme(); $themes = $t->read(); foreach ($themes as $theme) { if (isset($theme['koken_store_guid'])) { $data['plugins'][] = array('guid' => $theme['koken_store_guid'], 'version' => $theme['version']); } } $plugins = $this->parse_plugins(); foreach ($plugins as $plugin) { if (isset($plugin['koken_store_guid'])) { $data['plugins'][] = array('guid' => $plugin['koken_store_guid'], 'version' => $plugin['version']); } } if (!isset($_COOKIE['koken_session']) && !isset($_COOKIE['koken_session_ci'])) { // Catch upgrades with old auth setup and try to keep them logged in. $u = new User(); $u->get_by_id($this->auth_user_id); if ($u->exists()) { $this->load->library('session'); $u->create_session($this->session); } } // Session upgrade to CI sessions (0.14) if (!isset($_COOKIE['koken_session_ci']) && isset($_COOKIE['koken_session'])) { $old_session = unserialize($_COOKIE['koken_session']); if ($old_session) { $u = new User(); $u->get_by_id($old_session['user']['id']); if ($u->exists()) { $this->load->library('session'); $u->create_session($this->session); } } } $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, KOKEN_STORE_URL . '/register'); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data, '', '&')); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); $r = curl_exec($curl); curl_close($curl); die(json_encode(array('done' => true))); } else { if ($n) { $path = $this->migrate_path . "{$n}.php"; $migrate_setting = new Setting(); $migrate_setting->where('name', 'last_migration')->get(); if (is_file($path)) { include $path; $is_done = isset($done); if ($migrate_setting->exists() && $is_done) { $migrate_setting->value = (int) $n; $migrate_setting->save(); } die(json_encode(array('done' => $is_done))); exit; } } } }