/**
* Parses input setup in constructor, and creates a parse tree.
*/
function parse_input()
{
/*We need to break the $this->parsed_input[SECTION_COMMAND] up into several distinct parts:
- Command
- Options
- Parameters
- Extras (e.g. I/O redirection / pipes)
i.e.
chmod -R 777 ./foobar >> output.txt
COMMAND OPTION PARAMETER PARAMETER EXTRA
*/
/*Output redirection:
2&1> output.txt
2&1 > output.txt
STREAM_IDENTIFIER ASSIGNMENT REDIRECT_IDENTIFIER
*/
$this->parse_runtime['command_length'] = strlen($this->current_input);
$this->parse_runtime['parse_position'] = 0;
$this->parse_runtime['current_mode'] = MODE_NORMAL;
$this->parse_runtime['escape_used'] = false;
$this->parse_runtime['occle_command'] = COMMAND_NATIVE;
$this->parsed_input[SECTION_COMMAND] = NULL;
$this->parsed_input[SECTION_OPTIONS] = array();
$this->parsed_input[SECTION_PARAMETERS] = array();
$this->parsed_input[SECTION_EXTRAS] = array();
$this->fs = object_factory('virtual_fs');
//Start parsing with the command
$this->_extract_command();
if (trim($this->parsed_input[SECTION_COMMAND]) == '') {
$this->output[STREAM_STDCOMMAND] = '';
$this->output[STREAM_STDHTML] = '';
$this->output[STREAM_STDOUT] = '';
$this->output[STREAM_STDERR] = do_lang('NON_COMMAND');
return;
}
if ($this->parse_runtime['occle_command'] == COMMAND_NATIVE) {
//Options (it's an OcCLE command; not a PHP command)
$this->_extract_options();
$this->_extract_parameters();
}
//Extras
$this->_extract_extras();
//Pre-processing: follow any extras provided
$i = 0;
foreach ($this->parsed_input[SECTION_EXTRAS] as $extra) {
if ($extra[ASSIGNMENT] == REDIRECT_PIPE || $extra[ASSIGNMENT] == REDIRECT_INPUT) {
$replacements = 0;
if ($extra[ASSIGNMENT] == REDIRECT_PIPE) {
if (!isset($extra[STREAM_IDENTIFIER][0])) {
$extra[STREAM_IDENTIFIER] = array(STREAM_STDOUT);
}
$virtual_bash = new virtual_bash($extra[REDIRECT_IDENTIFIER]);
$virtual_output = $virtual_bash->return_output();
$pertinant_output = $virtual_output[$extra[STREAM_IDENTIFIER][count($extra[STREAM_IDENTIFIER]) - 1]];
if ($virtual_output[STREAM_STDERR] != '') {
$this->output[STREAM_STDERR] = $virtual_output[STREAM_STDERR];
}
} else {
$pertinant_output = $this->fs->read_file($this->fs->_pwd_to_array($extra[REDIRECT_IDENTIFIER]));
if ($pertinant_output === false) {
$pertinant_output = '';
}
}
foreach ($this->parsed_input[SECTION_PARAMETERS] as $param_no => $parameter) {
//Do we have any "{".$i."}" parameters?
if ($parameter == '{' . strval($i) . '}') {
//NOTE: Might want to change this somehow so that other streams can be put through
$this->parsed_input[SECTION_PARAMETERS][$param_no] = $pertinant_output;
$replacements++;
}
}
if ($replacements == 0) {
//Just tag the input onto the end of the parameters array
//NOTE: See above
$this->parsed_input[SECTION_PARAMETERS][] = $pertinant_output;
}
$i++;
}
}
//Handle the command: load up the relevant hook
if ($this->parse_runtime['occle_command'] == COMMAND_NATIVE) {
//See if it's a lone command first
$hooks = find_all_hooks('modules', 'admin_occle_commands');
$hook_return = NULL;
foreach (array_keys($hooks) as $hook) {
if ($hook == $this->parsed_input[SECTION_COMMAND]) {
require_code('hooks/modules/admin_occle_commands/' . filter_naughty_harsh($hook));
$object = object_factory('Hook_' . filter_naughty_harsh($hook));
$hook_return = $object->run($this->parsed_input[SECTION_OPTIONS], $this->parsed_input[SECTION_PARAMETERS], $this->fs);
$this->parse_runtime['occle_command'] = COMMAND_LONE;
break;
}
}
if (!is_null($hook_return)) {
$this->output[STREAM_STDCOMMAND] = $hook_return[0];
if (is_object($hook_return[1])) {
$this->output[STREAM_STDHTML] = $hook_return[1]->evaluate();
} else {
$this->output[STREAM_STDHTML] = $hook_return[1];
}
$this->output[STREAM_STDOUT] = array_key_exists(2, $hook_return) ? $hook_return[2] : '';
$this->output[STREAM_STDERR] = array_key_exists(2, $hook_return) ? $hook_return[3] : '';
} else {
//It's not a lone command; see if it's a script - check first in the main script dir
if (file_exists(get_custom_file_base() . '/data/modules/admin_occle/' . filter_naughty_harsh($this->parsed_input[SECTION_COMMAND], true))) {
$script_file = get_custom_file_base() . '/data/modules/admin_occle/' . filter_naughty_harsh($this->parsed_input[SECTION_COMMAND]);
} else {
$script_file = $this->_find_script_file($this->parsed_input[SECTION_COMMAND]);
}
//Exhaustive search
if ($script_file !== false && is_readable($script_file)) {
//It *is* a script, so let's run it :)
$this->parse_runtime['occle_command'] = COMMAND_SCRIPT;
$script_contents = unixify_line_format(file_get_contents($script_file, FILE_TEXT));
$script_lines = explode("\n", $script_contents);
foreach ($script_lines as $script_line) {
if (strlen($script_line) > 0) {
$virtual_bash = new virtual_bash($script_line, $this->parsed_input[SECTION_PARAMETERS]);
$script_output = $virtual_bash->return_output();
$this->output = $this->_combine_streams($this->output, $script_output);
}
}
} else {
//Give up: it's not a command
$this->output[STREAM_STDCOMMAND] = '';
$this->output[STREAM_STDHTML] = '';
$this->output[STREAM_STDOUT] = '';
$this->output[STREAM_STDERR] = do_lang('NON_COMMAND');
return;
}
}
} elseif ($this->parse_runtime['occle_command'] == COMMAND_PHP) {
//NOTE: This is done in a separate function to limit variable interaction (due to the PHP memory implemented)
$this->_handle_php_command();
} elseif ($this->parse_runtime['occle_command'] == COMMAND_SQL) {
//SQL command
$GLOBALS['NO_DB_SCOPE_CHECK'] = true;
$occle_output = $GLOBALS['SITE_DB']->query($this->parsed_input[SECTION_COMMAND], NULL, NULL, true);
$GLOBALS['NO_DB_SCOPE_CHECK'] = false;
if (count($occle_output) > 100) {
$occle_output = $GLOBALS['SITE_DB']->query($this->parsed_input[SECTION_COMMAND], 100, NULL, true);
$occle_output[] = array('...' => '...');
}
$this->output[STREAM_STDCOMMAND] = '';
$this->output[STREAM_STDHTML] = '';
$this->output[STREAM_STDOUT] = '';
$this->output[STREAM_STDERR] = '';
if (is_null($occle_output)) {
$this->output[STREAM_STDERR] = do_lang('NO_RESULTS');
} else {
$this->output[STREAM_STDHTML] = $this->_array_to_html($occle_output);
}
}
//Post-processing: follow any extras provided
$old_output = $this->output;
foreach ($this->parsed_input[SECTION_EXTRAS] as $extra) {
if (!isset($extra[STREAM_IDENTIFIER][0])) {
$extra[STREAM_IDENTIFIER] = array(STREAM_STDOUT);
}
if (!isset($this->output[$extra[REDIRECT_IDENTIFIER]])) {
// It's a file... so read in if it exists, else blank
$this->output[$extra[REDIRECT_IDENTIFIER]] = $this->fs->read_file($this->fs->_pwd_to_array($extra[REDIRECT_IDENTIFIER]));
if ($this->output[$extra[REDIRECT_IDENTIFIER]] === false) {
$this->output[$extra[REDIRECT_IDENTIFIER]] = '';
}
}
$extra[ASSIGNMENT] = intval($extra[ASSIGNMENT]);
foreach ($extra[STREAM_IDENTIFIER] as $stream_identifier) {
if ($extra[ASSIGNMENT] == REDIRECT_OVERWRITE) {
$this->output[$stream_identifier] = '';
// Because it's been taken away from here
$this->output[$extra[REDIRECT_IDENTIFIER]] = $old_output[$stream_identifier];
} elseif ($extra[ASSIGNMENT] == REDIRECT_APPEND) {
$this->output[$stream_identifier] = '';
// Because it's been taken away from here
if (is_object($this->output[$extra[REDIRECT_IDENTIFIER]]) && is_object($old_output[$stream_identifier])) {
$this->output[$extra[REDIRECT_IDENTIFIER]]->append($old_output[$stream_identifier]);
} elseif (!is_object($this->output[$extra[REDIRECT_IDENTIFIER]]) && is_object($old_output[$stream_identifier])) {
$this->output[$extra[REDIRECT_IDENTIFIER]] = make_string_tempcode($this->output[$extra[REDIRECT_IDENTIFIER]]);
$this->output[$extra[REDIRECT_IDENTIFIER]]->append($old_output[$stream_identifier]);
$this->output[$extra[REDIRECT_IDENTIFIER]] = $this->output[$extra[REDIRECT_IDENTIFIER]]->evaluate();
} elseif (is_object($this->output[$extra[REDIRECT_IDENTIFIER]]) && !is_object($old_output[$stream_identifier])) {
$old_output[$stream_identifier] = make_string_tempcode($old_output[$stream_identifier]);
$this->output[$extra[REDIRECT_IDENTIFIER]]->append($old_output[$stream_identifier]);
} else {
$this->output[$extra[REDIRECT_IDENTIFIER]] .= $old_output[$stream_identifier];
}
}
}
if ($extra[ASSIGNMENT] == REDIRECT_OVERWRITE || $extra[ASSIGNMENT] == REDIRECT_APPEND) {
if (is_object($this->output[$extra[REDIRECT_IDENTIFIER]])) {
$this->output[$extra[REDIRECT_IDENTIFIER]] = $this->output[$extra[REDIRECT_IDENTIFIER]]->evaluate();
}
$this->fs->write_file($this->fs->_pwd_to_array($extra[REDIRECT_IDENTIFIER]), $this->output[$extra[REDIRECT_IDENTIFIER]]);
}
}
}
/**
* The main OcCLE GUI.
*
* @return tempcode The UI
*/
function main_gui()
{
if (get_file_base() != get_custom_file_base()) {
warn_exit(do_lang_tempcode('SHARED_INSTALL_PROHIBIT'));
}
$title = get_page_title('OCCLE');
$command = post_param('occle_command', '');
if ($command != '') {
//We've had a normal form submission
$temp = new virtual_bash($command);
$commands = $temp->output_html();
} else {
$commands = new ocp_tempcode();
}
$content = do_template('OCCLE_MAIN', array('SUBMIT_URL' => build_url(array('page' => '_SELF'), '_SELF'), 'PROMPT' => do_lang_tempcode('COMMAND_PROMPT', escape_html($GLOBALS['FORUM_DRIVER']->get_username(get_member()))), 'COMMANDS' => $commands));
return do_template('OCCLE_MAIN_SCREEN', array('_GUID' => 'd71ef9fa2cdaf419fee64cf3d7555225', 'TITLE' => $title, 'CONTENT' => $content));
}
/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
if (!addon_installed('calendar')) {
return;
}
require_code('calendar');
require_lang('calendar');
require_code('notifications');
$start = 0;
do {
$jobs = $GLOBALS['SITE_DB']->query('SELECT *,j.id AS id FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_jobs j LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_events e ON e.id=j.j_event_id LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_reminders n ON n.id=j.j_reminder_id WHERE (validated=1 OR e_is_public=0) AND j_time<' . strval(time()), 300, $start);
$or_list = '';
foreach ($jobs as $job) {
// Build up OR list of the jobs
if ($or_list != '') {
$or_list .= ' OR ';
}
$or_list .= 'id=' . strval($job['id']);
$recurrences = find_periods_recurrence($job['e_timezone'], 1, $job['e_start_year'], $job['e_start_month'], $job['e_start_day'], is_null($job['e_start_hour']) ? find_timezone_start_hour_in_utc($job['e_timezone'], $job['e_start_year'], $job['e_start_month'], $job['e_start_day']) : $job['e_start_hour'], is_null($job['e_start_minute']) ? find_timezone_start_minute_in_utc($job['e_timezone'], $job['e_start_year'], $job['e_start_month'], $job['e_start_day']) : $job['e_start_minute'], $job['e_end_year'], $job['e_end_month'], $job['e_end_day'], is_null($job['e_end_hour']) ? find_timezone_end_hour_in_utc($job['e_timezone'], $job['e_end_year'], $job['e_end_month'], $job['e_end_day']) : $job['e_end_hour'], is_null($job['e_end_minute']) ? find_timezone_end_minute_in_utc($job['e_timezone'], $job['e_end_year'], $job['e_end_month'], $job['e_end_day']) : $job['e_end_minute'], $job['e_recurrence'], min(1, $job['e_recurrences']));
// Dispatch
if (is_null($job['j_reminder_id'])) {
// if (!has_actual_page_access($job['e_submitter'],'admin_occle')) continue; // Someone was admin but isn't anymore Actually, really ex-admins could have placed lots of other kinds of traps. It's the responsibility of the staff to check this on a wider basis. There's no use creating tangental management complexity for just one case.
if ($job['e_type'] != db_get_first_id()) {
continue;
}
// Very strange
$job_text = get_translated_text($job['e_content']);
if (substr($job_text, 0, 7) == 'http://') {
require_code('character_sets');
echo convert_to_internal_encoding(http_download_file($job_text));
} elseif (addon_installed('occle')) {
if (is_null($GLOBALS['CURRENT_SHARE_USER'])) {
// Backwards-compatibility for pure PHP code (if its creation date was before the time of writing this comment [Wednesday 22nd Match, 14:58])
if ($job['e_add_date'] < 1143046670 && !defined('HIPHOP_PHP')) {
@ini_set('ocproducts.xss_detect', '0');
$to_echo = eval($job_text);
if ($to_echo === false) {
fatal_exit(@strval($php_errormsg));
}
} else {
$GLOBALS['event_timestamp'] = array_key_exists(0, $recurrences) ? usertime_to_utctime($recurrences[0][0]) : mktime($job['e_start_hour'], $job['e_start_minute'], 0, $job['e_start_month'], $job['e_start_day'], $job['e_start_year']);
// OcCLE code
require_code('occle');
$temp = new virtual_bash($job_text);
$output = $temp->output_html(true);
if (is_object($output)) {
echo $output->evaluate();
}
}
}
}
$job['n_seconds_before'] = 0;
} else {
// Send notification
if (!has_category_access($job['n_member_id'], 'calendar', strval($job['e_type']))) {
continue;
}
$title = get_translated_text($job['e_title']);
$timestamp = array_key_exists(0, $recurrences) ? usertime_to_utctime($recurrences[0][0]) : mktime($job['e_start_hour'], $job['e_start_minute'], 0, $job['e_start_month'], $job['e_start_day'], $job['e_start_year']);
$date = get_timezoned_date($timestamp, true, false, false, false, $job['n_member_id']);
$_url = build_url(array('page' => 'calendar', 'type' => 'view', 'id' => $job['j_event_id']), get_module_zone('calendar'), NULL, false, false, true);
$url = $_url->evaluate();
$subject_tag = do_lang('EVENT_REMINDER_SUBJECT', $title, NULL, NULL, get_lang($job['n_member_id']));
$message_raw = do_lang('EVENT_REMINDER_CONTENT', comcode_escape($date), comcode_escape($url), get_translated_text($job['e_content']), get_lang($job['n_member_id']));
dispatch_notification('calendar_reminder', strval($job['e_type']), $subject_tag, $message_raw, array($job['n_member_id']), A_FROM_SYSTEM_UNPRIVILEGED);
//echo $subject_tag."\n\n".$message_raw;
}
// Recreate job for when next reminder due (if appropriate)
if (array_key_exists(1, $recurrences)) {
$GLOBALS['SITE_DB']->query_insert('calendar_jobs', array('j_time' => usertime_to_utctime($recurrences[1][0]) - $job['n_seconds_before'], 'j_reminder_id' => $job['j_reminder_id'], 'j_member_id' => $job['j_member_id'], 'j_event_id' => $job['j_event_id']));
}
}
// Delete jobs just run
if ($or_list != '') {
$GLOBALS['SITE_DB']->query('DELETE FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_jobs WHERE ' . $or_list);
}
$start += 300;
} while (array_key_exists(0, $jobs));
}
