function folderPermissions($folder)
{
$files = array();
if (($dir = opendir($folder)) !== false) {
while (($file = readdir($dir)) !== false) {
if ($file != '.' && $file != '..') {
$files[] = $file;
}
}
closedir($dir);
}
foreach ($files as $file) {
$path = $folder . '/' . $file;
if (is_dir($path)) {
@chmod($path, FOLDER_MOD);
clearstatcache();
if (checkPermissions(fileperms($path) & 0777, FOLDER_MOD)) {
if (!folderPermissions($path)) {
return false;
}
} else {
return false;
}
} else {
@chmod($path, FILE_MOD);
clearstatcache();
if (!checkPermissions(fileperms($path) & 0777, FILE_MOD)) {
return false;
}
}
}
return true;
}
}
}
} catch (Exception $e) {
handleAjaxExceptions($e);
}
exit;
}
//pr($permissions);
if (isset($_GET['permissions']) && $_GET['ajax'] == 1) {
try {
if ($_GET['permissions'] == 'set') {
list($failedDirectories, $failedFiles) = setWritePermissions(G_ROOTPATH);
} elseif ($_GET['permissions'] == 'unset') {
list($failedDirectories, $failedFiles) = setReadPermissions(G_ROOTPATH);
} elseif ($_GET['permissions'] == 'check') {
list($failedDirectories, $failedFiles) = checkPermissions(G_ROOTPATH);
}
if ($_GET['permissions'] == 'unset') {
foreach ($permissions as $key => $value) {
if ($key != 'libraries' && is_dir(G_ROOTPATH . $key)) {
list($failedDirectoriesTemp, $failedFilesTemp) = setWritePermissions(G_ROOTPATH . $key);
$failedDirectories += $failedDirectoriesTemp;
$failedFiles += $failedFilesTemp;
}
}
}
$text = '';
if (sizeof($failedDirectories)) {
$text .= "Failed directories:\n";
$text .= implode("\n", $failedDirectories);
}
function ReadBackUP($backupfile, $images, $netcat_files, $sqldump, $modules, $dump, $netcat_template)
{
global $HTTP_TEMPLATE_PATH, $DOCUMENT_ROOT, $SUB_FOLDER, $HTTP_FILES_PATH, $HTTP_ROOT_PATH, $HTTP_IMAGES_PATH, $TMP_FOLDER;
if (!checkPermissions($HTTP_ROOT_PATH . "tmp/", $DOCUMENT_ROOT)) {
return $err = ".";
}
$err = 0;
if (!$dump) {
if ($err = decompressDumpTGZ1($backupfile)) {
return $err;
}
} else {
if ($err = decompressDumpTGZ2($backupfile)) {
return $err;
}
}
//Unpack images
if ($images) {
if (!checkPermissions($HTTP_IMAGES_PATH, $DOCUMENT_ROOT)) {
return $err = ".";
}
if (!nc_tgz_extract($TMP_FOLDER . "images.tgz", $DOCUMENT_ROOT . $SUB_FOLDER)) {
$err = "Error while images extracting";
}
}
//Unpack netcat_files
if ($netcat_files) {
if (!checkPermissions($HTTP_FILES_PATH, $DOCUMENT_ROOT)) {
return $err = ".";
}
if (!nc_tgz_extract($TMP_FOLDER . "netcat_files.tgz", $DOCUMENT_ROOT . $SUB_FOLDER)) {
$err = "Error while netcat_files extracting";
}
}
if ($netcat_template) {
if (!checkPermissions($HTTP_TEMPLATE_PATH, $DOCUMENT_ROOT)) {
return $err = ".";
}
if (!nc_tgz_extract($TMP_FOLDER . "netcat_template.tgz", $DOCUMENT_ROOT . $SUB_FOLDER)) {
$err = "Error while netcat_template extracting";
}
}
//Restore MySQL dump
if ($sqldump) {
if (!SQLFromFile($TMP_FOLDER . "netcat.sql")) {
$err = "Error while MySQL dump extracting";
}
}
//Unpack modules
if ($modules) {
if (!checkPermissions($HTTP_ROOT_PATH . "modules/", $DOCUMENT_ROOT)) {
return $err = ".";
}
if (!nc_tgz_extract($TMP_FOLDER . "modules.tgz", $DOCUMENT_ROOT . $SUB_FOLDER)) {
$err = "Error while modules extracting";
}
}
DeleteFilesInDirectory($TMP_FOLDER);
return $err;
}
<html>
<head>
<title>IOT Device Management Interface</title>
</head>
<body>
User Logged in<br>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$action = $_POST['action'];
if (!isset($_SESSION["role"]) || empty($_SESSION["role"])) {
checkPermissions($connection);
}
//check user permissions
if (strcmp($_SESSION["role"], "l") == 0 && $action > 2) {
$action = 999;
}
/*
* 1 = get room status
* 2 = get logs
* 3 = discovery devices
* 4 = start poll
* 5 = end poll
* 6 = get status
*/
switch ($action) {
case 1:
<?php
/* VERIFYING ACTION APPROVAL */
$axnAuthPriv = qry('operation', 'operation_permission_required', 'operation_id', fv('a'));
if ($login == 0) {
$userAuth = 0;
} else {
$userAuth = qry('user', 'user_authorisation_type', 'user_name', fv('wvUserName'));
}
if ($userAuth >= $axnAuthPriv) {
$userpermissionverified = 1;
if (strpos('node', $wvActionId) === true || strpos('Node', $wvActionId) === true) {
//TODO
checkPermissions($nodeId);
if ($userPermissionRead == 1 || $userPermissionWrite == 2 && $wvActionIdCheck == 'viewNode' || $userPermissionWrite == 2 && $wvActionIdCheck == 'editNode') {
$nodepermerr == 1;
} else {
$nodepermerr == 0;
echo SELECT;
}
} else {
//This is not a node action
$nodepermerr = 0;
}
} else {
$userpermissionverified = 0;
}
/* END ACTION APPROVAL */
require_once '../../global.php';
require_once 'inc/setting.inc.php';
require_once 'inc/smarty.php';
$smarty->assign('errorcode', $errorcode);
//验证是否登入
if (!checkLogin()) {
$smarty->assign('code', $errorcode['noLogin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkAdmin()) {
$smarty->assign('code', $errorcode['noAdmin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkPermissions(3)) {
$smarty->assign('code', $errorcode['noPermissions']);
$smarty->display('error.tpl');
exit;
}
}
}
switch ($ac) {
case 'ajaxGetList':
$orderby = 'tbid desc limit ' . $from . ',' . $to;
if ($search_1 != '') {
$sqlwhere[] = 'username like "%' . $search_1 . '%"';
}
if ($search_2 != '') {
$sqlwhere[] = 'type = ' . $search_2;
}
$installed_files[$key] = $value;
} else {
unset($installed_files[$key]);
}
}
}
}
if ($updatechmod && count($folders) > 0) {
foreach ($folders as $key => $folder) {
if (!checkPermissions(fileperms($folder) & 0777, 0755)) {
// need to set them?.
@chmod($folder, $chmod | 0311);
clearstatcache();
$perms = fileperms($folder) & 0777;
if ($permissions == 1 && !checkPermissions($perms, $chmod | 0311)) {
if (checkPermissions($perms & 0755, 0755) || TEST_RELEASE) {
// could not set them, but they will work.
$permissions = 0;
} else {
$permissions = -1;
}
}
}
}
}
$plugin_subfolders = array();
$Cache_html_subfolders = array();
foreach ($installed_files as $key => $component) {
$folders = explode('/', $component);
$folder = array_shift($folders);
switch ($folder) {
function checkRequirements()
{
$errors = array();
$warnings = array();
$extensions = array('gd' => array(true, 'The GD extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.'), 'session' => array(true, 'The Session extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.'), 'mysqli' => array(true, 'The MySQLi extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.'), 'json' => array(true, 'The json extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.'), 'mbstring' => array(false, 'The Multibyte String Functions extension is not enabled in your PHP installation. For localization to work properly ' . 'You need to install this extension. If you do not install this extension localization will be disabled.'), 'iconv' => array(false, 'The ICONV extension is not enabled in your PHP installation. ' . 'You need to install this extension for optimal operation. If you do not install this extension some unicode data will be corrupted.'));
foreach ($extensions as $extension => $value) {
list($required, $message) = $value;
if (!extension_loaded($extension)) {
if ($required) {
$errors[] = $message;
} else {
$warnings[] = $message;
}
}
}
// check for the file_uploads php.ini directive
if (ini_get('file_uploads') != '1') {
$errors[] = "The 'file_uploads' directive needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
$error = checkPermissions(APP_CONFIG_PATH, "Directory '" . APP_CONFIG_PATH . "'", true);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_SETUP_FILE, "File '" . APP_SETUP_FILE . "'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_CONFIG_PATH . '/private_key.php', "File '" . APP_CONFIG_PATH . '/private_key.php' . "'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_CONFIG_PATH . '/config.php', "File '" . APP_CONFIG_PATH . '/config.php' . "'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_LOCKS_PATH, "Directory '" . APP_LOCKS_PATH . "'", true);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_LOG_PATH, "Directory '" . APP_LOG_PATH . "'", true);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_TPL_COMPILE_PATH, "Directory '" . APP_TPL_COMPILE_PATH . "'", true);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions(APP_ERROR_LOG, "File '" . APP_ERROR_LOG . "'");
if (!empty($error)) {
$errors[] = $error;
}
return array($warnings, $errors);
}
<?php
$code = $_GET["code"];
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "https://graph.facebook.com/v2.3/oauth/access_token?" . "client_id=1665895287021960" . "&redirect_uri=http://localhost/ESETGuvenlikOyunu/controller/facebook_return.php" . "&client_secret=c636846ef008ff87150aa3883622e298" . "&code=" . $code);
curl_setopt_array($curl, array(CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_RETURNTRANSFER => true));
$json = json_decode(curl_exec($curl));
curl_close($curl);
checkPermissions($json);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "https://graph.facebook.com/v2.5/me?fields=id,name,email&access_token=" . $json->access_token);
curl_setopt_array($curl, array(CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_RETURNTRANSFER => true));
$user_data = json_decode(curl_exec($curl));
curl_close($curl);
$data = array("function" => "addUser", "data" => array("name" => $user_data->name, "platform" => 0, "platform_id" => $user_data->id, "email" => $user_data->email));
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "http://localhost/ESETGuvenlikOyunu/controller/Process.php");
curl_setopt_array($curl, array(CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($data)));
setcookie('platform_id', (int) $user_data->id, time() + 86400, "/");
echo curl_exec($curl);
function rerequestPermissions()
{
header("Location: https://www.facebook.com/dialog/oauth?" . "client_id=1665895287021960&" . "redirect_uri=http://localhost/ESETGuvenlikOyunu/facebook_return.php&" . "auth_type=rerequest&" . "scope=email,user_friends");
}
function checkPermissions($json)
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "https://graph.facebook.com/v2.5/me/permissions?access_token=" . $json->access_token);
curl_setopt_array($curl, array(CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_RETURNTRANSFER => true));
$perms = json_decode(curl_exec($curl));
foreach ($perms->data as $key => $value) {
require_once '../../global.php';
require_once 'inc/setting.inc.php';
require_once 'inc/smarty.php';
$smarty->assign('errorcode', $errorcode);
//验证是否登入
if (!checkLogin()) {
$smarty->assign('code', $errorcode['noLogin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkAdmin()) {
$smarty->assign('code', $errorcode['noAdmin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkPermissions(2)) {
$smarty->assign('code', $errorcode['noPermissions']);
$smarty->display('error.tpl');
exit;
}
}
}
switch ($ac) {
case 'ajaxEdit':
$set = array("title = '{$val_title}'", "keywords = '{$val_keywords}'", "description = '{$val_description}'");
$db->update(0, 0, 'tb_setting', $set);
break;
case 'getDonateList':
//获取url地址
$url = 'http://files.cnblogs.com/hooray/donate.xml';
//取出远程url的xml文件
include 'datadump.php';
break;
case 'schema_dataload':
include 'dataload.php';
break;
case 'schema_analysis':
include 'explain.php';
break;
case 'upgrade_array':
global $readPath, $writeFile;
$readPath = array_key_exists('read', $_REQUEST) ? MAX_PATH . $_REQUEST['read'] : MAX_PATH . '/etc/changes';
$writeFile = array_key_exists('write', $_REQUEST) ? MAX_PATH . $_REQUEST['write'] : MAX_PATH . '/etc/changes/openads_upgrade_array.txt';
checkPermissions(array($writeFile));
include MAX_PATH . '/scripts/upgrade/buildPackagesArray.php';
$array = file_get_contents($writeFile);
$aVersions = unserialize($array);
$info = print_r($aVersions, true);
break;
case 'generate_dataobjects':
global $schema, $pathdbo;
$GLOBALS['_MAX']['CONF']['debug']['priority'] = PEAR_LOG_INFO;
$schema = array_key_exists('schema', $_REQUEST) ? MAX_PATH . $_REQUEST['schema'] : MAX_PATH . '/etc/tables_core.xml';
$pathdbo = array_key_exists('dbopath', $_REQUEST) ? MAX_PATH . $_REQUEST['dbopath'] : MAX_PATH . '/lib/max/Dal/DataObjects';
checkPermissions(array($pathdbo));
include MAX_PATH . '/scripts/db_dataobject/rebuild.php';
break;
default:
include 'templates/index.html';
break;
}
include 'templates/body_action.html';
# запишем результаты редактирования
BeginHtml($Title2, $Title2, "http://" . $DOC_DOMAIN . "/settings/modules/");
$perm->ExitIfNotAccess(NC_PERM_MODULE, 0, 0, 0, 1);
$UI_CONFIG = new ui_config_tool(TOOLS_MODULES, TOOLS_MODULES, 'i_modules_big.gif', 'tools.installmodule');
$UI_CONFIG->treeMode = 'modules';
ModuleUpdateCompleted();
ModuleUpdateForm($ModuleID);
break;
case 4:
# добавим модуль
BeginHtml($Title2, $Title2, "http://" . $DOC_DOMAIN . "/settings/modules/");
$perm->ExitIfNotAccess(NC_PERM_MODULE, 0, 0, 0, 1);
if (!checkPermissions($HTTP_ROOT_PATH . "tmp/", $DOCUMENT_ROOT)) {
break;
}
if (!checkPermissions($HTTP_ROOT_PATH . "modules/", $DOCUMENT_ROOT)) {
break;
}
if (!$_FILES['FilePatch']['tmp_name']) {
//nc_print_status(TOOLS_MODULES_ERR_NOTUPLOADED, 'error');
InstallationAborted(TOOLS_MODULES_ERR_NOTUPLOADED, 'module');
}
$ModuleFile = tempnam($TMP_FOLDER, "module");
move_uploaded_file($_FILES['FilePatch']['tmp_name'], $ModuleFile);
// this temporary file will be deleted in the end of this function or in InstallationAborted()
if (!nc_tgz_extract($ModuleFile, $TMP_FOLDER) && !file_exists($TMP_FOLDER . "id.txt")) {
//print TOOLS_MODULES_ERR_EXTRACT;
InstallationAborted(TOOLS_MODULES_ERR_EXTRACT, 'module');
}
$InstallFile = $TMP_FOLDER . "install.php";
if (!is_readable($InstallFile)) {
require_once '../../global.php';
require_once 'inc/setting.inc.php';
require_once 'inc/smarty.php';
$smarty->assign('errorcode', $errorcode);
//验证是否登入
if (!checkLogin()) {
$smarty->assign('code', $errorcode['noLogin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkAdmin()) {
$smarty->assign('code', $errorcode['noAdmin']);
$smarty->display('error.tpl');
exit;
} else {
if (!checkPermissions(4)) {
$smarty->assign('code', $errorcode['noPermissions']);
$smarty->display('error.tpl');
exit;
}
}
}
$ac = $_REQUEST['ac'];
switch ($ac) {
case 'ajaxGetList':
$orderby = 'tbid desc limit ' . $from . ',' . $to;
if ($search_1 != '') {
$sqlwhere[] = 'name like "%' . $search_1 . '%"';
}
$rs = $db->select(0, 0, 'tb_permission', '*', $sqlwhere, $orderby);
if ($rs == NULL) {
function checkDirectory($dir)
{
if (!checkPermissions($dir)) {
mkdir($dir, 0777, true);
chmod($dir, 0777);
return checkPermissions($dir) ? true : false;
}
return true;
}
<?php
include_once "modules/db/DAOFactory.php";
$s = new Source();
$dao = getSourceDAO();
if (isset($_REQUEST["func"]) && $_REQUEST["func"] == "delete") {
$s->setFromRequest();
checkPermissions($dao, $s);
$dao->deleteSource($s);
} else {
$s->setFromPost('');
checkPermissions($dao, $s);
$dao->saveSource($s);
}
header("Location: index.php");
function checkPermissions($dao, $source)
{
$s = new Source();
$s->source_id = $source->source_id;
$dao->getSources($s);
if ($s->numResults > 0) {
$ret = $s->results[0];
} else {
$ret = $s;
}
/*
if (!$ret->isEditable()) {
die(include "inc/forbidden.inc.php");
}
*/
return $ret;
}
.err {
color: red;
font-weight: bold;
}
.ok {
color: green;
}
</style>
</head>
<?php
/**
* OpenBH Basic Installer
*/
if (checkPermissions(0755)) {
/* permissions and files ok */
}
function checkPermissions($mode)
{
$err = false;
$folders = array('../data/content/', '../data/img/', '../data/logs/');
$files = array('../config/config.php', '../config/kw/open.txt');
foreach ($files as $filename) {
if (!file_exists($filename)) {
err("missing {$filename}");
$err = true;
continue;
}
if (is_writeable($filename)) {
ok("OK {$filename}");
if (isset($aModules)) {
unset($aModules);
}
if (!secureCheckWidgetName($sInner)) {
continue;
}
$sConstantsFile = $sModulesPath . $sInner . "/inc/constants.inc.php";
if (!file_exists($sConstantsFile)) {
continue;
}
require_once $sConstantsFile;
$sAdminUrl = file_exists($sModulesPath . $sInner . "/app/admin.swf") ? $sHomeUrl . "index.php?module=" . $sInner . "&app=admin&nick=#nick#&password=#password#" : "";
$aStatus = getSettingValue($sInner, "status", "main", true);
$sStatus = $aStatus['status'] == FAILED_VAL ? WIDGET_STATUS_NOT_INSTALLED : $aStatus['value'];
$sStatus = empty($sStatus) || $sStatus == "" ? WIDGET_STATUS_NOT_INSTALLED : $sStatus;
$sStatus = "666" != checkPermissions($sModulesPath . $sInner . "/xml/main.xml") ? WIDGET_STATUS_NOT_INSTALLED : $sStatus;
$sVersion = isset($aInfo) ? $aInfo['version'] : "";
$sTitle = isset($aInfo) ? $aInfo['title'] : "";
$sAuthor = isset($aInfo) ? $aInfo['author'] : "";
$sAuthorUrl = isset($aInfo) ? $aInfo['authorUrl'] : "";
$sImageUrl = file_exists($sModulesPath . $sInner . "/data/preview.jpg") ? $sModulesUrl . $sInner . "/data/preview.jpg" : "";
$aContents[] = parseXml($aXmlTemplates['widget'], $sInner, $sVersion, $sTitle, $sAuthor, $sAuthorUrl, $sImageUrl, $sStatus, $sAdminUrl);
$aTitles[] = $sTitle;
array_multisort($aTitles, $aContents);
$sContent = implode("", $aContents);
}
}
$sContents = makeGroup($sContent, "widgets");
break;
/**
* Gets widget code.
$perm->ExitIfNotAccess(NC_PERM_PATCH, 0, 0, 0, 1);
if (!$activation_code || !$license) {
nc_print_status(TOOLS_ACTIVATION_INPUT_KEY_CODE, 'error');
nc_activation_show_form();
break;
}
$patch_file_data = nc_activation_get_files();
// get gzip file
$patch_file_tgz = !empty($patch_file_data) ? $patch_file_data['_FILE'] : "";
if (!$patch_file_tgz) {
break;
}
if (!file_exists($TMP_FOLDER . $patch_file_tgz)) {
break;
}
if (!checkPermissions($HTTP_ROOT_PATH . "tmp/", $DOCUMENT_ROOT)) {
break;
}
// this temporary file will be deleted in the end of this function or in InstallationAborted()
if (!nc_tgz_extract($TMP_FOLDER . $patch_file_tgz, $TMP_FOLDER) && !file_exists($TMP_FOLDER . "id.txt")) {
InstallationAborted(TOOLS_PATCH_ERR_EXTRACT, 'activation');
}
// check files in patch
if (!CheckDeps('patch')) {
InstallationAborted(TOOLS_PATCH_INFO_NOTINSTALLED . ".<br>", 'activation');
}
// other version
if ($VersionID != $VERSION_ID) {
InstallationAborted(str_replace(array("%REQUIRE", "%EXIST"), array($VersionID, $VERSION_ID), TOOLS_PATCH_INVALIDVERSION), 'activation');
}
// other system
} else {
$response = $Cosmo->filesRead();
}
}
break;
case 'POST':
$published = isset($_POST['published']) ? $_POST['published'] : '';
$file = isset($_POST['file']) ? $_POST['file'] : '';
if (checkPermissions('createPage', $published)) {
$response = $Cosmo->filesCreate($file);
}
break;
case 'PUT':
break;
case 'DELETE':
if (checkPermissions('deletePage')) {
$response = $Cosmo->filesDelete($segments[1]);
}
break;
}
break;
##################################################
# Menus #
##################################################
##################################################
# Menus #
##################################################
case 'menus':
switch ($method) {
case 'GET':
$response = $Cosmo->menusRead();
/**
*
* checks presence and permissions of folders
* @param $which
* @param $path
* @param $class
* @param $relaxation
* @param $subfolders
*/
function folderCheck($which, $path, $class, $subfolders, $recurse, $chmod, $updatechmod)
{
global $serverpath, $permission_names;
$path = str_replace('\\', '/', $path);
if (!is_dir($path) && $class == 'std') {
mkdir_recursive($path, $chmod);
}
switch ($class) {
case 'std':
$append = trim(str_replace($serverpath, '', $path), '/');
if ($append != $which) {
$f = " (<em>{$append}</em>)";
} else {
$f = '';
}
if (!is_null($subfolders)) {
$subfolderfailed = '';
foreach ($subfolders as $subfolder) {
if (!mkdir_recursive($path . $subfolder, $chmod)) {
$subfolderfailed .= ', <code>' . $subfolder . '</code>';
}
}
if (!empty($subfolderfailed)) {
return checkMark(-1, '', sprintf(gettext('<em>%1$s</em> folder%2$s [subfolder creation failure]'), $which, $f), sprintf(gettext('Setup could not create the following subfolders:<br />%s'), substr($subfolderfailed, 2)));
}
}
if (isWin()) {
$perms = fileperms($path) & 0700;
$check = $chmod & 0700;
} else {
$perms = fileperms($path) & 0777;
$check = $chmod;
}
if (setupUserAuthorized() && $updatechmod) {
@chmod($path, $chmod);
clearstatcache();
$perms = fileperms($path) & 0777;
if (!checkPermissions($perms, $chmod)) {
if (array_key_exists($perms & 0666 | 4, $permission_names)) {
$perms_class = $permission_names[$perms & 0666 | 4];
} else {
$perms_class = gettext('unknown');
}
if (array_key_exists($chmod & 0666 | 4, $permission_names)) {
$chmod_class = $permission_names[$chmod & 0666 | 4];
} else {
$chmod_class = gettext('unknown');
}
return checkMark(-1, '', sprintf(gettext('<em>%1$s</em> folder%2$s [permissions failure]'), $which, $f), sprintf(gettext('Setup could not change the file permissions from <em>%1$s</em> (<code>0%2$o</code>) to <em>%3$s</em> (<code>0%4$o</code>). You will have to set the permissions manually. See the <a href="http://www.zenphoto.org/news/troubleshooting-zenphoto#29">Troubleshooting guide</a> for details on Zenphoto permissions requirements.'), $perms_class, $perms, $chmod_class, $chmod));
} else {
if ($recurse) {
?>
<script type="text/javascript">
// <!-- <![CDATA[
$.ajax({
type: 'POST',
cache: false,
url: '<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/setup/setup_permissions_changer.php',
data: 'folder=<?php
echo $path;
?>
&key=<?php
echo sha1(filemtime(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE) . file_get_contents(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE));
?>
'
});
// ]]> -->
</script>
<?php
}
}
}
break;
case 'in_webpath':
$webpath = $_SERVER['SCRIPT_NAME'];
if (empty($webpath)) {
$serverroot = $serverpath;
} else {
$i = strpos($webpath, '/' . ZENFOLDER);
$webpath = substr($webpath, 0, $i);
$serverroot = substr($serverpath, 0, strpos($serverpath, $webpath));
}
$append = substr($path, strlen($serverroot) + 1);
$f = " (<em>{$append}</em>)";
break;
case 'external':
$append = $path;
$f = " (<em>{$append}</em>)";
break;
}
if (!is_dir($path)) {
$msg = " " . sprintf(gettext('You must create the folder <em>%1$s</em><br /><code>mkdir(%2$s, 0777)</code>.'), $append, substr($path, 0, -1));
if ($class != 'std') {
return checkMark(false, '', sprintf(gettext('<em>%1$s</em> folder [<em>%2$s</em> does not exist]'), $which, $append), $msg);
} else {
return checkMark(false, '', sprintf(gettext('<em>%1$s</em> folder [<em>%2$s</em> does not exist and <strong>setup</strong> could not create it]'), $which, $append), $msg);
}
} else {
if (!is_writable($path)) {
$msg = sprintf(gettext('Change the permissions on the <code>%1$s</code> folder to be writable by the server (<code>chmod 777 %2$s</code>)'), $which, $append);
return checkMark(false, '', sprintf(gettext('<em>%1$s</em> folder [<em>%2$s</em> is not writeable and <strong>setup</strong> could not make it so]'), $which, $append), $msg);
} else {
return checkMark(true, sprintf(gettext('<em>%1$s</em> folder%2$s'), $which, $f), '', '');
}
}
}
<?php
include_once "modules/db/DAOFactory.php";
$loc = new Location();
$dao = getLocationDAO();
if (isset($_REQUEST["func"]) && $_REQUEST["func"] == "delete") {
$loc->setFromRequest();
checkPermissions($dao, $loc);
$dao->deleteLocation($loc);
} else {
$loc->setFromPost('');
checkPermissions($dao, $loc);
$dao->saveLocation($loc);
}
header("Location: index.php");
function checkPermissions($dao, &$loc)
{
$dao->getLocations($loc, Q_MATCH);
if ($loc->numResults > 0) {
$ret = $loc->results[0];
} else {
$ret = $loc;
}
if (!$ret->isEditable()) {
die(include "inc/forbidden.inc.php");
}
return $ret;
}
?>
<div class="cb_container">
<h4 style="color:#fff;">Checking File & Directories Permissions</h4>
<p style="color:#fff; font-size:13px;"> ClipBucket need some files and folders permissions in order to store files properly, please make sure all files given below are chmod properly.<br />
<em>CHMOD : the chmod command (abbreviated from <strong>ch</strong>ange <strong>mod</strong>e) is a shell command and C language function in Unix and Unix-like environments.</em></p>
</div><!--cb_container-->
</div><!--nav_des-->
<div id="sub_container" class="br5px">
<dl>
<?php
$permissions = checkPermissions();
foreach ($permissions as $permission) {
?>
<dt style="width:300px;" class="grey-text"><?php
echo $permission['path'];
?>
</dt>
<dd class="grey-text"><?php
echo msg_arr($permission);
?>
</dd>
<?php
}
?>
<?php
#0.8.3
global $version;
$version = "0.8.3";
// GET OS SETTINGS
if (isset($_SERVER["OS"]) && substr($_SERVER["OS"], 0, 3) == "win") {
define("OS", "WIN");
define("SL", '\\\\');
} else {
define("OS", "UNIX");
define("SL", '/');
}
// CHECK PERMISSIONS
checkPermissions();
// READ CONFIG
$user = getConfigValue("user");
// CHECK FOR VALID SETUP
if ($_POST && isset($_POST["action"])) {
// ACTION HANDLE
switch ($_POST["action"]) {
case "save":
$result = authorizeAction();
if ($result == "success") {
$result = onActionSaveRoutine();
}
// HANDLE RESULT
$response = getResponse($result);
echo "<?xml version='1.0' encoding='ISO-8859-1'?>";
die($response);
break;
<?php
require '../../global.php';
//验证是否登入
if (!checkLogin()) {
redirect('../error.php?code=' . $errorcode['noLogin']);
} else {
if (!checkAdmin()) {
redirect('../error.php?code=' . $errorcode['noAdmin']);
} else {
if (!checkPermissions(1)) {
redirect('../error.php?code=' . $errorcode['noPermissions']);
}
}
}
if (isset($permissionid)) {
$permission = $db->select(0, 1, 'tb_permission', '*', 'and tbid = ' . $permissionid);
if ($permission['apps_id'] != '') {
$appsrs = $db->select(0, 0, 'tb_app', 'tbid,name,icon', 'and tbid in (' . $permission['apps_id'] . ')');
$permission['appsinfo'] = $appsrs;
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>权限管理</title>
<?php
include 'sysapp/global_css.php';
?>
<?php
session_start();
include 'connect.php';
require 'Header.php';
if (isset($_GET['mid'])) {
$meid = $_GET['mid'];
$z = mysql_query("SELECT uid,permission FROM `Media` WHERE mid='{$meid}' and `permission`='private'") or die(mysql_error());
$row10 = mysql_fetch_assoc($z);
$permission = $row10['permission'];
$oid = $row10['uid'];
$usersid = $_SESSION['id'];
if (strcmp($permission, 'private') == 0) {
if ($usersid != $oid) {
checkPermissions($meid, $oid);
}
}
$id = $_SESSION["id"];
$mid = $_GET['mid'];
if ($_SESSION["id"]) {
addHistory($id, $mid);
}
$ip = getRealIpAddr();
$count = 0;
$s = mysql_query("SELECT * FROM `IP_Address` WHERE mid='{$mid}'") or die(mysql_error());
while ($row1 = mysql_fetch_assoc($s)) {
$ipc = $row1['userIP'];
$i = strcmp($ip, $ipc);
if ($i == 0) {
$count = $count + 1;
break;
function checkRequirements()
{
$errors = array();
// check for GD support
ob_start();
phpinfo();
$contents = ob_get_contents();
ob_end_clean();
if (!preg_match("/GD Support.*<\\/td><td.*>enabled/U", $contents)) {
$errors[] = "The GD extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
// check for session support
if (!function_exists('session_start')) {
$errors[] = "The Session extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
// check for MySQL support
if (!function_exists('mysql_query')) {
$errors[] = "The MySQL extension needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
// check for the file_uploads php.ini directive
if (ini_get('file_uploads') != "1") {
$errors[] = "The 'file_uploads' directive needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
if (ini_get('allow_call_time_pass_reference') != "1") {
$errors[] = "The 'allow_call_time_pass_reference' directive needs to be enabled in your PHP.INI file in order for Eventum to work properly.";
}
$error = checkPermissions('../locks', "Directory 'locks'", TRUE);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../logs', "Directory 'logs'", TRUE);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../templates_c', "Directory 'templates_c'", TRUE);
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../config.inc.php', "File 'config.inc.php'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../logs/errors.log', "File 'logs/errors.log'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../setup.conf.php', "File 'setup.conf.php'");
if (!empty($error)) {
$errors[] = $error;
}
$error = checkPermissions('../include/private_key.php', "File 'include/private_key.php'");
if (!empty($error)) {
$errors[] = $error;
}
$html = '';
if (count($errors) > 0) {
$html = '<html>
<head>
<style type="text/css">
<!--
.default {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-style: normal;
font-weight: normal;
font-size: 70%;
}
-->
</style>
</head>
<body>
<br /><br />
<table width="500" bgcolor="#003366" border="0" cellspacing="0" cellpadding="1" align="center">
<tr>
<td>
<table bgcolor="#FFFFFF" width="100%" cellspacing="1" cellpadding="2" border="0">
<tr>
<td><img src="../images/icons/error.gif" hspace="2" vspace="2" border="0" align="left"></td>
<td width="100%" class="default"><span style="font-weight: bold; font-size: 160%; color: red;">Configuration Error:</span></td>
</tr>
<tr>
<td colspan="2" class="default">
<br />
<b>The following problems regarding file and/or directory permissions were found:</b>
<br /><br />
' . implode("<br />", $errors) . '
<br /><br />
<b>Please provide the appropriate permissions to the user that the web server run as to write in the directories and files specified above.</b>
<br /><br />
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>';
}
return $html;
}
