Ejemplo n.º 1
0
 /**
  * handle user request
  */
 function handle()
 {
     if (!isset($_REQUEST['cmd'])) {
         return;
     }
     // first time - nothing to do
     $msg = "";
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     $epub_deletions = array();
     $which = key($_REQUEST['cmd']);
     foreach ($_REQUEST['book_id'] as $md5 => $id) {
         if ($which == 'media') {
             $epub_deletions[] = $this->helper->delete_media($md5);
         }
         $this->helper->delete_page($md5);
     }
     if (is_array($_REQUEST['book_id'])) {
         $this->cache = $this->helper->getCache();
     }
     if (count($epub_deletions)) {
         $this->results = "<b>Results</b><br />";
         $this->results .= implode('<br />', $epub_deletions);
     }
     /* if debugging */
     if ($this->dbg) {
         $this->req = print_r($_REQUEST, true) . $msg . "which={$which}\n";
         $this->req .= print_r($epub_deletions, true);
         $this->req = str_replace("\n", "<br />", $this->req);
     }
 }
Ejemplo n.º 2
0
 /**
  * handle user request
  */
 function handle()
 {
     if (!isset($_REQUEST['cmd'])) {
         return;
         // first time - nothing to do
     }
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     $crud = plugin_load('helper', 'judge_crud', true);
     // verify valid values
     switch (key($_REQUEST['cmd'])) {
         case 'get':
             $this->output = '<div class="table sectionedit1">
                                 <table class="inline">';
             $table = $crud->tableRender(array('problem_name' => $_REQUEST['problem_name'], 'type' => $_REQUEST['type'], 'user' => $_REQUEST['user']), "html", 1, "timestamp");
             if ($table["count"] == 0) {
                 $this->output .= '<p>' . $this->getLang("empty_result") . '</p>';
                 break;
             } else {
                 $this->output .= $table["submissions_table"];
             }
             $this->output .= "</table></div>";
             break;
         case 'delete':
             $this->output = $crud->delSubmissions(array('problem_name' => $_REQUEST['problem_name'], 'type' => $_REQUEST['type'], 'user' => $_REQUEST['user']));
             break;
     }
 }
Ejemplo n.º 3
0
 /**
  * Register the events
  *
  * @param $event DOKU event on ajax call
  * @param $param parameters, ignored
  */
 function _ajax_call(&$event, $param)
 {
     if ($event->data !== 'plugin_explorertree') {
         return;
     }
     //no other ajax call handlers needed
     $event->stopPropagation();
     $event->preventDefault();
     //e.g. access additional request variables
     global $INPUT;
     //available since release 2012-10-13 "Adora Belle"
     if (!checkSecurityToken()) {
         $data = array('error' => true, 'msg' => 'invalid security token!');
     } else {
         switch ($INPUT->str('operation')) {
             case 'explorertree_branch':
                 if (!($helper = plugin_load('helper', 'explorertree'))) {
                     $data = array('error' => true, 'msg' => "Can't load tree helper.");
                     break;
                 }
                 if (!($route = $helper->loadRoute($INPUT->str('route'), $INPUT->arr('loader')))) {
                     $data = array('error' => true, 'msg' => "Can't load route '" . $INPUT->str('route') . "'!");
                 }
                 $data = array('html' => $helper->htmlExplorer($INPUT->str('route'), ltrim(':' . $INPUT->str('itemid')), ':'));
                 if (!$data['html']) {
                     $data['error'] = true;
                     $data['msg'] = "Can't load tree html.";
                 }
                 break;
             case 'callback':
                 if (!($helper = plugin_load('helper', 'explorertree'))) {
                     $data = array('error' => true, 'msg' => "Can't load tree helper.");
                     break;
                 }
                 $route = $helper->loadRoute($INPUT->str('route'), $INPUT->arr('loader'));
                 if (!$route || !is_callable(@$route['callbacks'][$INPUT->str(event)])) {
                     $data = array('error' => true, 'msg' => "Can't load callback '" . $INPUT->str('event') . "'for '" . $INPUT->str('route') . "'!");
                 }
                 $data = @call_user_func_array($route['callbacks'][$INPUT->str(event)], array($INPUT->str('itemid')));
                 if (!is_array($data)) {
                     $data = array('error' => true, 'msg' => "Callback for '" . $INPUT->str('event') . "' does not exists!");
                 }
                 break;
             default:
                 $data = array('error' => true, 'msg' => 'Unknown operation: ' . $INPUT->str('operation'));
                 break;
         }
         //data
         //json library of DokuWiki
     }
     if (is_array($data)) {
         $data['token'] = getSecurityToken();
     }
     require_once DOKU_INC . 'inc/JSON.php';
     $json = new JSON();
     //set content type
     header('Content-Type: application/json');
     echo $json->encode($data);
     //		$this->get_helper()->check_meta_changes();
 }
Ejemplo n.º 4
0
 function handle()
 {
     if (!is_array($_REQUEST['d']) || !checkSecurityToken()) {
         return;
     }
     $sqlite = $this->dthlp->_getDB();
     if (!$sqlite) {
         return false;
     }
     $sqlite->query("BEGIN TRANSACTION");
     if (!$sqlite->query("DELETE FROM aliases")) {
         $sqlite->query('ROLLBACK TRANSACTION');
         return;
     }
     foreach ($_REQUEST['d'] as $row) {
         $row = array_map('trim', $row);
         $row['name'] = utf8_strtolower($row['name']);
         $row['name'] = rtrim($row['name'], 's');
         if (!$row['name']) {
             continue;
         }
         // Clean enum
         $arr = preg_split('/\\s*,\\s*/', $row['enum']);
         $arr = array_unique($arr);
         asort($arr);
         $row['enum'] = implode(', ', $arr);
         if (!$sqlite->query("INSERT INTO aliases (name, type, prefix, postfix, enum)\n                                 VALUES (?,?,?,?,?)", $row)) {
             $sqlite->query('ROLLBACK TRANSACTION');
             return;
         }
     }
     $sqlite->query("COMMIT TRANSACTION");
 }
 public function handle()
 {
     if (isset($_REQUEST['add'])) {
         if (!checkSecurityToken()) {
             return;
         }
         $conf = $this->loadCBData();
         if (!$conf) {
             $conf = array();
         }
         $type = 0;
         if ($_REQUEST["pretag"] != "" && $_REQUEST["posttag"] != "") {
             $type = 1;
         }
         array_push($conf, array("label" => $_REQUEST["label"], "code" => $_REQUEST["code"], "type" => $type, "pretag" => $_REQUEST["pretag"], "posttag" => $_REQUEST["posttag"], "icon" => $_REQUEST["icon"]));
         $this->saveCBData($conf);
         $this->reloadBar();
     } elseif (isset($_REQUEST['delete'])) {
         if (!checkSecurityToken()) {
             return;
         }
         $conf = $this->loadCBData();
         unset($conf[$_REQUEST["delete"]]);
         $this->saveCBData($conf);
         $this->reloadBar();
     }
 }
Ejemplo n.º 6
0
 /**
  * handle user request
  */
 function handle()
 {
     $this->macros_file = MACROS_FILE;
     if (!isset($_REQUEST['cmd'])) {
         return;
     }
     // first time - nothing to do
     $this->output = '';
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     $action = "";
     // verify valid values
     switch (key($_REQUEST['cmd'])) {
         case 'add':
             $action = 'add';
             $a = $this->add();
             break;
         case 'delete':
             $a = $this->del();
             break;
         case 'edit':
             $a = $this->edit();
             break;
     }
     //    $this->output = print_r($a,true);
     //  $this->output .= print_r($_REQUEST,true);
 }
Ejemplo n.º 7
0
 /**
  * handle user request
  *
  * Initializes internal vars and handles modifications
  *
  * @author Andreas Gohr <*****@*****.**>
  */
 function handle()
 {
     global $AUTH_ACL;
     global $ID;
     global $auth;
     // fresh 1:1 copy without replacements
     $AUTH_ACL = loadModlist();
     // namespace given?
     if (empty($_REQUEST['ns']) || $_REQUEST['ns'] == '*') {
         $this->ns = '*';
     } else {
         $this->ns = cleanID($_REQUEST['ns']);
     }
     // handle modifications
     if (isset($_REQUEST['cmd']) && checkSecurityToken()) {
         // scope for modifications
         if ($this->ns == '*') {
             $scope = '*';
         } else {
             $scope = $this->ns . ':*';
         }
         if (isset($_REQUEST['cmd']['save']) && $scope && isset($_REQUEST['modgroup'])) {
             // handle additions or single modifications
             $this->_acl_del($scope);
             $this->_acl_add($scope, trim($_REQUEST['modgroup']));
         } elseif (isset($_REQUEST['cmd']['del']) && $scope) {
             // handle single deletions
             $this->_acl_del($scope);
         } elseif (isset($_REQUEST['cmd']['update'])) {
             // handle update of the whole file
             foreach ((array) $_REQUEST['del'] as $where) {
                 // remove all rules marked for deletion
                 unset($_REQUEST['acl'][$where]);
             }
             // prepare lines
             $lines = array();
             // keep header
             foreach ($AUTH_ACL as $line) {
                 if ($line[0] == '#') {
                     $lines[] = $line;
                 } else {
                     break;
                 }
             }
             foreach ((array) $_REQUEST['acl'] as $where => $who) {
                 $who = $auth->cleanGroup($who);
                 $who = auth_nameencode($who, true);
                 $lines[] = "{$where}\t{$who}\n";
             }
             // save it
             io_saveFile(DOKUTRANSLATE_MODLIST, join('', $lines));
         }
         // reload ACL config
         $AUTH_ACL = loadModlist();
     }
     // initialize ACL array
     $this->_init_acl_config();
 }
Ejemplo n.º 8
0
 function render($mode, &$renderer, $data)
 {
     if ($mode != 'xhtml') {
         return false;
     }
     if (isset($_POST['vote']) && checkSecurityToken()) {
         $this->_handlepost($data);
     }
     $this->_html($renderer, $data);
 }
 /**
  * 
  * @param array $form
  * @throws Exception
  * @return unknown
  */
 public function doAction($form)
 {
     if (!checkSecurityToken($form['sectok'])) {
         throw new Exception('bad security token. Refresh your page');
     }
     if (!auth_isadmin()) {
         throw new Exception('you must have AUTH_ADMIN permissions to perform backups');
     }
     return Backup::createBackupFile($form['dirs'], isset($form['verbose']) ? true : false, $form['archive_format']);
 }
Ejemplo n.º 10
0
 /**
  * output appropriate html
  */
 function html()
 {
     echo $this->plugin_locale_xhtml('intro');
     $this->_searchform();
     if (is_array($_REQUEST['revert']) && checkSecurityToken()) {
         $this->_revert($_REQUEST['revert'], $_REQUEST['filter']);
     } elseif (isset($_REQUEST['filter'])) {
         $this->_list($_REQUEST['filter']);
     }
 }
Ejemplo n.º 11
0
 /**
  * Should carry out any processing required by the plugin.
  */
 public function handle()
 {
     global $INPUT;
     global $ID;
     global $config_cascade;
     $config_file_path = end($config_cascade['main']['local']);
     // form submit
     $table = Schema::cleanTableName($INPUT->str('table'));
     if ($table && $INPUT->bool('save') && checkSecurityToken()) {
         $builder = new SchemaBuilder($table, $INPUT->arr('schema'));
         if (!$builder->build()) {
             msg('something went wrong while saving', -1);
         }
         touch($config_file_path);
     }
     // export
     if ($table && $INPUT->bool('export')) {
         $builder = new Schema($table);
         header('Content-Type: application/json');
         header("Content-Disposition: attachment; filename={$table}.struct.json");
         echo $builder->toJSON();
         exit;
     }
     // import
     if ($table && $INPUT->bool('import')) {
         if (isset($_FILES['schemafile']['tmp_name'])) {
             $json = io_readFile($_FILES['schemafile']['tmp_name'], false);
             if (!$json) {
                 msg('Something went wrong with the upload', -1);
             } else {
                 $builder = new SchemaImporter($table, $json, $INPUT->bool('lookup'));
                 if (!$builder->build()) {
                     msg('something went wrong while saving', -1);
                 }
                 touch($config_file_path);
             }
         }
     }
     // delete
     if ($table && $INPUT->bool('delete')) {
         if ($table != $INPUT->str('confirm')) {
             msg($this->getLang('del_fail'), -1);
         } else {
             try {
                 $schema = new Schema($table);
                 $schema->delete();
                 msg($this->getLang('del_ok'), 1);
                 touch($config_file_path);
                 send_redirect(wl($ID, array('do' => 'admin', 'page' => 'struct_schemas'), true, '&'));
             } catch (StructException $e) {
                 msg(hsc($e->getMessage()), -1);
             }
         }
     }
 }
Ejemplo n.º 12
0
 /**
  * handle user request
  */
 function handle()
 {
     if (!isset($_REQUEST['cmd'])) {
         return;
     }
     // first time - nothing to do
     $this->output = '';
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     // verify valid values
     switch (key($_REQUEST['cmd'])) {
         case 'prune':
             $this->prune();
             break;
         case 'confirm':
             $this->confirm();
             break;
         case 'restore':
             $this->is_prev_deleted = array();
             $this->prev_deleted = "";
             if (isset($_REQUEST[subfeed_dir])) {
                 $this->helper->setSubFeed($_REQUEST['subfeed_dir']);
                 $this->pagedata = $this->helper->_readFile($this->helper->getMetaFN('pagedata', '.ser'), true);
             }
             // $this->output=$_REQUEST;
             return;
         case 'generate':
             $this->output = $this->generate($_REQUEST['subfeeds']);
             return;
         case 'subfeed':
             $this->subfeed_selected = $_REQUEST['subfeed_inx'];
             if ($this->subfeed_selected > 0) {
                 $this->subfeed_name = $_REQUEST['subfeeds'];
             }
             break;
     }
     $deleted = array();
     if (isset($_REQUEST['delete']) && $_REQUEST['delete']) {
         $deletes = $_REQUEST['delete'];
         $deleted = array_keys($deletes);
     }
     if ($_REQUEST['prev_del']) {
         $prev_deleted = $_REQUEST['prev_del'];
         $prev_deleted = explode(',', $prev_deleted);
         $prev_deleted = array_merge($prev_deleted, $deleted);
         $prev_deleted = array_unique($prev_deleted);
         $this->prev_deleted = implode(",", $prev_deleted);
         $this->is_prev_deleted = $prev_deleted;
     }
     // $this->output=$_REQUEST;
 }
Ejemplo n.º 13
0
 /** handle user request */
 function handle()
 {
     $this->formAction = '';
     if (!is_array($_REQUEST['formAction'])) {
         return;
     }
     if (!checkSecurityToken()) {
         return;
     }
     $this->formAction = key($_REQUEST['formAction']);
 }
Ejemplo n.º 14
0
 /**
  * output appropriate html
  */
 function html()
 {
     global $INPUT;
     echo $this->locale_xhtml('intro');
     $this->_searchform();
     if (is_array($INPUT->param('revert')) && checkSecurityToken()) {
         $this->_revert($INPUT->arr('revert'), $INPUT->str('filter'));
     } elseif ($INPUT->has('filter')) {
         $this->_list($INPUT->str('filter'));
     }
 }
Ejemplo n.º 15
0
 /**
  * Carry out required processing
  */
 public function handle()
 {
     if (!is_array($_REQUEST['up']) || !checkSecurityToken()) {
         return;
     }
     $userdata = $_REQUEST['up']['user'];
     // First save the user so it can be created if it doesn't already exist (bullshit, user has to be existing)
     //if(!$this->hlp->saveUser($userdata['user'], $userdata['name'], $userdata['email'])) return;
     // Then save the profile fields
     foreach ($_REQUEST['up']['data'] as $field => $value) {
         $this->hlp->saveField($userdata['user'], $field, $value);
     }
 }
Ejemplo n.º 16
0
 /**
  * handle user request
  */
 function handle()
 {
     if (!isset($_REQUEST['cmd'])) {
         return;
     }
     // first time - nothing to do
     $this->output = '';
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     // verify valid values
     switch (key($_REQUEST['cmd'])) {
         case 'prune':
             $this->prune();
             break;
         case 'confirm':
             $this->confirm();
             break;
         case 'restore':
             $this->is_prev_deleted = array();
             $this->prev_deleted = "";
             return;
         case 'generate':
             $this->output = $this->generate();
             return;
     }
     $deleted = array();
     if (isset($_REQUEST['delete']) && $_REQUEST['delete']) {
         $deletes = $_REQUEST['delete'];
         $deleted = array_keys($deletes);
     }
     if ($_REQUEST['prev_del']) {
         $prev_deleted = $_REQUEST['prev_del'];
         $prev_deleted = explode(',', $prev_deleted);
         $prev_deleted = array_merge($prev_deleted, $deleted);
         $prev_deleted = array_unique($prev_deleted);
         $this->prev_deleted = implode(",", $prev_deleted);
         $this->is_prev_deleted = $prev_deleted;
     }
     // $this->output=$this->pagedata;
 }
Ejemplo n.º 17
0
 /**
  * Carry out required processing
  */
 public function handle()
 {
     if (!is_array($_REQUEST['up']) || !checkSecurityToken()) {
         return;
     }
     $sqlite = $this->hlp->_getDB();
     if (!$sqlite) {
         return;
     }
     $sqlite->query("BEGIN TRANSACTION");
     foreach ($_REQUEST['up'] as $row) {
         $row = array_map('trim', $row);
         $row['name'] = utf8_strtolower($row['name']);
         $row['name'] = rtrim($row['name'], 's');
         if (!$row['name']) {
             continue;
         }
         // Clean default
         $arr = preg_split('/\\s*\\|\\s*/', $row['defaultval']);
         $arr = array_unique($arr);
         $row['defaultval'] = implode(' | ', $arr);
         if ($row['fid']) {
             // Check if field should be deleted
             if (empty($row['name'])) {
                 // delete all fieldvals for the current field
                 if (!$sqlite->query("DELETE FROM fieldvals WHERE [fid] = ?", $row['fid'])) {
                     $sqlite->query("ROLLBACK TRANSACTION");
                     return false;
                 }
                 // delete the field
                 $res = $sqlite->query("DELETE FROM fields WHERE [fid] = ?", $row['fid']);
             } else {
                 $res = $sqlite->query("UPDATE fields SET [name] = ?, [title] = ?, [defaultval] = ? WHERE [fid] = ?", array($row['name'], $row['title'], $row['defaultval'], $row['fid']));
             }
         } else {
             $res = $sqlite->query("INSERT INTO fields ([name], [title], [defaultval]) VALUES (?,?,?)", array($row['name'], $row['title'], $row['defaultval']));
         }
         if (!$res) {
             $sqlite->query('ROLLBACK TRANSACTION');
             return;
         }
     }
     $sqlite->query("COMMIT TRANSACTION");
 }
Ejemplo n.º 18
0
 /**
  * handle user request
  */
 function handle()
 {
     global $ID, $INPUT;
     if (!$this->_restore_session()) {
         return $this->_close_session();
     }
     if ($INPUT->int('save') != 1) {
         return $this->_close_session();
     }
     if (!checkSecurityToken()) {
         return $this->_close_session();
     }
     if (is_null($this->_config)) {
         $this->_config = new configuration($this->_file);
     }
     // don't go any further if the configuration is locked
     if ($this->_config->_locked) {
         return $this->_close_session();
     }
     $this->_input = $INPUT->arr('config');
     while (list($key) = each($this->_config->setting)) {
         $input = isset($this->_input[$key]) ? $this->_input[$key] : null;
         if ($this->_config->setting[$key]->update($input)) {
             $this->_changed = true;
         }
         if ($this->_config->setting[$key]->error()) {
             $this->_error = true;
         }
     }
     if ($this->_changed && !$this->_error) {
         $this->_config->save_settings($this->getPluginName());
         // save state & force a page reload to get the new settings to take effect
         $_SESSION['PLUGIN_CONFIG'] = array('state' => 'updated', 'time' => time());
         $this->_close_session();
         send_redirect(wl($ID, array('do' => 'admin', 'page' => 'config'), true, '&'));
         exit;
     } elseif (!$this->_error) {
         $this->_config->touch_settings();
         // just touch to refresh cache
     }
     $this->_close_session();
 }
Ejemplo n.º 19
0
 public function handle_action_act_preprocess(Doku_Event &$event, $param)
 {
     global $ID, $INFO, $REV, $RANGE, $TEXT, $PRE, $SUF;
     // check if the action was given as array key
     if (is_array($event->data)) {
         list($act) = array_keys($event->data);
     } else {
         $act = $event->data;
     }
     if ($act == 'save' && $_REQUEST['saveandedit'] && actionOK($act)) {
         if (act_permcheck($act) == 'save' && checkSecurityToken()) {
             $event->data = act_save($act);
             if ($event->data == 'show') {
                 $event->data = 'edit';
                 $REV = '';
                 // now we are working on the current revision
                 // Handle section edits
                 if ($PRE || $SUF) {
                     // $from and $to are 1-based indexes of the actually edited content
                     $from = strlen($PRE) + 1;
                     $to = $from + strlen($TEXT);
                     $RANGE = $from . '-' . $to;
                 }
                 // Ensure the current text is loaded again from the file
                 unset($GLOBALS['TEXT'], $GLOBALS['PRE'], $GLOBALS['SUF']);
                 // Reset the date of the last modification to avoid conflict messages
                 unset($GLOBALS['DATE']);
                 // Reset the change check
                 unset($_REQUEST['changecheck']);
                 // Force rendering of the metadata in order to ensure metadata is correct
                 p_set_metadata($ID, array(), true);
                 $INFO = pageinfo();
                 // reset pageinfo to new data (e.g. if the page exists)
             } elseif ($event->data == 'conflict') {
                 // DokuWiki won't accept 'conflict' as action here.
                 // Just execute save again, the conflict will be detected again
                 $event->data = 'save';
             }
         }
     }
 }
Ejemplo n.º 20
0
 function handle()
 {
     if (!isset($_REQUEST['data_go']) || !checkSecurityToken()) {
         return;
     }
     $sqlite = $this->dthlp->_getDB();
     if (!$sqlite) {
         return false;
     }
     $res = $sqlite->query("SELECT pid, page FROM pages");
     $rows = $sqlite->res2arr($res);
     $count = 0;
     foreach ($rows as $row) {
         if (!page_exists($row['page'])) {
             $sqlite->query('DELETE FROM data WHERE pid = ?', $row['pid']);
             $sqlite->query('DELETE FROM pages WHERE pid = ?', $row['pid']);
             $count++;
         }
     }
     msg(sprintf($this->getLang('pages_del'), $count), 1);
 }
Ejemplo n.º 21
0
 /**
  * AJAX call handler for ACL plugin
  *
  * @param Doku_Event $event  event object by reference
  * @param mixed $param  empty
  * @return void
  */
 public function handle_ajax_call_acl(Doku_Event &$event, $param)
 {
     if ($event->data !== 'plugin_acl') {
         return;
     }
     $event->stopPropagation();
     $event->preventDefault();
     global $ID;
     global $INPUT;
     if (!auth_isadmin()) {
         echo 'for admins only';
         return;
     }
     if (!checkSecurityToken()) {
         echo 'CRSF Attack';
         return;
     }
     $ID = getID();
     /** @var $acl admin_plugin_acl */
     $acl = plugin_load('admin', 'acl');
     $acl->handle();
     $ajax = $INPUT->str('ajax');
     header('Content-Type: text/html; charset=utf-8');
     if ($ajax == 'info') {
         $acl->_html_info();
     } elseif ($ajax == 'tree') {
         $ns = $INPUT->str('ns');
         if ($ns == '*') {
             $ns = '';
         }
         $ns = cleanID($ns);
         $lvl = count(explode(':', $ns));
         $ns = utf8_encodeFN(str_replace(':', '/', $ns));
         $data = $acl->_get_tree($ns, $ns);
         foreach (array_keys($data) as $item) {
             $data[$item]['level'] = $lvl + 1;
         }
         echo html_buildlist($data, 'acl', array($acl, '_html_list_acl'), array($acl, '_html_li_acl'));
     }
 }
Ejemplo n.º 22
0
 function handle()
 {
     if (!is_array($_REQUEST['d']) || !checkSecurityToken()) {
         return;
     }
     $sqlite = $this->dthlp->_getDB();
     if (!$sqlite) {
         return false;
     }
     $sqlite->query("BEGIN TRANSACTION");
     $sqlite->query("DELETE FROM aliases");
     foreach ($_REQUEST['d'] as $row) {
         $row = array_map('trim', $row);
         $row['name'] = utf8_strtolower($row['name']);
         $row['name'] = rtrim($row['name'], 's');
         if (!$row['name']) {
             continue;
         }
         $sqlite->query("INSERT INTO aliases (name, type, prefix, postfix, enum)\n                                 VALUES (?,?,?,?,?)", $row);
     }
     $sqlite->query("COMMIT TRANSACTION");
 }
Ejemplo n.º 23
0
 /**
  * handle user request
  */
 function handle()
 {
     global $ID;
     if (!$this->_restore_session()) {
         return $this->_close_session();
     }
     if (!isset($_REQUEST['save']) || $_REQUEST['save'] != 1) {
         return $this->_close_session();
     }
     if (!checkSecurityToken()) {
         return $this->_close_session();
     }
     if (is_null($this->_config)) {
         $this->_config = new configuration($this->_file);
     }
     // don't go any further if the configuration is locked
     if ($this->_config->_locked) {
         return $this->_close_session();
     }
     $this->_input = $_REQUEST['config'];
     while (list($key) = each($this->_config->setting)) {
         $input = isset($this->_input[$key]) ? $this->_input[$key] : NULL;
         if ($this->_config->setting[$key]->update($input)) {
             $this->_changed = true;
         }
         if ($this->_config->setting[$key]->error()) {
             $this->_error = true;
         }
     }
     if ($this->_changed && !$this->_error) {
         $this->_config->save_settings($this->getPluginName());
         // save state & force a page reload to get the new settings to take effect
         $_SESSION['PLUGIN_CONFIG'] = array('state' => 'updated', 'time' => time());
         $this->_close_session();
         header("Location: " . wl($ID, array('do' => 'admin', 'page' => 'config'), true, '&'));
         exit;
     }
     $this->_close_session();
 }
Ejemplo n.º 24
0
 /**
  * handle user request
  */
 function handle()
 {
     if (!isset($_REQUEST['cmd'])) {
         return;
     }
     // first time - nothing to do
     $this->output = 'invalid';
     if (!checkSecurityToken()) {
         return;
     }
     if (!is_array($_REQUEST['cmd'])) {
         return;
     }
     // verify valid values
     switch (key($_REQUEST['cmd'])) {
         case 'confirm':
             $this->prune_datafile($_REQUEST['del']);
             break;
         case 'secure':
             $this->secure_datafile();
             break;
     }
     //  msg('<pre>' . print_r($_REQUEST['del'],true) . '</pre>');
 }
 /**
  * Should carry out any processing required by the plugin.
  */
 public function handle()
 {
     global $INPUT;
     global $ID;
     $assignments = new Assignments();
     if ($INPUT->str('action') && $INPUT->arr('assignment') && checkSecurityToken()) {
         $assignment = $INPUT->arr('assignment');
         if (!blank($assignment['assign']) && !blank($assignment['tbl'])) {
             if ($INPUT->str('action') === 'delete') {
                 $ok = $assignments->removePattern($assignment['assign'], $assignment['tbl']);
                 if (!$ok) {
                     msg('failed to remove pattern', -1);
                 }
             } else {
                 if ($INPUT->str('action') === 'add') {
                     if ($assignment['assign'][0] == '/') {
                         if (@preg_match($assignment['assign'], null) === false) {
                             msg('Invalid regular expression. Pattern not saved', -1);
                         } else {
                             $ok = $assignments->addPattern($assignment['assign'], $assignment['tbl']);
                             if (!$ok) {
                                 msg('failed to add pattern', -1);
                             }
                         }
                     } else {
                         $ok = $assignments->addPattern($assignment['assign'], $assignment['tbl']);
                         if (!$ok) {
                             msg('failed to add pattern', -1);
                         }
                     }
                 }
             }
         }
         send_redirect(wl($ID, array('do' => 'admin', 'page' => 'struct_assignments'), true, '&'));
     }
 }
Ejemplo n.º 26
0
 /**
  * handle user request
  */
 function handle()
 {
     global $INPUT;
     // enable direct access to language strings
     $this->setupLocale();
     $fn = $INPUT->param('fn');
     if (is_array($fn)) {
         $this->cmd = key($fn);
         $this->plugin = is_array($fn[$this->cmd]) ? key($fn[$this->cmd]) : null;
     } else {
         $this->cmd = $fn;
         $this->plugin = null;
     }
     $this->_get_plugin_list();
     // verify $_REQUEST vars
     if (in_array($this->cmd, $this->commands)) {
         $this->plugin = '';
     } else {
         if (!in_array($this->cmd, $this->functions) || !in_array($this->plugin, $this->plugin_list)) {
             $this->cmd = 'manage';
             $this->plugin = '';
         }
     }
     if (($this->cmd != 'manage' || $this->plugin != '') && !checkSecurityToken()) {
         $this->cmd = 'manage';
         $this->plugin = '';
     }
     // create object to handle the command
     $class = "ap_" . $this->cmd;
     @(require_once DOKU_PLUGIN . "/plugin/classes/{$class}.class.php");
     if (!class_exists($class)) {
         $class = 'ap_manage';
     }
     $this->handler = new $class($this, $this->plugin);
     $this->msg = $this->handler->process();
 }
Ejemplo n.º 27
0
 /**
  * Modify user (modified user data has been recieved)
  */
 function _modifyUser()
 {
     global $conf;
     if (!checkSecurityToken()) {
         return false;
     }
     if (!$this->_auth->canDo('UserMod')) {
         return false;
     }
     // get currently valid  user data
     $olduser = cleanID(preg_replace('/.*:/', '', $_REQUEST['userid_old']));
     $oldinfo = $this->_auth->getUserData($olduser);
     // get new user data subject to change
     list($newuser, $newpass, $newname, $newmail, $newgrps) = $this->_retrieveUser();
     if (empty($newuser)) {
         return false;
     }
     $changes = array();
     if ($newuser != $olduser) {
         if (!$this->_auth->canDo('modLogin')) {
             // sanity check, shouldn't be possible
             msg($this->lang['update_fail'], -1);
             return false;
         }
         // check if $newuser already exists
         if ($this->_auth->getUserData($newuser)) {
             msg(sprintf($this->lang['update_exists'], $newuser), -1);
             $re_edit = true;
         } else {
             $changes['user'] = $newuser;
         }
     }
     // generate password if left empty and notification is on
     if (!empty($_REQUEST['usernotify']) && empty($newpass)) {
         $newpass = auth_pwgen();
     }
     if (!empty($newpass) && $this->_auth->canDo('modPass')) {
         $changes['pass'] = $newpass;
     }
     if (!empty($newname) && $this->_auth->canDo('modName') && $newname != $oldinfo['name']) {
         $changes['name'] = $newname;
     }
     if (!empty($newmail) && $this->_auth->canDo('modMail') && $newmail != $oldinfo['mail']) {
         $changes['mail'] = $newmail;
     }
     if (!empty($newgrps) && $this->_auth->canDo('modGroups') && $newgrps != $oldinfo['grps']) {
         $changes['grps'] = $newgrps;
     }
     if ($ok = $this->_auth->triggerUserMod('modify', array($olduser, $changes))) {
         msg($this->lang['update_ok'], 1);
         if (!empty($_REQUEST['usernotify']) && $newpass) {
             $notify = empty($changes['user']) ? $olduser : $newuser;
             $this->_notifyUser($notify, $newpass);
         }
         // invalidate all sessions
         io_saveFile($conf['cachedir'] . '/sessionpurge', time());
     } else {
         msg($this->lang['update_fail'], -1);
     }
     if (!empty($re_edit)) {
         $this->_editUser($olduser);
     }
     return $ok;
 }
Ejemplo n.º 28
0
/**
 * Update user profile
 *
 * @author    Christopher Smith <*****@*****.**>
 */
function updateprofile()
{
    global $conf;
    global $lang;
    /* @var auth_basic $auth */
    global $auth;
    /* @var Input $INPUT */
    global $INPUT;
    if (!$INPUT->post->bool('save')) {
        return false;
    }
    if (!checkSecurityToken()) {
        return false;
    }
    if (!actionOK('profile')) {
        msg($lang['profna'], -1);
        return false;
    }
    $changes = array();
    $changes['pass'] = $INPUT->post->str('newpass');
    $changes['name'] = $INPUT->post->str('fullname');
    $changes['mail'] = $INPUT->post->str('email');
    // check misspelled passwords
    if ($changes['pass'] != $INPUT->post->str('passchk')) {
        msg($lang['regbadpass'], -1);
        return false;
    }
    // clean fullname and email
    $changes['name'] = trim(preg_replace('/[\\x00-\\x1f:<>&%,;]+/', '', $changes['name']));
    $changes['mail'] = trim(preg_replace('/[\\x00-\\x1f:<>&%,;]+/', '', $changes['mail']));
    // no empty name and email (except the backend doesn't support them)
    if (empty($changes['name']) && $auth->canDo('modName') || empty($changes['mail']) && $auth->canDo('modMail')) {
        msg($lang['profnoempty'], -1);
        return false;
    }
    if (!mail_isvalid($changes['mail']) && $auth->canDo('modMail')) {
        msg($lang['regbadmail'], -1);
        return false;
    }
    $changes = array_filter($changes);
    // check for unavailable capabilities
    if (!$auth->canDo('modName')) {
        unset($changes['name']);
    }
    if (!$auth->canDo('modMail')) {
        unset($changes['mail']);
    }
    if (!$auth->canDo('modPass')) {
        unset($changes['pass']);
    }
    // anything to do?
    if (!count($changes)) {
        msg($lang['profnochange'], -1);
        return false;
    }
    if ($conf['profileconfirm']) {
        if (!$auth->checkPass($_SERVER['REMOTE_USER'], $INPUT->post->str('oldpass'))) {
            msg($lang['badlogin'], -1);
            return false;
        }
    }
    if ($result = $auth->triggerUserMod('modify', array($_SERVER['REMOTE_USER'], $changes))) {
        // update cookie and session with the changed data
        if ($changes['pass']) {
            list(, $sticky, ) = auth_getCookie();
            $pass = PMA_blowfish_encrypt($changes['pass'], auth_cookiesalt(!$sticky));
            auth_setCookie($_SERVER['REMOTE_USER'], $pass, (bool) $sticky);
        }
        return true;
    }
    return false;
}
Ejemplo n.º 29
0
 /**
  * Execute the requested action(s) and initialize the plugin repository
  */
 public function handle()
 {
     global $INPUT;
     // initialize the remote repository
     /* @var helper_plugin_extension_repository $repository */
     $repository = $this->loadHelper('extension_repository');
     if (!$repository->hasAccess()) {
         $url = $this->gui->tabURL('', array('purge' => 1));
         msg($this->getLang('repo_error') . ' [<a href="' . $url . '">' . $this->getLang('repo_retry') . '</a>]', -1);
     }
     if (!in_array('ssl', stream_get_transports())) {
         msg($this->getLang('nossl'), -1);
     }
     /* @var helper_plugin_extension_extension $extension */
     $extension = $this->loadHelper('extension_extension');
     try {
         if ($INPUT->post->has('fn') && checkSecurityToken()) {
             $actions = $INPUT->post->arr('fn');
             foreach ($actions as $action => $extensions) {
                 foreach ($extensions as $extname => $label) {
                     switch ($action) {
                         case 'install':
                         case 'reinstall':
                         case 'update':
                             $extension->setExtension($extname);
                             $installed = $extension->installOrUpdate();
                             foreach ($installed as $ext => $info) {
                                 msg(sprintf($this->getLang('msg_' . $info['type'] . '_' . $info['action'] . '_success'), $info['base']), 1);
                             }
                             break;
                         case 'uninstall':
                             $extension->setExtension($extname);
                             $status = $extension->uninstall();
                             if ($status) {
                                 msg(sprintf($this->getLang('msg_delete_success'), hsc($extension->getDisplayName())), 1);
                             } else {
                                 msg(sprintf($this->getLang('msg_delete_failed'), hsc($extension->getDisplayName())), -1);
                             }
                             break;
                         case 'enable':
                             $extension->setExtension($extname);
                             $status = $extension->enable();
                             if ($status !== true) {
                                 msg($status, -1);
                             } else {
                                 msg(sprintf($this->getLang('msg_enabled'), hsc($extension->getDisplayName())), 1);
                             }
                             break;
                         case 'disable':
                             $extension->setExtension($extname);
                             $status = $extension->disable();
                             if ($status !== true) {
                                 msg($status, -1);
                             } else {
                                 msg(sprintf($this->getLang('msg_disabled'), hsc($extension->getDisplayName())), 1);
                             }
                             break;
                     }
                 }
             }
             send_redirect($this->gui->tabURL('', array(), '&', true));
         } elseif ($INPUT->post->str('installurl') && checkSecurityToken()) {
             $installed = $extension->installFromURL($INPUT->post->str('installurl'));
             foreach ($installed as $ext => $info) {
                 msg(sprintf($this->getLang('msg_' . $info['type'] . '_' . $info['action'] . '_success'), $info['base']), 1);
             }
             send_redirect($this->gui->tabURL('', array(), '&', true));
         } elseif (isset($_FILES['installfile']) && checkSecurityToken()) {
             $installed = $extension->installFromUpload('installfile');
             foreach ($installed as $ext => $info) {
                 msg(sprintf($this->getLang('msg_' . $info['type'] . '_' . $info['action'] . '_success'), $info['base']), 1);
             }
             send_redirect($this->gui->tabURL('', array(), '&', true));
         }
     } catch (Exception $e) {
         msg($e->getMessage(), -1);
         send_redirect($this->gui->tabURL('', array(), '&', true));
     }
 }
Ejemplo n.º 30
0
 /**
  * handle user request
  *
  * Initializes internal vars and handles modifications
  *
  * @author Andreas Gohr <*****@*****.**>
  */
 function handle()
 {
     global $AUTH_ACL;
     global $ID;
     global $auth;
     global $config_cascade;
     // fresh 1:1 copy without replacements
     $AUTH_ACL = file($config_cascade['acl']['default']);
     // namespace given?
     if ($_REQUEST['ns'] == '*') {
         $this->ns = '*';
     } else {
         $this->ns = cleanID($_REQUEST['ns']);
     }
     if ($_REQUEST['current_ns']) {
         $this->current_item = array('id' => cleanID($_REQUEST['current_ns']), 'type' => 'd');
     } elseif ($_REQUEST['current_id']) {
         $this->current_item = array('id' => cleanID($_REQUEST['current_id']), 'type' => 'f');
     } elseif ($this->ns) {
         $this->current_item = array('id' => $this->ns, 'type' => 'd');
     } else {
         $this->current_item = array('id' => $ID, 'type' => 'f');
     }
     // user or group choosen?
     $who = trim($_REQUEST['acl_w']);
     if ($_REQUEST['acl_t'] == '__g__' && $who) {
         $this->who = '@' . ltrim($auth->cleanGroup($who), '@');
     } elseif ($_REQUEST['acl_t'] == '__u__' && $who) {
         $this->who = ltrim($who, '@');
         if ($this->who != '%USER%' && $this->who != '%GROUP%') {
             #keep wildcard as is
             $this->who = $auth->cleanUser($this->who);
         }
     } elseif ($_REQUEST['acl_t'] && $_REQUEST['acl_t'] != '__u__' && $_REQUEST['acl_t'] != '__g__') {
         $this->who = $_REQUEST['acl_t'];
     } elseif ($who) {
         $this->who = $who;
     }
     // handle modifications
     if (isset($_REQUEST['cmd']) && checkSecurityToken()) {
         // scope for modifications
         if ($this->ns) {
             if ($this->ns == '*') {
                 $scope = '*';
             } else {
                 $scope = $this->ns . ':*';
             }
         } else {
             $scope = $ID;
         }
         if (isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])) {
             // handle additions or single modifications
             $this->_acl_del($scope, $this->who);
             $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']);
         } elseif (isset($_REQUEST['cmd']['del']) && $scope && $this->who) {
             // handle single deletions
             $this->_acl_del($scope, $this->who);
         } elseif (isset($_REQUEST['cmd']['update'])) {
             // handle update of the whole file
             foreach ((array) $_REQUEST['del'] as $where => $names) {
                 // remove all rules marked for deletion
                 foreach ($names as $who) {
                     unset($_REQUEST['acl'][$where][$who]);
                 }
             }
             // prepare lines
             $lines = array();
             // keep header
             foreach ($AUTH_ACL as $line) {
                 if ($line[0] == '#') {
                     $lines[] = $line;
                 } else {
                     break;
                 }
             }
             // re-add all rules
             foreach ((array) $_REQUEST['acl'] as $where => $opt) {
                 foreach ($opt as $who => $perm) {
                     if ($who[0] == '@') {
                         if ($who != '@ALL') {
                             $who = '@' . ltrim($auth->cleanGroup($who), '@');
                         }
                     } elseif ($who != '%USER%' && $who != '%GROUP%') {
                         #keep wildcard as is
                         $who = $auth->cleanUser($who);
                     }
                     $who = auth_nameencode($who, true);
                     $lines[] = "{$where}\t{$who}\t{$perm}\n";
                 }
             }
             // save it
             io_saveFile($config_cascade['acl']['default'], join('', $lines));
         }
         // reload ACL config
         $AUTH_ACL = file($config_cascade['acl']['default']);
     }
     // initialize ACL array
     $this->_init_acl_config();
 }