Ejemplo n.º 1
0
} elseif ((int) $serendipity['GET']['step'] == 3) {
    $serendipity['dbPrefix'] = $_POST['dbPrefix'];
    echo CHECK_DATABASE_EXISTS . '...';
    $t = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}authors", false, 'both', false, false, false, true);
    if (is_array($t)) {
        echo ' <strong>' . THEY_DO . '</strong>, ' . WONT_INSTALL_DB_AGAIN;
        echo '<br />';
        echo '<br />';
    } else {
        echo ' <strong>' . THEY_DONT . '</strong>';
        echo '<br />';
        echo CREATE_DATABASE;
        serendipity_installDatabase();
        echo ' <strong>' . DONE . '</strong><br />';
        echo sprintf(CREATING_PRIMARY_AUTHOR, htmlspecialchars($_POST['user'])) . '...';
        $authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN, 1);
        $mail_comments = serendipity_db_bool($_POST['want_mail']) ? 1 : 0;
        serendipity_set_user_var('mail_comments', $mail_comments, $authorid);
        serendipity_set_user_var('mail_trackbacks', $mail_comments, $authorid);
        serendipity_set_user_var('right_publish', 1, $authorid);
        serendipity_addDefaultGroup('USERLEVEL_EDITOR_DESC', USERLEVEL_EDITOR);
        serendipity_addDefaultGroup('USERLEVEL_CHIEF_DESC', USERLEVEL_CHIEF);
        serendipity_addDefaultGroup('USERLEVEL_ADMIN_DESC', USERLEVEL_ADMIN);
        echo ' <strong>' . DONE . '</strong><br />';
        echo SETTING_DEFAULT_TEMPLATE . '... ';
        serendipity_set_config_var('template', $serendipity['defaultTemplate']);
        echo ' <strong>' . DONE . '</strong><br />';
        echo INSTALLING_DEFAULT_PLUGINS . '... ';
        include_once S9Y_INCLUDE_PATH . 'include/plugin_api.inc.php';
        serendipity_plugin_api::register_default_plugins();
        echo ' <strong>' . DONE . '</strong><br />';
Ejemplo n.º 2
0
 static function checkuser($usergroups = array())
 {
     global $serendipity;
     static $debug = false;
     if (!empty($serendipity['GET']['adduser_activation']) && !empty($_GET['r'])) {
         $string = $serendipity['GET']['adduser_activation'];
         $q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
         if ($debug) {
             echo "[debug] QUERY: {$q}<br />\n";
         }
         $author = serendipity_db_query($q, true);
         serendipity_common_adduser::sendMail($author['username'], function_exists('serendipity_specialchars') ? serendipity_specialchars($string) : htmlspecialchars($string, ENT_COMPAT, LANG_CHARSET), $author['email'], false, false);
         echo PLUGIN_ADDUSER_SENTMAIL_APPROVE_ADMIN;
         return true;
     }
     if (!empty($serendipity['GET']['adduser_activation'])) {
         $string = $serendipity['GET']['adduser_activation'];
         unset($serendipity['GET']['adduser_activation']);
         if (strlen($string) != 32) {
             echo PLUGIN_ADDUSER_WRONG_ACTIVATION . '<hr />';
             return false;
         }
         $q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
         if ($debug) {
             echo "[debug] QUERY: {$q}<br />\n";
         }
         $author = serendipity_db_query($q, true);
         if ($debug) {
             echo "[debug] RESULT: " . print_r($author, true) . "<br />\n";
         }
         if (is_array($author)) {
             $user = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE username = '******'username']) . "'", true);
             if (is_array($user) && !empty($user['authorid'])) {
                 printf(PLUGIN_ADDUSER_EXISTS . '<hr />', function_exists('serendipity_specialchars') ? serendipity_specialchars($author['username']) : htmlspecialchars($author['username'], ENT_COMPAT, LANG_CHARSET));
                 return false;
             }
             $newID = serendipity_addAuthor($author['username'], '', $author['username'], $author['email'], $author['userlevel']);
             if ($debug) {
                 echo "[debug] serendipity_addAuthor: {$newID}<br />\n";
             }
             if ($newID) {
                 serendipity_db_query("UPDATE {$serendipity['dbPrefix']}authors\n                                             SET right_publish = '" . ($author['right_publish'] ? '1' : '0') . "',\n                                                 password      = '******'password'] . "'\n                                           WHERE authorid = " . (int) $newID);
                 serendipity_set_config_var('no_create', $author['no_create'], $newID);
                 serendipity_set_config_var('lang', $serendipity['lang'], $newID);
                 // Fetch default properties for new authors as configured.
                 // Only set values for the keys that are supported (all booleans currently!)
                 $config = serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}config WHERE name LIKE 'serendipity_plugin_adduser:%'");
                 $pair_config = array('wysiwyg' => '', 'simpleFilters' => '', 'enableBackendPopup' => '', 'moderateCommentsDefault' => '', 'allowCommentsDefault' => '', 'showMediaToolbar' => '', 'use_autosave' => '');
                 if (is_array($config)) {
                     foreach ($config as $conf) {
                         $names = explode('/', $conf['name']);
                         if (isset($pair_config[$names[1]])) {
                             $pair_config[$names[1]] = serendipity_get_bool($conf['value']);
                             serendipity_set_config_var($names[1], $pair_config['wysiwyg'], $newID);
                         }
                     }
                 }
                 if (is_array($usergroups) && function_exists('serendipity_updateGroups')) {
                     if ($debug) {
                         echo "[debug] update groups: " . print_r($usergroups, true) . "<br />\n";
                     }
                     serendipity_updateGroups($usergroups, $newID, false);
                 } elseif ($debug) {
                     echo "[debug] no group addition: " . print_r($usergroups, true) . "<br />\n";
                 }
             } elseif ($debug) {
                 echo "[debug] serendipity_addAuthor() failed!<br />\n";
             }
         }
         $q = "SELECT authorid FROM {$serendipity['dbPrefix']}authors\n                                             WHERE username = '******'username'] . "'\n                                               AND password = '******'password'] . "'\n                                             LIMIT 1";
         $newauthor = serendipity_db_query($q, true);
         if (is_array($newauthor) && $newauthor['authorid'] > 0) {
             echo PLUGIN_ADDUSER_SUCCEED . '<hr />';
             serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "'");
             return true;
         } else {
             if ($debug) {
                 echo "[debug] QUERY: {$q}<br />\n";
                 echo "[debug] RESULT: " . print_r($newauthor, true) . "<br />\n";
             }
             echo PLUGIN_ADDUSER_FAILED . '<hr />';
             return false;
         }
     }
     return false;
 }
Ejemplo n.º 3
0
 function import_wpxrss()
 {
     // TODO: Backtranscoding to NATIVE charset. Currently only works with UTF-8.
     $dry_run = false;
     $serendipity['noautodiscovery'] = 1;
     $uri = $this->data['url'];
     require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
     serendipity_request_start();
     $req = new HTTP_Request($uri, array('allowRedirects' => true, 'maxRedirects' => 5));
     $res = $req->sendRequest();
     if (PEAR::isError($res) || $req->getResponseCode() != '200') {
         serendipity_request_end();
         echo IMPORT_FAILED . ': ' . htmlspecialchars($this->data['url']);
         echo "<br />\n";
         return false;
     }
     $fContent = $req->getResponseBody();
     serendipity_request_end();
     echo strlen($fContent) . " Bytes<br />\n";
     if (version_compare(PHP_VERSION, '5.0') === -1) {
         printf(UNMET_REQUIREMENTS, 'PHP >= 5.0');
         echo "<br />\n";
         return false;
     }
     $xml = simplexml_load_string($fContent);
     unset($fContent);
     /* ************* USERS **********************/
     $_s9y_users = serendipity_fetchUsers();
     $s9y_users = array();
     if (is_array($s9y_users)) {
         foreach ($_s9y_users as $v) {
             $s9y_users[$v['realname']] = $v;
         }
     }
     /* ************* CATEGORIES **********************/
     $_s9y_cat = serendipity_fetchCategories('all');
     $s9y_cat = array();
     if (is_array($s9y_cat)) {
         foreach ($_s9y_cat as $v) {
             $s9y_cat[$v['category_name']] = $v['categoryid'];
         }
     }
     $wp_ns = 'http://wordpress.org/export/1.0/';
     $dc_ns = 'http://purl.org/dc/elements/1.1/';
     $content_ns = 'http://purl.org/rss/1.0/modules/content/';
     $wp_core = $xml->channel->children($wp_ns);
     foreach ($wp_core->category as $idx => $cat) {
         //TODO: Parent generation unknown.
         $cat_name = (string) $cat->cat_name;
         if (!isset($s9y_cat[$cat_name])) {
             $cat = array('category_name' => $cat_name, 'category_description' => '', 'parentid' => 0, 'category_left' => 0, 'category_right' => 0);
             printf(CREATE_CATEGORY, htmlspecialchars($cat_name));
             echo "<br />\n";
             if ($dry_run) {
                 $s9y_cat[$cat_name] = time();
             } else {
                 serendipity_db_insert('category', $cat);
                 $s9y_cat[$cat_name] = serendipity_db_insert_id('category', 'categoryid');
             }
         }
     }
     /* ************* ITEMS **********************/
     foreach ($xml->channel->item as $idx => $item) {
         $wp_items = $item->children($wp_ns);
         $dc_items = $item->children($dc_ns);
         $content_items = $item->children($content_ns);
         // TODO: Attachments not handled
         if ((string) $wp_items->post_type == 'attachment' or (string) $wp_items->post_type == 'page') {
             continue;
         }
         $entry = array('title' => (string) $item->title, 'isdraft' => (string) $wp_items->status == 'publish' ? 'false' : 'true', 'allow_comments' => (string) $wp_items->comment_status == 'open' ? true : false, 'categories' => array(), 'body' => (string) $content_items->encoded);
         if (preg_match('@^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})$@', (string) $wp_items->post_date, $timematch)) {
             $entry['timestamp'] = mktime($timematch[4], $timematch[5], $timematch[6], $timematch[2], $timematch[3], $timematch[1]);
         } else {
             $entry['timestamp'] = time();
         }
         if (isset($item->category[1])) {
             foreach ($item->category as $idx => $category) {
                 $cstring = (string) $category;
                 if (!isset($s9y_cat[$cstring])) {
                     echo "WARNING: {$category} unset!<br />\n";
                 } else {
                     $entry['categories'][] = $s9y_cat[$cstring];
                 }
             }
         } else {
             $cstring = (string) $item->category;
             $entry['categories'][] = $s9y_cat[$cstring];
         }
         $wp_user = (string) $dc_items->creator;
         if (!isset($s9y_users[$wp_user])) {
             if ($dry_run) {
                 $s9y_users[$wp_user]['authorid'] = time();
             } else {
                 $s9y_users[$wp_user]['authorid'] = serendipity_addAuthor($wp_user, md5(time()), $wp_user, '', USERLEVEL_EDITOR);
             }
             printf(CREATE_AUTHOR, htmlspecialchars($wp_user));
             echo "<br />\n";
         }
         $entry['authorid'] = $s9y_users[$wp_user]['authorid'];
         if ($dry_run) {
             $id = time();
         } else {
             $id = serendipity_updertEntry($entry);
         }
         $s9y_cid = array();
         // Holds comment ids to s9y ids association.
         $c_i = 0;
         foreach ($wp_items->comment as $comment) {
             $c_i++;
             $c_id = (string) $comment->comment_id;
             $c_pid = (string) $comment->comment_parent;
             $c_type = (string) $comment->comment_type;
             if ($c_type == 'pingback') {
                 $c_type2 = 'PINGBACK';
             } elseif ($c_type == 'trackback') {
                 $c_type2 = 'TRACKBACK';
             } else {
                 $c_type2 = 'NORMAL';
             }
             $s9y_comment = array('entry_id ' => $id, 'parent_id' => $s9y_cid[$c_pd], 'author' => (string) $comment->comment_author, 'email' => (string) $comment->comment_author_email, 'url' => (string) $comment->comment_author_url, 'ip' => (string) $comment->comment_author_IP, 'status' => empty($comment->comment_approved) || $comment->comment_approved == '1' ? 'approved' : 'pending', 'subscribed' => 'false', 'body' => (string) $comment->comment_content, 'type' => $c_type2);
             if (preg_match('@^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})$@', (string) $comment->comment_date, $timematch)) {
                 $s9y_comment['timestamp'] = mktime($timematch[4], $timematch[5], $timematch[6], $timematch[2], $timematch[3], $timematch[1]);
             } else {
                 $s9y_comment['timestamp'] = time();
             }
             if ($dry_run) {
                 $cid = time();
             } else {
                 serendipity_db_insert('comments', $s9y_comment);
                 $cid = serendipity_db_insert_id('comments', 'id');
                 if ($s9y_comment['status'] == 'approved') {
                     serendipity_approveComment($cid, $id, true);
                 }
             }
             $s9y_cid[$c_id] = $cid;
         }
         echo "Entry '" . htmlspecialchars($entry['title']) . "' ({$c_i} comments) imported.<br />\n";
     }
     return true;
 }
Ejemplo n.º 4
0
        $group_intersect = serendipity_intersectGroup($user[0]['authorid']);
        if (serendipity_checkPermission('adminUsersMaintainOthers') || serendipity_checkPermission('adminUsersMaintainSame') && $group_intersect) {
            serendipity_deleteAuthor($user[0]['authorid']);
            printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DELETED_USER . '</div>', htmlspecialchars($serendipity['POST']['user']), htmlspecialchars($user[0]['realname']));
            serendipity_plugin_api::hook_event('backend_users_delete', $user[0]);
        } else {
            echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>';
        }
    }
}
/* Save new user */
if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) {
    if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && $_POST['userlevel'] >= $serendipity['serendipityUserlevel'] || !serendipity_checkPermission('adminUsersCreateNew')) {
        echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED . '</div>';
    } else {
        $serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel'], 1);
        $valid_groups = serendipity_getGroups($serendipity['authorid'], true);
        /* Save all the properties */
        $config = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE);
        foreach ($config as $category) {
            foreach ($category['items'] as $item) {
                if (in_array('groups', $item['flags'])) {
                    if (serendipity_checkPermission('adminUsersMaintainOthers')) {
                        // Void, no fixing neccessarry
                    } elseif (serendipity_checkPermission('adminUsersMaintainSame')) {
                        // Check that no user may assign groups he's not allowed to.
                        foreach ($_POST[$item['var']] as $groupkey => $groupval) {
                            if (in_array($groupval, $valid_groups)) {
                                continue;
                            } elseif ($groupval == 2 && in_array(3, $valid_groups)) {
                                // Admin is allowed to assign users to chief editors