function process()
{
global $DB;
global $website;
global $events;
global $theme;
set_time_limit(0);
setlocale(LC_ALL, $_SESSION['navigate_install_locale']);
$lang = navigate_install_load_language();
switch ($_REQUEST['process']) {
case 'verify_zip':
sleep(1);
if (!file_exists('package.zip')) {
die(json_encode($lang['missing_package']));
} else {
$zip = new ZipArchive();
if ($zip->open('package.zip') !== TRUE) {
die(json_encode($lang['invalid_package']));
} else {
$zip->close();
die(json_encode(true));
}
}
break;
case 'extract_zip':
$npath = getcwd() . NAVIGATE_FOLDER;
$npath = str_replace('\\', '/', $npath);
if (!file_exists($npath)) {
mkdir($npath);
}
if (file_exists($npath)) {
$zip = new ZipArchive();
if ($zip->open('package.zip') === TRUE) {
$zip->extractTo($npath);
$zip->close();
copy($npath . '/crossdomain.xml', dirname($npath) . '/crossdomain.xml');
die(json_encode(true));
} else {
die(json_encode($lang['extraction_failed']));
}
}
die(json_encode($lang['folder_not_exists']));
break;
case 'chmod':
sleep(1);
// chmod the directories recursively
$npath = getcwd() . NAVIGATE_FOLDER;
if (!navigate_install_chmodr($npath, 0755)) {
die(json_encode($lang['chmod_failed']));
} else {
die(json_encode(true));
}
break;
case 'verify_database':
if ($_REQUEST['PDO_DRIVER'] == 'mysql' || $_REQUEST['PDO_DRIVER'] == 'mysql-socket') {
try {
$dsn = "mysql:host=" . $_REQUEST['PDO_HOSTNAME'] . ";port=" . $_REQUEST['PDO_PORT'] . ';charset=utf8';
if ($_REQUEST['PDO_DRIVER'] == "mysql-socket") {
$dsn = "mysql:unix_socket=" . $_REQUEST['PDO_SOCKET'] . ";charset=utf8";
}
$db_test = @new PDO($dsn, $_REQUEST['PDO_USERNAME'], $_REQUEST['PDO_PASSWORD']);
if (!$db_test) {
echo json_encode(array('error' => $lang['database_connect_error']));
} else {
$create_database_privilege = false;
$drop_database_privilege = false;
$stm = $db_test->query('SHOW DATABASES;');
$rs = $stm->fetchAll(PDO::FETCH_COLUMN, 'Database');
$rs = array_diff($rs, array('mysql', 'information_schema'));
$stm = $db_test->query('SHOW PRIVILEGES;');
$privileges = $stm->fetchAll(PDO::FETCH_ASSOC);
for ($p = 0; $p < count($privileges); $p++) {
if ($privileges[$p]['Privilege'] == 'Create') {
if (strpos($privileges[$p]['Context'], 'Databases') !== false) {
$create_database_privilege = true;
}
}
if ($privileges[$p]['Privilege'] == 'Drop') {
if (strpos($privileges[$p]['Context'], 'Databases') !== false) {
$drop_database_privilege = true;
}
}
}
if ($create_database_privilege && $drop_database_privilege) {
// check if we are really allowed to create databases
$dbname = 'navigate_test_' . time();
$create_result = $db_test->exec('CREATE DATABASE ' . $dbname);
if ($create_result) {
$db_test->exec('DROP DATABASE ' . $dbname);
}
if (!$create_result) {
$create_database_privilege = false;
}
}
$db_test = NULL;
echo json_encode(array('databases' => array_values($rs), 'create_database_privilege' => $create_database_privilege));
}
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
} else {
echo json_encode(array('error' => $lang['database_driver_error']));
}
exit;
break;
case 'database_create':
$DB = new database();
if (!$DB->connect()) {
// try to create the database automatically
if (PDO_DRIVER == 'mysql') {
if (PDO_DATABASE != '') {
if (PDO_HOSTNAME != "") {
$dsn = "mysql:host=" . PDO_HOSTNAME . ";port=" . PDO_PORT . ";charset=utf8";
} else {
$dsn = "mysql:unix_socket=" . PDO_SOCKET . ";charset=utf8";
}
$db_test = new PDO($dsn, PDO_USERNAME, PDO_PASSWORD);
$db_test->exec('CREATE DATABASE IF NOT EXISTS `' . PDO_DATABASE . '` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;');
$db_test = NULL;
}
if (!$DB->connect()) {
echo json_encode(array('error' => $DB->get_last_error()));
} else {
echo json_encode(array('ok' => $lang['database_created']));
}
}
} else {
echo json_encode(array('ok' => $lang['database_exists']));
}
exit;
break;
case 'database_import':
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
try {
$sql = file_get_contents('navigate.sql');
$sql = str_replace("{#!NAVIGATE_FOLDER!#}", NAVIGATE_PARENT . NAVIGATE_FOLDER, $sql);
$sql = explode("\n\n", $sql);
// can't do it in one step => SQLSTATE[HY000]: General error: 2014
foreach ($sql as $sqlline) {
$sqlline = trim($sqlline);
if (empty($sqlline)) {
continue;
}
if (!@$DB->execute($sqlline)) {
$error = $DB->get_last_error();
}
if (!empty($error)) {
break;
}
}
} catch (Exception $e) {
$error = $e->getMessage();
}
if (!empty($error) && false) {
echo json_encode(array('error' => $error));
} else {
echo json_encode(array('ok' => $lang['done']));
}
exit;
break;
case 'create_account':
// create admin
try {
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
$user = new user();
$user->id = 0;
$user->username = $_SESSION['NAVIGATE-SETUP']['ADMIN_USERNAME'];
$user->set_password($_SESSION['NAVIGATE-SETUP']['ADMIN_PASSWORD']);
$user->email = $_SESSION['NAVIGATE-SETUP']['ADMIN_EMAIL'];
$user->profile = 1;
$user->skin = 'cupertino';
$user->language = $_SESSION['navigate_install_lang'];
$user->blocked = 0;
$user->timezone = 'UTC';
$user->date_format = 'Y-m-d H:i';
$user->decimal_separator = ',';
$user->thousands_separator = '';
$user->attempts = 0;
$user->cookie_hash = '';
$user->activation_key = '';
$ok = $user->insert();
if (!$ok) {
throw new Exception($lang['error']);
}
// create default website details
$website = new website();
$website->create_default();
$_SESSION['NAVIGATE-SETUP']['WEBSITE_DEFAULT'] = $website->id;
echo json_encode(array('ok' => $lang['done']));
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
case 'install_default_theme':
try {
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
if (@$_SESSION['NAVIGATE-SETUP']['DEFAULT_THEME'] == 'theme_kit') {
$website = new website();
$website->load($_SESSION['NAVIGATE-SETUP']['WEBSITE_DEFAULT']);
$website->theme = 'theme_kit';
$website->languages = array('en' => array('language' => 'en', 'variant' => '', 'code' => 'en', 'system_locale' => 'en_US.utf8'), 'es' => array('language' => 'es', 'variant' => '', 'code' => 'es', 'system_locale' => 'es_ES.utf8'));
$website->languages_published = array('en', 'es');
$website->save();
// default objects (first user, no events bound...)
$user = new user();
$user->load(1);
$events = new events();
$zip = new ZipArchive();
$zip_open_status = $zip->open(NAVIGATE_PATH . '/themes/theme_kit.zip');
if ($zip_open_status === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/theme_kit');
$zip->close();
$theme = new theme();
$theme->load('theme_kit');
$theme->import_sample($website);
}
echo json_encode(array('ok' => $lang['done']));
} else {
// user does not want to install the default theme
echo json_encode(array('ok' => $lang['not_selected']));
}
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
case 'apache_htaccess':
try {
$nvweb = dirname($_SERVER['REQUEST_URI']) . NAVIGATE_FOLDER . '/web/nvweb.php';
$nvweb = str_replace('//', '/', $nvweb);
$data = array();
$data[] = 'Options +FollowSymLinks';
$data[] = 'Options -Indexes';
$data[] = 'RewriteEngine On';
$data[] = 'RewriteBase /';
$data[] = 'RewriteCond %{REQUEST_FILENAME} !-f';
$data[] = 'RewriteCond %{REQUEST_FILENAME} !-d';
$data[] = 'RewriteRule ^(.+) ' . $nvweb . '?route=$1 [QSA]';
$data[] = 'RewriteRule ^$ ' . $nvweb . '?route=nv.empty [L,QSA]';
$ok = @file_put_contents(dirname(NAVIGATE_PATH) . '/.htaccess', implode("\n", $data));
if (!$ok) {
throw new Exception($lang['unexpected_error']);
}
echo json_encode('true');
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
}
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new website();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'search_links':
// active website only!
$text = $_REQUEST['text'];
$lang = $_REQUEST['lang'];
if (empty($lang)) {
$lang = array_keys($website->languages)[0];
}
$DB->query('
SELECT p.path, d.text
FROM nv_paths p, nv_webdictionary d
WHERE p.website = ' . protect($website->id) . ' AND
p.lang = ' . protect($lang) . ' AND
d.website = p.website AND
d.node_type = p.type AND
d.node_id = p.object_id AND
d.lang = p.lang AND
d.subtype = "title" AND
(
p.path LIKE ' . protect('%' . $text . '%') . ' OR
d.text LIKE ' . protect('%' . $text . '%') . '
)
ORDER BY d.id DESC
LIMIT 10
');
$result = $DB->result();
echo json_encode($result);
core_terminate();
break;
case 'del':
// remove rows
if ($user->permission('websites.delete') == 'true') {
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
}
core_terminate();
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = " 1=1 ";
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$DB->queryLimit('id,name,subdomain,domain,folder,homepage,permission,favicon', 'nv_websites', $where, $orderby, $offset, $max);
$dataset = $DB->result();
$total = $DB->foundRows();
//echo $DB->get_last_error();
$out = array();
$permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
for ($i = 0; $i < count($dataset); $i++) {
$homepage = 'http://';
$homepage_relative_url = $dataset[$i]['homepage'];
if (is_numeric($homepage_relative_url)) {
$homepage_relative_url = path::loadElementPaths('structure', $homepage_relative_url);
$homepage_relative_url = array_shift($homepage_relative_url);
}
if (!empty($dataset[$i]['subdomain'])) {
$homepage .= $dataset[$i]['subdomain'] . '.';
}
$homepage .= $dataset[$i]['domain'] . $dataset[$i]['folder'] . $homepage_relative_url;
$favicon = '';
if (!empty($dataset[$i]['favicon'])) {
$favicon = '<img src="' . NVWEB_OBJECT . '?type=img&id=' . $dataset[$i]['favicon'] . '&width=16&height=16" align="absmiddle" height="16" />';
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $favicon, 2 => $dataset[$i]['name'], 3 => '<a href="' . $homepage . '" target="_blank"><img align="absmiddle" src="' . NAVIGATE_URL . '/img/icons/silk/house_link.png"></a> ' . $homepage, 4 => $permissions[$dataset[$i]['permission']]);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
session_write_close();
exit;
break;
case 'edit':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent']) && $user->permission('websites.edit') == 'true') {
$item->load_from_post();
try {
$item->save();
$id = $item->id;
unset($item);
$item = new website();
$item->load($id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->name, json_encode($_REQUEST));
}
} else {
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->name);
}
}
$out = websites_form($item);
break;
case 'remove':
case 4:
if (!empty($_REQUEST['id']) && $user->permission('websites.delete') == 'true') {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->name, json_encode($_REQUEST));
}
// if we don't have any websites, tell user a new one will be created
$test = $DB->query_single('id', 'nv_websites');
if (empty($test) || !$test) {
$layout->navigate_notification(t(520, 'No website found; a default one has been created.'), false, true);
$nwebsite = new website();
$nwebsite->create_default();
}
$out = websites_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = websites_form($item);
}
}
break;
case 5:
// search an existing path
$DB->query('SELECT path as id, path as label, path as value
FROM nv_paths
WHERE path LIKE ' . protect('%' . $_REQUEST['term'] . '%') . '
AND website = ' . protect($_REQUEST['wid']) . '
ORDER BY path ASC
LIMIT 30', 'array');
echo json_encode($DB->result());
core_terminate();
break;
case 'email_test':
$website->mail_mailer = $_REQUEST['mail_mailer'];
$website->mail_server = $_REQUEST['mail_server'];
$website->mail_port = $_REQUEST['mail_port'];
$website->mail_address = $_REQUEST['mail_address'];
$website->mail_user = $_REQUEST['mail_user'];
$website->mail_security = $_REQUEST['mail_security'] == "true" || $_REQUEST['mail_security'] == "1" ? "1" : "0";
if (!empty($_REQUEST['mail_password'])) {
$website->mail_password = $_REQUEST['mail_password'];
}
$ok = navigate_send_email(APP_NAME, APP_NAME . '<br /><br />' . NAVIGATE_URL, $_REQUEST['send_to']);
echo json_encode($ok);
core_terminate();
break;
case 'reset_statistics':
if ($user->permission('websites.edit') == 'true') {
$website_id = trim($_REQUEST['website']);
$website_id = intval($website_id);
$DB->execute('UPDATE nv_items SET views = 0 WHERE website = ' . $website_id);
$DB->execute('UPDATE nv_paths SET views = 0 WHERE website = ' . $website_id);
$DB->execute('UPDATE nv_structure SET views = 0 WHERE website = ' . $website_id);
echo 'true';
users_log::action($_REQUEST['fid'], $website_id, 'reset_statistics', "", json_encode($_REQUEST));
}
core_terminate();
break;
case 'replace_urls':
$old = trim($_REQUEST['old']);
$new = trim($_REQUEST['new']);
$website_id = trim($_REQUEST['website']);
if (!empty($old) && !empty($new)) {
// replace occurrences in nv_webdictionary
$ok = $DB->execute('
UPDATE nv_webdictionary
SET text = replace(text, :old, :new)
WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id));
// replace occurrences in nv_blocks (triggers & actions)
$ok = $DB->execute('
UPDATE nv_blocks
SET `trigger` = replace(`trigger`, :old, :new),
`action` = replace(`action`, :old, :new)
WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id));
echo $ok ? 'true' : 'false';
if ($ok) {
users_log::action($_REQUEST['fid'], $website_id, 'replace_urls', "", json_encode($_REQUEST));
}
} else {
echo 'false';
}
core_terminate();
break;
case 'remove_content':
$website_id = trim($_REQUEST['website']);
$website_id = intval($website_id);
$password = trim($_REQUEST['password']);
$authenticated = $user->authenticate($user->username, $password);
if ($authenticated) {
// remove all content except Webusers and Files
@set_time_limit(0);
$ok = $DB->execute('
DELETE FROM nv_blocks WHERE website = ' . $website_id . ';
DELETE FROM nv_block_groups WHERE website = ' . $website_id . ';
DELETE FROM nv_comments WHERE website = ' . $website_id . ';
DELETE FROM nv_structure WHERE website = ' . $website_id . ';
DELETE FROM nv_feeds WHERE website = ' . $website_id . ';
DELETE FROM nv_items WHERE website = ' . $website_id . ';
DELETE FROM nv_notes WHERE website = ' . $website_id . ';
DELETE FROM nv_paths WHERE website = ' . $website_id . ';
DELETE FROM nv_properties WHERE website = ' . $website_id . ';
DELETE FROM nv_properties_items WHERE website = ' . $website_id . ';
DELETE FROM nv_search_log WHERE website = ' . $website_id . ';
DELETE FROM nv_webdictionary WHERE website = ' . $website_id . ';
DELETE FROM nv_webdictionary_history WHERE website = ' . $website_id . ';
');
if ($ok) {
users_log::action($_REQUEST['fid'], $website_id, 'remove_content', "", json_encode($_REQUEST));
}
echo $ok ? 'true' : $DB->error();
} else {
echo '';
}
core_terminate();
break;
case 0:
// list / search result
// list / search result
default:
$out = websites_list();
break;
}
return $out;
}
