}
?>
<body>
<?php
printLogoAndLinks();
?>
<div id="main">
<div id="content">
<h1><?php
echo gettext('Setup request');
?>
</h1>
<div class="tabbox">
<p>
<?php
if (zpFunctions::hasPrimaryScripts()) {
if ($found) {
echo '<a href="' . WEBPATH . '/' . ZENFOLDER . '/setup.php?xsrfToken=' . getXSRFToken('setup') . '">' . gettext('Click to restore the setup scripts and run setup.') . '</a>';
} else {
printf(gettext('You must restore the setup files from the %1$s release.'), ZENPHOTO_VERSION);
}
} else {
echo gettext('You must restore the setup files on your primary installation to run the setup operation.');
}
?>
</p>
</div>
</div>
</div>
</body>
</html>
/**
* control when and how setup scripts are turned back into PHP files
* @param int reason
* 1 No prior install signature
* 2 restore setup files button
* 4 Clone request
* 5 Setup run with proper XSRF token
* 6 checkSignature and no prior signature
* 11 No config file
* 12 No database specified
* 13 No DB connection
* 14 checkInstall Version has changed
*/
function restoreSetupScrpts($reason)
{
//log setup file restore no matter what!
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/security-logger.php';
switch ($reason) {
default:
$addl = sprintf(gettext('to run setup [%s]'), $reason);
break;
case 2:
$addl = gettext('by Admin request');
break;
case 4:
$addl = gettext('by cloning');
break;
}
$allowed = defined('ADMIN_RIGHTS') && zp_loggedin(ADMIN_RIGHTS) && zpFunctions::hasPrimaryScripts();
security_logger::log_setup($allowed, 'restore', $addl);
if ($allowed) {
if (!defined('FILE_MOD')) {
define('FILE_MOD', 0666);
}
chdir(dirname(__FILE__) . '/setup/');
$found = safe_glob('*.xxx');
foreach ($found as $script) {
chmod($script, 0777);
if (@rename($script, stripSuffix($script) . '.php')) {
chmod(stripSuffix($script) . '.php', FILE_MOD);
} else {
chmod($script, FILE_MOD);
}
}
}
}
/**
* Write output to the debug log
* Use this for debugging when echo statements would come before headers are sent
* or would create havoc in the HTML.
* Creates (or adds to) a file named debug.log which is located in the zenphoto core folder
*
* @param string $message the debug information
* @param bool $reset set to true to reset the log to zero before writing the message
* @param string $log alternative log file
*/
function debugLog($message, $reset = false, $log = 'debug')
{
if (defined('SERVERPATH')) {
global $_zp_mutex;
$path = SERVERPATH . '/' . DATA_FOLDER . '/' . $log . '.log';
$me = getmypid();
if (is_object($_zp_mutex)) {
$_zp_mutex->lock();
}
if ($reset || ($size = @filesize($path)) == 0 || defined('DEBUG_LOG_SIZE') && DEBUG_LOG_SIZE && $size > DEBUG_LOG_SIZE) {
if (!$reset && $size > 0) {
switchLog('debug');
}
$f = fopen($path, 'w');
if ($f) {
if (!class_exists('zpFunctions') || zpFunctions::hasPrimaryScripts()) {
$clone = '';
} else {
$clone = ' ' . gettext('clone');
}
fwrite($f, '{' . $me . ':' . gmdate('D, d M Y H:i:s') . " GMT} ZenPhoto20 v" . ZENPHOTO_VERSION . $clone . "\n");
}
} else {
$f = fopen($path, 'a');
if ($f) {
fwrite($f, '{' . $me . ':' . gmdate('D, d M Y H:i:s') . " GMT}\n");
}
}
if ($f) {
fwrite($f, " " . $message . "\n");
fclose($f);
clearstatcache();
if (defined('DATA_MOD')) {
@chmod($path, DATA_MOD);
}
}
if (is_object($_zp_mutex)) {
$_zp_mutex->unlock();
}
}
}
case 'plugins':
$plugin_subfolders[] = implode('/', $folders);
unset($installed_files[$key]);
// this will be taken care of later
break;
case STATIC_CACHE_FOLDER:
$Cache_html_subfolders[] = implode('/', $folders);
unset($installed_files[$key]);
break;
}
}
$filelist = '';
foreach ($installed_files as $extra) {
$filelist .= filesystemToInternal(str_replace($base, '', $extra) . '<br />');
}
if (class_exists('zpFunctions') && zpFunctions::hasPrimaryScripts() && count($installed_files) > 0) {
if (defined('TEST_RELEASE') && TEST_RELEASE) {
$msg1 = gettext("Zenphoto core files [This is a <em>debug</em> build. Some files are missing or seem wrong]");
} else {
$msg1 = gettext("Zenphoto core files [Some files are missing or seem wrong]");
}
$msg2 = gettext('Perhaps there was a problem with the upload. You should check the following files: ') . '<br /><code>' . substr($filelist, 0, -6) . '</code>';
$mark = -1;
} else {
if (defined('TEST_RELEASE') && TEST_RELEASE) {
$mark = -1;
$msg1 = gettext("Zenphoto core files [This is a <em>debug</em> build]");
} else {
$msg1 = '';
$mark = 1;
}
/**
* Does the log handling
*
* @param int $success
* @param string $user
* @param string $name
* @param string $ip
* @param string $type
* @param string $authority kind of login
* @param string $addl more info
*/
private static function Logger($success, $user, $name, $action, $authority, $addl = NULL)
{
global $_zp_authority, $_zp_mutex;
$pattern = '~^([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.([01]?\\d\\d?|2[0-4]\\d|25[0-5])$~';
$forwardedIP = NULL;
$ip = sanitize($_SERVER['REMOTE_ADDR']);
if (!preg_match($pattern, $ip)) {
$ip = NULL;
}
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$forwardedIP = sanitize($_SERVER['HTTP_X_FORWARDED_FOR']);
if (preg_match($pattern, $forwardedIP)) {
$ip .= ' {' . $forwardedIP . '}';
}
}
$admin = $_zp_authority->getMasterUser();
$locale = $admin->getLanguage();
if (empty($locale)) {
$locale = 'en_US';
}
$cur_locale = getUserLocale();
setupCurrentLocale($locale);
// the log will be in the language of the master user.
switch ($action) {
case 'clear_log':
$type = gettext('Log reset');
break;
case 'delete_log':
$type = gettext('Log deleted');
break;
case 'download_log':
$type = gettext('Log downloaded');
break;
case 'setup_install':
$type = gettext('Install');
$addl = gettext('version') . ' ' . ZENPHOTO_VERSION . '[' . ZENPHOTO_RELEASE . "]";
if (!zpFunctions::hasPrimaryScripts()) {
$addl .= ' ' . gettext('clone');
}
break;
case 'setup_proptect':
$type = gettext('Protect setup scripts');
break;
case 'user_new':
$type = gettext('Request add user');
break;
case 'user_update':
$type = gettext('Request update user');
break;
case 'user_delete':
$type = gettext('Request delete user');
break;
case 'XSRF_blocked':
$type = gettext('Cross Site Reference');
break;
case 'blocked_album':
$type = gettext('Album access');
break;
case 'blocked_access':
$type = gettext('Admin access');
break;
case 'Front-end':
$type = gettext('Guest login');
break;
case 'Back-end':
$type = gettext('Admin login');
break;
case 'auth_cookie':
$type = gettext('Authorization cookie check');
break;
default:
$type = $action;
break;
}
$file = SERVERPATH . '/' . DATA_FOLDER . '/security.log';
$max = getOption('security_log_size');
$_zp_mutex->lock();
if ($max && @filesize($file) > $max) {
switchLog('security');
}
$preexists = file_exists($file) && filesize($file) > 0;
$f = fopen($file, 'a');
if ($f) {
if (!$preexists) {
// add a header
fwrite($f, gettext('date' . "\t" . 'requestor’s IP' . "\t" . 'type' . "\t" . 'user ID' . "\t" . 'user name' . "\t" . 'outcome' . "\t" . 'authority' . "\tadditional information\n"));
}
$message = date('Y-m-d H:i:s') . "\t";
$message .= $ip . "\t";
$message .= $type . "\t";
$message .= $user . "\t";
$message .= $name . "\t";
switch ($success) {
case 0:
$message .= gettext("Failed") . "\t";
break;
case 1:
$message .= gettext("Success") . "\t";
$message .= substr($authority, 0, strrpos($authority, '_auth'));
break;
case 2:
$message .= gettext("Blocked") . "\t";
break;
default:
$message .= $success . "\t";
}
if ($addl) {
$message .= "\t" . $addl;
}
fwrite($f, $message . "\n");
fclose($f);
clearstatcache();
if (!$preexists) {
@chmod($file, 0660 & CHMOD_VALUE);
if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
$permission = fileperms($file) & 0700;
// on Windows owner==group==public
$check = $permission != 0600 & CHMOD_VALUE;
} else {
$permission = fileperms($file) & 0777;
$check = $permission != 0660 & CHMOD_VALUE;
}
if ($check) {
$f = fopen($file, 'a');
fwrite($f, "\t\t" . gettext('Set Security log permissions') . "\t\t\t" . gettext('Failed') . "\t\t" . sprintf(gettext('File permissions of Security log are %04o'), $permission) . "\n");
fclose($f);
clearstatcache();
}
}
}
$_zp_mutex->unlock();
setupCurrentLocale($cur_locale);
// restore to whatever was in effect.
}
* <b>Note:</b> If the destination already has a installation these files and folders will be removed by the cloning
* process!
*
* The <i>Delete setup scripts</i> button will remove the <var>setup</var> files from the current installation. This is
* the same function provided by <i>Setup</i> after a successful install. It is provided here because you will likely not want to
* remove the setup scripts until you have cloned and installed all desired destinations.
*
* @author Stephen Billard (sbillard)
*
* @package plugins
* @subpackage admin
*/
$plugin_is_filter = 5 | ADMIN_PLUGIN;
$plugin_description = gettext('Allows multiple installations to share a single set of script files.');
$plugin_author = "Stephen Billard (sbillard)";
$plugin_disable = SYMLINK ? zpFunctions::hasPrimaryScripts() ? false : gettext('Only the primary installation may clone offspring installations.') : gettext('Your server does not support symbolic linking.');
require_once SERVERPATH . '/' . ZENFOLDER . '/reconfigure.php';
if ($plugin_disable) {
enableExtension('cloneZenphoto', 0);
} else {
zp_register_filter('admin_tabs', 'cloneZenphoto::tabs');
class cloneZenphoto
{
static function tabs($tabs)
{
if (zp_loggedin(ADMIN_RIGHTS)) {
$oldtabs = $tabs;
$tabs = array();
foreach ($oldtabs as $tab => $data) {
if ($tab == 'logs') {
$tabs['clone'] = array('text' => gettext("clone"), 'link' => WEBPATH . "/" . ZENFOLDER . '/' . PLUGIN_FOLDER . '/cloneZenphoto/cloneTab.php', 'rights' => ADMIN_RIGHTS, 'subtabs' => NULL);
}
}
$filelist = '';
$report = $installed_files;
if (count($report) > 15) {
shuffle($report);
$report = array_slice($report, 0, 15);
natsort($report);
}
foreach ($report as $extra) {
$filelist .= filesystemToInternal(str_replace($base, '', $extra) . '<br />');
}
if ($report != $installed_files) {
$filelist .= '....<br />';
}
if (zpFunctions::hasPrimaryScripts() && count($installed_files) > 0) {
if (defined('TEST_RELEASE') && TEST_RELEASE) {
$msg1 = gettext("ZenPhoto20 core files [This is a <em>debug</em> build. Some files are missing or seem wrong]");
} else {
$msg1 = gettext("ZenPhoto20 core files [Some files are missing or seem wrong]");
}
$msg2 = gettext('Perhaps there was a problem with the upload. You should check the following files: ') . '<br /><code>' . substr($filelist, 0, -6) . '</code>';
$mark = -1;
} else {
if (isset($rootupdate) && !$rootupdate) {
$mark = 0;
$msg1 = gettext("ZenPhoto20 core files [Could not update the root <em>index.php</em> file.]");
$msg2 = sprintf(gettext('Perhaps there is a permissions issue. You should manually copy the %s <em>root_index.php</em> file to the installation root and rename it <em>index.php</em>.'), ZENFOLDER);
} else {
if (defined('TEST_RELEASE') && TEST_RELEASE) {
$mark = -1;
function site_upgrade_button($buttons)
{
global $_zp_conf_vars, $_site_filelist;
$state = @$_zp_conf_vars['site_upgrade_state'];
$hash = '';
foreach ($_site_filelist as $name => $source) {
if (file_exists(SERVERPATH . '/' . USER_PLUGIN_FOLDER . '/site_upgrade/' . $name)) {
$hash .= md5(file_get_contents(SERVERPATH . '/' . USER_PLUGIN_FOLDER . '/site_upgrade/' . $name));
}
}
if ($hash !== getOption('site_upgrade_hash')) {
$buttons[] = array('XSRFTag' => 'site_upgrade_refresh', 'category' => gettext('Admin'), 'enable' => true, 'button_text' => gettext('Restore site_upgrade files'), 'formname' => 'refreshHTML', 'action' => FULLWEBPATH . '/' . ZENFOLDER . '/admin.php', 'icon' => 'images/refresh.png', 'title' => gettext('Restores the files in the "plugins/site_upgrade" folder to their default state. Note: this will overwrite any custom edits you may have made.'), 'alt' => '', 'hidden' => '<input type="hidden" name="refreshHTML" value="1" />', 'rights' => ADMIN_RIGHTS);
}
switch ($state) {
case 'closed':
$buttons[] = array('XSRFTag' => 'site_upgrade', 'category' => gettext('Admin'), 'enable' => 2, 'button_text' => gettext('Site » test mode'), 'formname' => 'site_upgrade', 'action' => FULLWEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/site_upgrade/site_upgrade.php', 'icon' => 'images/lock_open.png', 'title' => gettext('Make the site available for viewing administrators only.'), 'onclick' => "\$('#site_upgrade_form').dirtyForms('setClean');this.form.submit();", 'alt' => '', 'hidden' => '<input type="hidden" name="siteState" value="closed_for_test" />', 'rights' => ADMIN_RIGHTS);
break;
case 'closed_for_test':
$buttons[] = array('XSRFTag' => 'site_upgrade', 'category' => gettext('Admin'), 'enable' => 2, 'button_text' => gettext('Site » open'), 'formname' => 'site_upgrade', 'action' => FULLWEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/site_upgrade/site_upgrade.php', 'icon' => 'images/lock.png', 'title' => gettext('Make site available for viewing.'), 'alt' => '', 'hidden' => '<input type="hidden" name="siteState" value="open" />', 'rights' => ADMIN_RIGHTS);
list($diff, $needs) = checkSignature(0);
if (zpFunctions::hasPrimaryScripts() && empty($needs)) {
?>
<script type="text/javascript">
window.addEventListener('load', function () {
$('#site_upgrade').submit(function () {
return confirm('<?php
echo gettext('Your setup scripts are not protected!');
?>
');
})
}, false);
</script>
<?php
}
break;
default:
$buttons[] = array('XSRFTag' => 'site_upgrade', 'category' => gettext('Admin'), 'enable' => true, 'button_text' => gettext('Site » close'), 'formname' => 'site_upgrade.php', 'action' => FULLWEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/site_upgrade/site_upgrade.php', 'icon' => 'images/lock.png', 'title' => gettext('Make site unavailable for viewing by redirecting to the "closed.html" page.'), 'alt' => '', 'hidden' => '<input type="hidden" name="siteState" value="closed" />', 'rights' => ADMIN_RIGHTS);
break;
}
return $buttons;
}
