}
} else {
rename($temp, $init);
if (!file_exists($init)) {
$kill .= sprintf(i18n_r('MOVE_TEMPCONFIG_ERROR'), 'temp.gsconfig.php', 'gsconfig.php') . '<br />';
}
}
# send email to new administrator
$subject = $site_full_name . ' ' . i18n_r('EMAIL_COMPLETE');
$message .= '<p>' . i18n_r('EMAIL_USERNAME') . ': <strong>' . stripslashes($_POST['user']) . '</strong>';
$message .= '<br>' . i18n_r('EMAIL_PASSWORD') . ': <strong>' . $random . '</strong>';
$message .= '<br>' . i18n_r('EMAIL_LOGIN') . ': <a href="' . $SITEURL . $GSADMIN . '/">' . $SITEURL . $GSADMIN . '/</a></p>';
$message .= '<p><em>' . i18n_r('EMAIL_THANKYOU') . ' ' . $site_full_name . '!</em></p>';
$status = sendmail($EMAIL, $subject, $message);
# set the login cookie, then redirect user to secure panel
setcookie('GS_ADMIN_USERNAME', _id($USR));
create_cookie();
# check for fatal errors, if none, redirect to
if ($kill == '') {
redirect("support.php");
}
}
}
get_template('header', $site_full_name . ' » ' . i18n_r('INSTALLATION'));
?>
<h1><?php
echo $site_full_name;
?>
</h1>
</div>
/**
* gets user data from cookie_user.xml
*
* @since 3.4
* @todo use a custom schema array for extracting fields
* @param boolean $returnGlobals return as obj or array of vars
* @return mixed depending on returnGlobals returns xml as object or a defined var array for global extraction
*/
function getUserData($returnGlobals = false)
{
if (isset($_COOKIE['GS_ADMIN_USERNAME'])) {
$cookie_user_id = _id($_COOKIE['GS_ADMIN_USERNAME']);
if (file_exists(GSUSERSPATH . $cookie_user_id . '.xml')) {
$datau = getXML(GSUSERSPATH . $cookie_user_id . '.xml');
$USR = stripslashes($datau->USR);
$HTMLEDITOR = (string) $datau->HTMLEDITOR;
$USRTIMEZONE = (string) $datau->TIMEZONE;
$USRLANG = (string) $datau->LANG;
} else {
$USR = null;
}
} else {
$USR = null;
}
unset($cookie_user_id);
if ($returnGlobals) {
return get_defined_vars();
}
return $datau;
}
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $userid);
$xml->addChild('NAME', $name);
$xml->addChild('PWD', $password);
$xml->addChild('EMAIL', $email);
$xml->addChild('HTMLEDITOR', $htmleditor);
$xml->addChild('TIMEZONE', $timezone);
$xml->addChild('LANG', $lang);
$data = $xml;
if (!empty($error) || empty($password)) {
break;
}
# create user xml file
backup_datafile(GSUSERSPATH . $file);
// remove pass word reset
$resetfile = GSUSERSPATH . getPWDresetName(_id($userid), 'xml');
if (file_exists($resetfile)) {
delete_file($resetfile);
}
exec_action('settings-user');
// @hook settings-user LEGACY pre-save of a users settings
exec_action('profile-save');
// @hook profiel-user pre-save of a users settings
if (!XMLsave($xml, GSUSERSPATH . $file)) {
$error = i18n_r('CHMOD_ERROR');
break;
}
# see new language file immediately
if (!empty($lang)) {
include GSLANGPATH . $lang . '.php';
}
if (!defined('IN_GS')) {
die('you cannot load this page directly.');
}
/**
* Error Checking
*
* Displays error and success messages
*
* @package GetSimple
*
* You can pass $update(global) directly if not using a redirrect and querystring
*
*/
// do not use these alerts if ajax requests as they will not be seen, and interfere with other alerts
if (!requestIsAjax() && file_exists(GSUSERSPATH . _id($USR) . ".xml.reset") && get_filename_id() != 'index' && get_filename_id() != 'resetpassword') {
doNotify(sprintf(i18n_r('ER_PWD_CHANGE'), 'profile.php'), 'error');
}
if (!requestIsAjax() && (!defined('GSNOAPACHECHECK') || GSNOAPACHECHECK == false) and !server_is_apache()) {
doNotify(i18n_r('WARNING') . ': <a href="health-check.php">' . i18n_r('SERVER_SETUP') . ' non-Apache</a>', 'info');
}
if (!isset($update)) {
$update = '';
}
if (isset($_GET['upd'])) {
$update = var_in($_GET['upd']);
}
if (isset($_GET['success'])) {
$success = var_in($_GET['success']);
}
if (isset($_GET['error'])) {
$file = _id($USR) . '.xml';
if (file_exists(GSUSERSPATH . $file)) {
backup_datafile(GSUSERSPATH . $file);
}
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $USR);
$xml->addChild('PWD', $PASSWD);
$xml->addChild('EMAIL', $EMAIL);
$xml->addChild('HTMLEDITOR', '1');
$xml->addChild('TIMEZONE', $TIMEZONE);
$xml->addChild('LANG', $LANG);
if (!XMLsave($xml, GSUSERSPATH . $file)) {
$kill = i18n_r('CHMOD_ERROR');
}
# create password change trigger file
$flagfile = GSUSERSPATH . getPWDresetName(_id($USR), 'xml');
copy_file(GSUSERSPATH . $file, $flagfile);
# create new GSWEBSITEFILE (website.xml) file
$file = GSWEBSITEFILE;
$xmls = new SimpleXMLExtended('<item></item>');
$note = $xmls->addChild('SITENAME');
$note->addCData($SITENAME);
$note = $xmls->addChild('SITEURL');
$note->addCData($SITEURL);
$xmls->addChild('TEMPLATE', GSINSTALLTEMPLATE);
$xmls->addChild('PRETTYURLS', '');
$xmls->addChild('PERMALINK', '');
$xmls->addChild('SITEUSR', $USR);
$xmls->addChild('SITEABOUT', '');
if (!XMLsave($xmls, GSDATAOTHERPATH . $file)) {
$kill = i18n_r('CHMOD_ERROR');
* Pull data from storage
*/
/** grab website data */
$thisfilew = GSDATAOTHERPATH . 'website.xml';
if (file_exists($thisfilew)) {
$dataw = getXML($thisfilew);
$SITENAME = stripslashes($dataw->SITENAME);
$SITEURL = $dataw->SITEURL;
$TEMPLATE = $dataw->TEMPLATE;
$PRETTYURLS = $dataw->PRETTYURLS;
$PERMALINK = $dataw->PERMALINK;
}
/** grab user data */
if (!isset($base)) {
if (isset($_COOKIE['GS_ADMIN_USERNAME'])) {
$cookie_user_id = _id($_COOKIE['GS_ADMIN_USERNAME']);
if (file_exists(GSUSERSPATH . $cookie_user_id . '.xml')) {
$datau = getXML(GSUSERSPATH . $cookie_user_id . '.xml');
$USR = stripslashes($datau->USR);
$HTMLEDITOR = $datau->HTMLEDITOR;
$TIMEZONE = $datau->TIMEZONE;
$LANG = $datau->LANG;
} else {
$USR = null;
$TIMEZONE = 'America/New_York';
}
} else {
$USR = null;
$TIMEZONE = 'America/New_York';
}
} else {
}
/**
* Login Functions
*
* @package GetSimple
* @subpackage Login
*/
$MSG = null;
# if the login cookie is already set, redirect user to control panel
if (cookie_check()) {
redirect($cookie_redirect);
}
# was the form submitted?
if (isset($_POST['submitted'])) {
# initial variable setup
$user_xml = GSUSERSPATH . _id($_POST['userid']) . '.xml';
$userid = strtolower($_POST['userid']);
$password = $_POST['pwd'];
$error = null;
# check the username or password fields
if (!$userid || !$password) {
$error = i18n_r('FILL_IN_REQ_FIELD');
}
# check for any errors
if (!$error) {
exec_action('successful-login-start');
# hash the given password
$password = passhash($password);
# does this user exist?
if (file_exists($user_xml)) {
# pull the data from the user's data file
$SITEURL = $dataw->SITEURL;
$TEMPLATE = $dataw->TEMPLATE;
# creating new user file
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $USR);
$xml->addChild('PWD', $PASSWD);
$xml->addChild('EMAIL', $EMAIL);
$xml->addChild('HTMLEDITOR', $HTMLEDITOR);
$xml->addChild('TIMEZONE', $TIMEZONE);
$xml->addChild('LANG', $LANG);
$status = XMLsave($xml, GSUSERSPATH . _id($USR) . '.xml');
chmod(GSUSERSPATH . _id($USR) . '.xml', 0777);
if (!$status) {
$error .= 'Unable to create new ' . _id($USR) . '.xml file!<br />';
} else {
$message .= '<li>Created new ' . _id($USR) . '.xml file</li>';
}
# rename old wesbite.xml
if (!file_exists(GSDATAOTHERPATH . '_legacy_website.xml')) {
$status = rename(GSDATAOTHERPATH . 'website.xml', GSDATAOTHERPATH . '_legacy_website.xml');
if (!$status) {
$error .= 'Unable to rename website.xml to _legacy_website.xml<br />';
} else {
$message .= '<li>Renamed website.xml to _legacy_website.xml</li>';
}
}
#creating new website file
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('SITENAME', $SITENAME);
$xml->addChild('SITEURL', $SITEURL);
$xml->addChild('TEMPLATE', $TEMPLATE);
if ($pwd1 != $pwd2 && $pwd2 != '') {
#passwords do not match
$error = i18n_r('PASSWORD_NO_MATCH');
} else {
# password cannot be null
if ($pwd1 != '' && $pwd2 != '') {
$PASSWD = passhash($pwd1);
}
// check valid lang files
if (!in_array($LANG . '.php', $lang_array) and !in_array($LANG . '.PHP', $lang_array)) {
die;
}
# create user xml file
createBak($file, GSUSERSPATH, GSBACKUSERSPATH);
if (file_exists(GSUSERSPATH . _id($USR) . '.xml.reset')) {
unlink(GSUSERSPATH . _id($USR) . '.xml.reset');
}
$xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>');
$xml->addChild('USR', $USR);
$xml->addChild('NAME', var_out($NAME));
$xml->addChild('PWD', $PASSWD);
$xml->addChild('EMAIL', var_out($EMAIL, 'email'));
$xml->addChild('HTMLEDITOR', $HTMLEDITOR);
$xml->addChild('TIMEZONE', $TIMEZONE);
$xml->addChild('LANG', $LANG);
exec_action('settings-user');
if (!XMLsave($xml, GSUSERSPATH . $file)) {
$error = i18n_r('CHMOD_ERROR');
}
# create website xml file
createBak($wfile, GSDATAOTHERPATH, GSBACKUPSPATH . 'other/');
function addComponentItem($xml, $title, $value, $active, $slug = null)
{
if ($title != null && !empty($title)) {
if ($slug == null || _id($slug) == '') {
$slug = to7bit($title, 'UTF-8');
$slug = clean_url($slug);
}
$title = safe_slash_html($title);
$value = safe_slash_html($value);
$disabled = $active;
if (!is_object($xml)) {
$xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>');
}
# create the body of components.xml file
$component = $xml->addChild('item');
$c_note = $component->addChild('title');
$c_note->addCData($title);
$component->addChild('slug', $slug);
$c_note = $component->addChild('value');
$c_note->addCData($value);
$c_note = $component->addChild('disabled');
$c_note->addCData($disabled);
}
// debugLog(var_dump($component->asXML()));
return $xml;
}
$SITEURL = $dataw->SITEURL;
$TEMPLATE = $dataw->TEMPLATE;
# creating new user file
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $USR);
$xml->addChild('PWD', $PASSWD);
$xml->addChild('EMAIL', $EMAIL);
$xml->addChild('HTMLEDITOR', $HTMLEDITOR);
$xml->addChild('TIMEZONE', $TIMEZONE);
$xml->addChild('LANG', $LANG);
$status = XMLsave($xml, GSUSERSPATH . _id($USR) . '.xml');
chmod(GSUSERSPATH . _id($USR) . '.xml', 0777);
if (!$status) {
$error .= msgError('Unable to create new ' . _id($USR) . '.xml file!');
} else {
$message .= msgOK('Created new ' . _id($USR) . '.xml file');
}
# rename old wesbite.xml
if (!file_exists(GSDATAOTHERPATH . '_legacy_website.xml')) {
$status = rename(GSDATAOTHERPATH . 'website.xml', GSDATAOTHERPATH . '_legacy_website.xml');
if (!$status) {
$error .= msgError('Unable to rename website.xml to _legacy_website.xml');
} else {
$message .= msgOK('Renamed website.xml to _legacy_website.xml');
}
}
#creating new website file
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('SITENAME', $SITENAME);
$xml->addChild('SITEURL', $SITEURL);
$xml->addChild('TEMPLATE', $TEMPLATE);
*
* Code to either create or edit a page. This is the action page
* for the form on edit.php
*
* @package GetSimple
* @subpackage Page-Edit
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
login_cookie_check();
$draft = isset($_GET['nodraft']) || isset($_POST['post-nodraft']) || !getDef('GSUSEDRAFTS', true) ? false : true;
// (bool) using draft pages
if (isset($_GET['publish']) && isset($_GET['id'])) {
$id = var_in(_id($_GET['id']));
safemodefail('publish', 'edit.php?id=' . $id);
if (!filepath_is_safe(GSDATADRAFTSPATH . $id . '.xml', GSDATADRAFTSPATH)) {
$status = false;
} else {
$status = publishDraft($id);
}
if ($status) {
exec_action('draft-publish');
// @hook draft-publish a draft was published
generate_sitemap();
// regenerates sitemap
}
redirect("pages.php?id=" . $id . "&upd=publish-" . ($status ? 'success' : 'error'));
die;
}
if (isset($_POST['username']) and !empty($_POST['username'])) {
# user filename
$file = _id($_POST['username']) . '.xml';
# get user information from existing XML file
if (filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH)) {
$data = simplexml_load_file(GSUSERSPATH . $file);
$USR = strtolower($data->USR);
$EMAIL = $data->EMAIL;
if (strtolower($_POST['username']) == $USR) {
# create new random password
$random = createRandomPassword();
// $random = '1234';
# create backup
createBak($file, GSUSERSPATH, GSBACKUSERSPATH);
# create password change trigger file
$flagfile = GSUSERSPATH . _id($USR) . ".xml.reset";
copy(GSUSERSPATH . $file, $flagfile);
# change password and resave xml file
$data->PWD = passhash($random);
$status = XMLsave($data, GSUSERSPATH . $file);
# send the email with the new password
$subject = $site_full_name . ' ' . i18n_r('RESET_PASSWORD') . ' ' . i18n_r('ATTEMPT');
$message = "<p>" . cl($SITENAME) . " " . i18n_r('RESET_PASSWORD') . " " . i18n_r('ATTEMPT') . '</p>';
$message .= "<p>" . i18n_r('LABEL_USERNAME') . ": <strong>" . $USR . "</strong>";
$message .= "<br>" . i18n_r('NEW_PASSWORD') . ": <strong>" . $random . "</strong>";
$message .= '<br>' . i18n_r('EMAIL_LOGIN') . ': <a href="' . $SITEURL . $GSADMIN . '/">' . $SITEURL . $GSADMIN . '/</a></p>';
exec_action('resetpw-success');
$status = sendmail($EMAIL, $subject, $message);
# show the result of the reset attempt
usleep($randSleep);
$status = 'success';
public function mmAddUser()
{
//Set User File, Username, And Password From Submission
$usrfile = strtolower($_POST['usernamec']);
$usrfile = $usrfile . '.xml';
$NUSR = strtolower($_POST['usernamec']);
$pwd1 = $_POST['userpassword'];
$NPASSWD = passhash($pwd1);
// create user xml file - This coding was mostly taken from the 'settings.php' page..
createBak($usrfile, GSUSERSPATH, GSBACKUSERSPATH);
if (file_exists(GSUSERSPATH . _id($NUSR) . '.xml.reset')) {
unlink(GSUSERSPATH . _id($NUSR) . '.xml.reset');
}
$xml = new SimpleXMLExtended('<item></item>');
$xml->addChild('USR', $NUSR);
$xml->addChild('PWD', $NPASSWD);
$xml->addChild('EMAIL', $_POST['useremail']);
$xml->addChild('HTMLEDITOR', $_POST['usereditor']);
$xml->addChild('TIMEZONE', $_POST['ntimezone']);
$xml->addChild('LANG', $_POST['userlng']);
$xml->addChild('USERSNAME', $_POST['users_name']);
$userbio = $xml->addChild('USERSBIO');
$userbio->addCData($_POST['users_bio']);
$perm = $xml->addChild('PERMISSIONS');
$perm->addChild('PAGES', $_POST['Pages']);
$perm->addChild('FILES', $_POST['Files']);
$perm->addChild('THEME', $_POST['Theme']);
$perm->addChild('PLUGINS', $_POST['Plugins']);
$perm->addChild('BACKUPS', $_POST['Backups']);
$perm->addChild('SETTINGS', $_POST['Settings']);
$perm->addChild('SUPPORT', $_POST['Support']);
$perm->addChild('EDIT', $_POST['Edit']);
$perm->addChild('LANDING', $_POST['Landing']);
$perm->addChild('ADMIN', $_POST['Admin']);
save_custom_permissions();
if (!XMLsave($xml, GSUSERSPATH . $usrfile)) {
$error = i18n_r('CHMOD_ERROR');
} else {
print '<div class="updated" style="display: block;">' . $NUSR . ' ' . i18n_r('user-managment/CREATED') . '</div>';
}
//Show Manage Form
mmManageUsersForm();
}
if ($pwd1 != $pwd2 || $adding === true && (empty($pwd1) || $pwd1 !== $pwd2)) {
#passwords do not match
$error = i18n_r('PASSWORD_NO_MATCH');
} else {
# password cannot be null
if ($pwd1 != '') {
$password = passhash($pwd1);
}
// check valid lang files
if (!in_array($lang . '.php', $lang_array) and !in_array($lang . '.PHP', $lang_array)) {
$lang = '';
}
# create user xml file
createBak($file, GSUSERSPATH, GSBACKUSERSPATH);
if (file_exists(GSUSERSPATH . _id($userid) . '.xml.reset')) {
unlink(GSUSERSPATH . _id($userid) . '.xml.reset');
}
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $userid);
$xml->addChild('NAME', $name);
$xml->addChild('PWD', $password);
$xml->addChild('EMAIL', $email);
$xml->addChild('HTMLEDITOR', $htmleditor);
$xml->addChild('TIMEZONE', $timezone);
$xml->addChild('LANG', $lang);
$data = $xml;
exec_action('settings-user');
if (!XMLsave($xml, GSUSERSPATH . $file)) {
$error = i18n_r('CHMOD_ERROR');
}
# see new language file immediately
function stock($w, $h)
{
?>
<g>
<rect id="<?=_id();?>" class="fil2" x="0" y="0" width="<?=$w?>" height="<?=$h?>"/>
</g>
<?
}
