Example #1
0
<?php

define('OFFSET_PATH', 3);
require_once "../../admin-globals.php";
require_once SERVERPATH . '/' . ZENFOLDER . '/template-functions.php';
admin_securityChecks(ALBUM_RIGHTS, currentRelativeURL());
function unpublishSubalbums($album)
{
    global $_zp_gallery;
    $albums = $album->getAlbums();
    foreach ($albums as $albumname) {
        $subalbum = newAlbum($albumname);
        $subalbum->setShow(false);
        $subalbum->save();
        unpublishSubalbums($subalbum);
    }
}
$report = false;
$publish_albums_list = array();
$publish_images_list = array();
if (isset($_POST['set_defaults'])) {
    XSRFdefender('publishContent');
    $_zp_gallery->setAlbumPublish((int) isset($_POST['album_default']));
    $_zp_gallery->setImagePublish((int) isset($_POST['image_default']));
    $_zp_gallery->save();
    $report = 'defaults';
} else {
    if (isset($_POST['publish'])) {
        $action = sanitize($_POST['publish']);
        unset($_POST['publish']);
        XSRFdefender('publishContent');
Example #2
0
<?php

/**
 * Bulk enable/disable of plugins
 * @package core
 */
// force UTF-8 Ø
define('OFFSET_PATH', 3);
require_once dirname(dirname(dirname($_SERVER['SCRIPT_FILENAME']))) . "/zp-core/admin-globals.php";
admin_securityChecks(ADMIN_RIGHTS, $return = currentRelativeURL());
XSRFdefender('pluginEnabler');
if (isset($_GET['pluginsRemember'])) {
    setOption('pluginEnabler_currentset', serialize(array_keys(getEnabledPlugins())));
    $report = gettext('Current enabled plugins remembered');
}
if (isset($_GET['pluginsEnable'])) {
    $paths = getPluginFiles('*.php');
    $pluginlist = array_keys($paths);
    switch ($setting = sanitize_numeric($_GET['pluginsEnable'])) {
        case 0:
            $report = gettext('Plugins disabled');
            break;
        case 1:
            $report = gettext('Zenphoto plugins enabled');
            break;
        case 2:
            $report = gettext('Remembered plugins enabled');
            $savedlist = getSerializedArray(getOption('pluginEnabler_currentset'));
            break;
        case 3:
            $report = gettext('All plugins enabled');
Example #3
0
<?php

define('OFFSET_PATH', 3);
require_once dirname(dirname(__FILE__)) . '/admin-functions.php';
$_zp_loggedin = NULL;
if (isset($_POST['auth'])) {
    $hash = sanitize($_POST['auth']);
    $id = sanitize($_POST['id']);
    $_zp_loggedin = $_zp_authority->checkAuthorization($hash, $id);
}
admin_securityChecks(UPLOAD_RIGHTS, $return = currentRelativeURL(__FILE__));
if (!empty($_FILES)) {
    $gallery = new Gallery();
    $name = trim(basename(sanitize($_FILES['file']['name'], 3)));
    if (isset($_FILES['Filedata']['error']) && $_FILES['file']['error']) {
        $error = $_FILES['Filedata']['error'];
        debugLogArray('Uploadify error:', $_FILES);
        trigger_error(sprintf(gettext('Uploadify error on %1$s. Review your debug log.'), $name));
    } else {
        $tempFile = sanitize($_FILES['file']['tmp_name'], 3);
        $folder = trim(sanitize($_POST['http_folder'], 3));
        if (substr($folder, 0, 1) == '/') {
            $folder = substr($folder, 1);
        }
        if (substr($folder, 0, 1) == '/') {
            $folder = substr($folder, 1);
        }
        if (substr($folder, -1) == '/') {
            $folder = substr($folder, 0, -1);
        }
        $folder = zp_apply_filter('admin_upload_process', $folder);
Example #4
0
 * zenpage admin-edit.php
 *
 * @author Malte Müller (acrylian)
 * @package plugins
 * @subpackage zenpage
 */
define("OFFSET_PATH", 4);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
require_once "admin-functions.php";
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/tag_suggest.php';
if (is_AdminEditPage('page')) {
    $rights = ZENPAGE_PAGES_RIGHTS;
} else {
    $rights = ZENPAGE_NEWS_RIGHTS;
}
admin_securityChecks($rights, currentRelativeURL());
updatePublished('news');
updatePublished('pages');
$saveitem = '';
$reports = array();
if (is_AdminEditPage('page')) {
    $_GET['tab'] = $tab = 'pages';
    $new = 'newPage';
    $update = 'updatePage';
} else {
    if (is_AdminEditPage('newsarticle')) {
        $_GET['tab'] = $tab = 'news';
        $new = 'newArticle';
        $update = 'updateArticle';
    } else {
        if (is_AdminEditPage('newscategory')) {
Example #5
0
<?php

/**
 */
define('OFFSET_PATH', 1);
require_once dirname(__FILE__) . '/admin-globals.php';
admin_securityChecks(FILES_RIGHTS, currentRelativeURL(__FILE__));
printAdminHeader('upload', 'files');
echo "\n</head>";
?>

<body>

<?php 
printLogoAndLinks();
?>
<div id="main">
	<?php 
printTabs();
?>
	<div id="content">
		<div id="container">
			<?php 
$subtab = printSubtabs();
?>
			<div class="tabbox">
				<?php 
zp_apply_filter('admin_note', 'upload', $subtab);
?>
				<h1><?php 
echo gettext('File Manager');
Example #6
0
<?php

// force UTF-8 Ø
define('OFFSET_PATH', 3);
require_once dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/admin-globals.php";
admin_securityChecks(ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS, '');
if (extensionEnabled('zenpage')) {
    require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . "/zenpage/zenpage-template-functions.php";
}
header('Last-Modified: ' . ZP_LAST_MODIFIED);
header('Content-Type: text/html; charset=' . LOCAL_CHARSET);
?>
<!-- tinyZenpage - A TinyMCE plugin for Zenphoto with Zenpage
		 Version: 1.4.6
		 Author: Malte Müller (acrylian), Stephen Billard (sbillard)
		 inspired by Alessandro "Simbul" Morandi's  ZenphotoPress (http://simbul.bzaar.net/zenphotopress)
		 License: GPL v2 or later http://www.gnu.org/licenses/gpl.html -->
<!DOCTYPE html>
<html>
	<head>
		<title>tinyZenpage</title>
		<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
		<script type="text/javascript" src="<?php 
echo WEBPATH . '/' . ZENFOLDER;
?>
/js/htmlencoder.js"></script>
		<script type="text/javascript" src="<?php 
echo WEBPATH . '/' . ZENFOLDER;
?>
/js/jquery.js"></script>
Example #7
0
<?php

/**
 * provides the Comments tab of admin
 * @package admin
 */
// force UTF-8 Ø
define('OFFSET_PATH', 1);
require_once '../../admin-globals.php';
admin_securityChecks(COMMENT_RIGHTS, currentRelativeURL());
if (isset($_GET['page'])) {
    $page = sanitize($_GET['page']);
} else {
    $page = '';
}
if (isset($_GET['fulltext']) && $_GET['fulltext']) {
    $fulltext = true;
} else {
    $fulltext = false;
}
if (isset($_GET['viewall'])) {
    $viewall = true;
} else {
    $viewall = false;
}
/* handle posts */
if (isset($_GET['action'])) {
    switch ($_GET['action']) {
        case "spam":
            XSRFdefender('comment_update');
            $comment = new Comment(sanitize_numeric($_GET['id']));
Example #8
0
<?php

/**
 * provides the Options tab of admin
 * @package admin
 */
// force UTF-8 Ø
define('OFFSET_PATH', 1);
require_once dirname(__FILE__) . '/admin-globals.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/functions-config.php';
admin_securityChecks(OPTIONS_RIGHTS, currentRelativeURL());
define('PLUGINS_PER_PAGE', max(1, getOption('plugins_per_page')));
if (isset($_GET['subpage'])) {
    $subpage = sanitize_numeric($_GET['subpage']);
} else {
    if (isset($_POST['subpage'])) {
        $subpage = sanitize_numeric($_POST['subpage']);
    } else {
        $subpage = 0;
    }
}
if (!isset($_GET['page'])) {
    if (array_key_exists('options', $zenphoto_tabs)) {
        $_GET['page'] = 'options';
    } else {
        $_GET['page'] = 'users';
        // must be a user with no options rights
    }
}
$_current_tab = sanitize($_GET['page'], 3);
/* handle posts */
Example #9
0
<?php

/**
 * Use this utility to reset your album thumbnails to either "random" or from an ordered field query
 *
 * @package admin
 */
define('OFFSET_PATH', 3);
require_once dirname(dirname(__FILE__)) . '/admin-globals.php';
require_once dirname(dirname(__FILE__)) . '/template-functions.php';
$buttonlist[] = array('category' => gettext('Database'), 'enable' => true, 'button_text' => gettext('Reset album thumbs'), 'formname' => 'reset_albumthumbs.php', 'action' => 'utilities/reset_albumthumbs.php', 'icon' => 'images/reset.png', 'title' => gettext('Reset album thumbnails to either random or most recent'), 'alt' => '', 'hidden' => '', 'rights' => MANAGE_ALL_ALBUM_RIGHTS | ADMIN_RIGHTS);
admin_securityChecks(MANAGE_ALL_ALBUM_RIGHTS, $return = currentRelativeURL());
if (isset($_REQUEST['thumbtype']) || isset($_REQUEST['thumbselector'])) {
    XSRFdefender('reset_thumbs');
}
$buffer = '';
$webpath = WEBPATH . '/' . ZENFOLDER . '/';
$zenphoto_tabs['overview']['subtabs'] = array(gettext('Thumbs') => '');
printAdminHeader('overview', 'thumbs');
echo '</head>';
?>

<body>
	<?php 
printLogoAndLinks();
?>
	<div id="main">
		<?php 
printTabs();
?>
		<div id="content">
Example #10
0
/**
 * zenpage admin-edit.php
 *
 * @author Malte Müller (acrylian)
 * @package plugins
 * @subpackage zenpage
 */
define("OFFSET_PATH", 4);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
require_once "zenpage-admin-functions.php";
if (is_AdminEditPage('newsarticle')) {
    $rights = ZENPAGE_NEWS_RIGHTS;
} else {
    $rights = ZENPAGE_PAGES_RIGHTS;
}
admin_securityChecks($rights, currentRelativeURL(__FILE__));
$saveitem = '';
$reports = array();
if (is_AdminEditPage('page')) {
    $tab = 'pages';
    if (isset($_GET['titlelink'])) {
        $result = new ZenpagePage(urldecode($_GET['titlelink']));
    } else {
        if (isset($_GET['update'])) {
            XSRFdefender('update');
            $result = updatePage($reports);
            if (getCheckboxState('copy_delete_object')) {
                switch (sanitize($_POST['copy_delete_object'])) {
                    case 'copy':
                        $as = trim(sanitize(sanitize($_POST['copy_object_as'])));
                        if (empty($as)) {
Example #11
0
<?php

/**
 * This template is used to generate cache images. Running it will process the entire gallery,
 * supplying an album name (ex: loadAlbums.php?album=newalbum) will only process the album named.
 * Passing clear=on will purge the designated cache before generating cache images
 * @package plugins
 */
// force UTF-8 Ø
define('OFFSET_PATH', 3);
require_once "../../admin-globals.php";
require_once SERVERPATH . '/' . ZENFOLDER . '/template-functions.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/cacheManager/functions.php';
admin_securityChecks(NULL, $return = currentRelativeURL());
XSRFdefender('cacheDBImages');
$zenphoto_tabs['overview']['subtabs'] = array(gettext('Cache images') => PLUGIN_FOLDER . '/cacheManager/cacheImages.php?page=overview&tab=images', gettext('Cache stored images') => PLUGIN_FOLDER . '/cacheManager/cacheDBImages.php?page=overview&tab=DB&XSRFToken=' . getXSRFToken('cacheDBImages'));
printAdminHeader('overview', 'DB');
echo "\n</head>";
echo "\n<body>";
printLogoAndLinks();
echo "\n" . '<div id="main">';
printTabs();
echo "\n" . '<div id="content">';
printSubtabs('Cache');
?>
<div class="tabbox">
	<?php 
zp_apply_filter('admin_note', 'cache', '');
?>
	<p class="notebox">
		<?php
Example #12
0
<?php

/**
 * provides the Upload tab of admin
 *
 * @author Stephen Billard (sbillard)
 *
 * @package admin
 */
// force UTF-8 Ø
define('OFFSET_PATH', 1);
require_once dirname(__FILE__) . '/admin-globals.php';
admin_securityChecks(UPLOAD_RIGHTS | FILES_RIGHTS, $return = currentRelativeURL());
if (isset($_GET['page'])) {
    $page = sanitize($_GET['page']);
} else {
    $link = $zenphoto_tabs['upload']['link'];
    if (strpos($link, 'admin-upload.php') == false) {
        header('location: ' . $link);
        exitZP();
    }
    $page = "upload";
    $_GET['page'] = 'upload';
}
if (isset($_GET['type'])) {
    $uploadtype = sanitize($_GET['tab']);
    zp_setCookie('uploadtype', $uploadtype);
} else {
    $uploadtype = zp_getcookie('uploadtype');
    $_GET['tab'] = $uploadtype;
}
Example #13
0
<?php

/**
 * ZenPhoto20 object paster for tinyMCE
 *
 * @author Stephen Billard (sbillard)
 *
 * Copyright 2014 by Stephen L Billard for use in {@link https://github.com/ZenPhoto20/ZenPhoto20 ZenPhoto20}
 *
 */
// force UTF-8 Ø
define('OFFSET_PATH', 3);
require_once dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/admin-globals.php";
admin_securityChecks(ALBUM_RIGHTS | ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS, NULL);
header('Last-Modified: ' . ZP_LAST_MODIFIED);
header('Content-Type: text/html; charset=' . LOCAL_CHARSET);
function getIPSizedImage($size, $image)
{
    $wmt = getWatermarkParam($image, WATERMARK_IMAGE);
    $args = getImageParameters(array($size, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, $wmt), $image->album->name);
    return getImageProcessorURI($args, $image->album->name, $image->filename);
}
?>
<!DOCTYPE html>
<html>
	<head>
		<?php 
printStandardMeta();
?>
		<title>tinyMCE:obj</title>
		<script type="text/javascript" src="<?php
Example #14
0
<?php

/**
 * Theme file editor
 *
 * @package admin
 * @author Ozh
 */
// force UTF-8 Ø
define('OFFSET_PATH', 1);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
admin_securityChecks(THEMES_RIGHTS, currentRelativeURL());
if (!isset($_GET['theme'])) {
    header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-themes.php");
    exitZP();
}
$ok_extensions = array('css', 'php', 'js', 'txt', 'inc');
function isTextFile($file)
{
    global $ok_extensions;
    $ext = strtolower(getSuffix($file));
    return in_array($ext, $ok_extensions);
}
$messages = $file_to_edit = $file_content = null;
$what = 'edit';
$themes = $_zp_gallery->getThemes();
$theme = basename(sanitize($_GET['theme']));
$themedir = SERVERPATH . '/themes/' . internalToFilesystem($theme);
$themefiles = listDirectoryFiles($themedir);
$themefiles_to_ext = array();
if (themeIsEditable($theme)) {
Example #15
0
 * This plugin shows statistical graphs and info about your gallery\'s images and albums
 *
 * @package admin
 */
define('OFFSET_PATH', 3);
chdir(dirname(dirname(__FILE__)));
require_once dirname(dirname(__FILE__)) . '/admin-globals.php';
require_once dirname(dirname(__FILE__)) . '/' . PLUGIN_FOLDER . '/image_album_statistics.php';
if (getOption('zp_plugin_zenpage')) {
    require_once dirname(dirname(__FILE__)) . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-admin-functions.php';
}
$button_text = gettext('Gallery Statistics');
$button_hint = gettext('Shows statistical graphs and info about your gallery\'s images and albums.');
$button_icon = 'images/bar_graph.png';
$button_rights = OVERVIEW_RIGHTS;
admin_securityChecks(OVERVIEW_RIGHTS, currentRelativeURL(__FILE__));
$gallery = new Gallery();
$gallery->garbageCollect();
$webpath = WEBPATH . '/' . ZENFOLDER . '/';
printAdminHeader(gettext('utilities'), gettext('statistics'));
?>
<link rel="stylesheet" href="../admin-statistics.css" type="text/css" media="screen" />
<?php 
/*
 * http://php.net/manual/de/function.filesize.php
 *
 * @author Jonas Sweden
*/
function gallerystats_filesize_r($path)
{
    if (!file_exists($path)) {
Example #16
0
define('OFFSET_PATH', -2);
//	 we don't want plugins loaded but we are not setup
require_once dirname(__FILE__) . '/admin-globals.php';
// need the class plugins to handle video, etc.
foreach (getEnabledPlugins() as $extension => $plugin) {
    if ($plugin['priority'] & CLASS_PLUGIN) {
        require_once $plugin['path'];
    }
}
require_once dirname(__FILE__) . '/template-functions.php';
if (isset($_REQUEST['album'])) {
    $localrights = ALBUM_RIGHTS;
} else {
    $localrights = NULL;
}
admin_securityChecks($localrights, $return = currentRelativeURL());
XSRFdefender('refresh');
$imageid = '';
if (isset($_GET['refresh'])) {
    if (isset($_GET['id'])) {
        $imageid = sanitize_numeric($_GET['id']);
    }
    $imageid = $_zp_gallery->garbageCollect(true, true, $imageid);
}
if (isset($_GET['prune'])) {
    $type = 'prune&amp;';
    $title = gettext('Refresh Database');
    $finished = gettext('Finished refreshing the database');
    $incomplete = gettext('Database refresh is incomplete');
    $allset = gettext("We are all set to refresh the database");
    $continue = gettext('Continue refreshing the database.');
Example #17
0
<?php

/**
 * zenpage admin-categories.php
 *
 * @author Malte Müller (acrylian)
 * @package plugins
 * @subpackage zenpage
 */
define("OFFSET_PATH", 4);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
require_once "zenpage-admin-functions.php";
admin_securityChecks(ZENPAGE_NEWS_RIGHTS, currentRelativeURL(__FILE__));
$reports = array();
if (isset($_POST['processcheckeditems'])) {
    XSRFdefender('checkeditems');
    processZenpageBulkActions('Category', $reports);
    updateItemSortorder('categories', $reports);
}
if (isset($_GET['delete'])) {
    XSRFdefender('delete_category');
    $reports[] = deleteCategory($_GET['delete']);
}
if (isset($_GET['hitcounter'])) {
    XSRFdefender('hitcounter');
    $x = $_zp_zenpage->getCategory(sanitize_numeric($_GET['id']));
    $obj = new ZenpageCategory($x['titlelink']);
    $obj->set('hitcounter', 0);
    $obj->save();
}
if (isset($_GET['publish'])) {
Example #18
0
<?php

/**
 * user_groups plugin--tabs
 * @author Stephen Billard (sbillard)
 * @package plugins
 * @subpackage usermanagement
 */
define('OFFSET_PATH', 4);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
admin_securityChecks(NULL, currentRelativeURL(__FILE__));
$admins = $_zp_authority->getAdministrators('all');
$ordered = array();
foreach ($admins as $key => $admin) {
    if ($admin['valid']) {
        $ordered[$key] = $admin['date'];
    }
}
asort($ordered);
$adminordered = array();
foreach ($ordered as $key => $user) {
    $adminordered[] = $admins[$key];
}
$msg = NULL;
if (isset($_GET['action'])) {
    $action = sanitize($_GET['action']);
    XSRFdefender($action);
    if ($action == 'expiry') {
        foreach ($_POST as $key => $action) {
            if (strpos($key, 'r_') === 0) {
                $userobj = $_zp_authority->getAnAdmin(array('`id`=' => str_replace('r_', '', postIndexDecode($key))));
Example #19
0
<?php

/**
 * This is the "files" upload tab
 *
 * @package plugins
 * @subpackage development
 */
define('OFFSET_PATH', 3);
require_once dirname(dirname(dirname($_SERVER['SCRIPT_FILENAME']))) . "/zp-core/admin-globals.php";
admin_securityChecks(DEBUG_RIGHTS, $return = currentRelativeURL());
printAdminHeader('development', gettext('rewriteTokens'));
?>
</head>

<body>

	<link
	<?php 
printLogoAndLinks();
?>
		<div id="main">
			<?php 
printTabs();
?>
		<div id="content">
			<?php 
zp_apply_filter('admin_note', 'development', '');
?>
			<div id="container">
				<?php
Example #20
0
        $admins = $_zp_authority->getAdministrators();
        foreach ($admins as $admin) {
            if (!empty($admin['email']) && $currentadminuser != $admin['user']) {
                $button['enable'] = true;
                $button['title'] = gettext('A tool to send e-mails to all registered users who have provided an e-mail address.');
                break;
            }
        }
        $buttons[] = $button;
        return $buttons;
    }
} else {
    define('OFFSET_PATH', 3);
    chdir(dirname(dirname(__FILE__)));
    require_once dirname(dirname(__FILE__)) . '/admin-globals.php';
    admin_securityChecks(NULL, currentRelativeURL());
    if (isset($_GET['sendmail'])) {
        XSRFdefender('mailing_list');
    }
    $admins = $_zp_authority->getAdministrators();
    $zenphoto_tabs['overview']['subtabs'] = array(gettext('Mailing') => '');
    printAdminHeader('overview', 'Mailing');
    ?>
	</head>
	<body>
		<?php 
    printLogoAndLinks();
    ?>
		<div id="main">
			<?php 
    printTabs();
Example #21
0
<?php

/**
 * zenpage admin-pages.php
 *
 * @author Malte Müller (acrylian)
 * @package plugins
 * @subpackage zenpage
 */
define("OFFSET_PATH", 4);
require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php';
require_once "zenpage-admin-functions.php";
admin_securityChecks(ZENPAGE_PAGES_RIGHTS, currentRelativeURL());
$reports = array();
if (isset($_GET['bulkaction'])) {
    $reports[] = zenpageBulkActionMessage(sanitize($_GET['bulkaction']));
}
if (isset($_GET['deleted'])) {
    $reports[] = "<p class='messagebox fade-message'>" . gettext("Article successfully deleted!") . "</p>";
}
if (isset($_POST['update'])) {
    XSRFdefender('update');
    if ($_POST['checkallaction'] == 'noaction') {
        if (updateItemSortorder('pages')) {
            $reports[] = "<p class='messagebox fade-message'>" . gettext("Sort order saved.") . "</p>";
        } else {
            $reports[] = "<p class='notebox fade-message'>" . gettext("Nothing changed.") . "</p>";
        }
    } else {
        $action = processZenpageBulkActions('Page');
        bulkActionRedirect($action);