function restoreAction()
 {
     check_demo();
     if (!$this->_request->isPost()) {
         throw new Am_Exception_InputError("Only POST requests allowed here");
     }
     @ini_set('memory_limit', '256M');
     $db = $this->getDi()->db;
     $f = file_get_contents($_FILES['file']['tmp_name']);
     if (!preg_match('/^(.+?)[\\r\\n]+(.+?)[\\r\\n]+/ms', $f, $regs)) {
         throw new Am_Exception_InputError("Uploaded file has wrong format or empty");
     }
     $first_line = trim($regs[1]);
     $second_line = trim($regs[2]);
     $this->view->assign('backup_header', "{$first_line}<br />{$second_line}");
     if (!preg_match('/^### aMember Pro .+? database backup/', $first_line)) {
         throw new Am_Exception_InputError("Uploaded file is not valid aMember Pro backup");
     }
     foreach (explode('/;\\n/', $f) as $sql) {
         if (strlen($sql)) {
             $db->query($sql);
         }
     }
     $this->getDi()->adminLogTable->log("Restored from {$first_line}");
     $this->displayRestoreOk();
 }
 function cronAction()
 {
     check_demo();
     if (!$this->getDi()->config->get('email_backup_frequency')) {
         throw new Am_Exception_InternalError('Email Backup feature is disabled at Setup/Configuration -> Advanced');
     }
     $key = $this->getParam('k');
     if ($key != $this->getDi()->app->getSiteHash('backup-cron', 10)) {
         throw new Am_Exception_AccessDenied('Incorrect Access Key');
     }
     $dat = date('Y_m_d');
     $stream = fopen('php://temp', 'w+b');
     if (!$stream) {
         throw new Am_Exception_InternalError('Could not open php://temp stream');
     }
     $bp = $this->getDi()->backupProcessor;
     $stream = $bp->run($stream);
     rewind($stream);
     $filename = $bp->isGzip() ? "amember-{$dat}.sql.gz" : "amember-{$dat}.sql";
     $mimeType = $bp->isGzip() ? 'application/x-gzip' : 'text/sql';
     $m = $this->getDi()->mail;
     $m->addTo($this->getDi()->config->get('email_backup_address'))->setSubject('Email Backup ' . $dat)->setFrom($this->getDi()->config->get('admin_email'));
     $m->setBodyText(sprintf("File with backup for %s is attached. Backup was done at %s", $this->getDi()->config->get('root_url'), $this->getDi()->sqlDate));
     $m->createAttachment($stream, $mimeType, Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, $filename);
     $m->setPeriodic(Am_Mail::ADMIN_REQUESTED);
     $m->send();
     $this->getDi()->adminLogTable->log('Email backup to ' . $this->getDi()->config->get('email_backup_address'));
 }
 function restoreAction()
 {
     check_demo();
     if (!$this->_request->isPost()) {
         throw new Am_Exception_InputError('Only POST requests allowed here');
     }
     $db = $this->getDi()->db;
     $f = fopen($_FILES['file']['tmp_name'], 'r');
     if (!$f) {
         throw new Am_Exception_InputError('Can not open uploaded file');
     }
     $first_line = trim(fgets($f));
     $second_line = trim(fgets($f));
     if (!$first_line || !$second_line) {
         throw new Am_Exception_InputError('Uploaded file has wrong format or empty');
     }
     $this->view->assign('backup_header', "{$first_line}<br />{$second_line}");
     if (!preg_match('/^### aMember Pro .+? database backup/', $first_line)) {
         throw new Am_Exception_InputError(___('Uploaded file is not valid aMember Pro backup'));
     }
     $query = null;
     while ($query || !feof($f)) {
         if ($query && substr($query, -1) == ';') {
             $db->query($query);
             $query = null;
         }
         if ($line = fgets($f)) {
             $query .= "\r\n" . trim($line);
         }
     }
     fclose($f);
     $this->getDi()->adminLogTable->log("Restored from {$first_line}");
     $this->displayRestoreOk();
 }
Example #4
0
 function backupAction()
 {
     check_demo();
     if (!$this->_request->isPost()) {
         throw new Am_Exception_InputError(___('Backup can be runned by POST request only'));
     }
     $dat = date('Y_m_d-Hi');
     $host = strtolower(preg_replace('/[^a-zA-Z0-9\\.]/', '', preg_replace('/^www\\./', '', $_SERVER['HTTP_HOST'])));
     $fn = "amember-{$host}-{$dat}.sql";
     while (@ob_end_clean()) {
     }
     $bp = $this->getDi()->backupProcessor;
     if ($bp->isGzip()) {
         header("Content-Type: application/x-gzip");
     } else {
         header("Content-Type: text/sql");
     }
     header("Content-Disposition: attachment; filename={$fn}" . ($bp->isGzip() ? ".gz" : ""));
     $stream = fopen('php://output', 'wb');
     if (!$stream) {
         throw new Am_Exception_InternalError('Could not open php://output stream');
     }
     $bp->run($stream);
     $this->getDi()->adminLogTable->log('Downloaded backup');
     exit;
     // no any output later!
 }
Example #5
0
 function clearAction()
 {
     check_demo();
     $form = $this->getForm();
     if (!$form->validate()) {
         return $this->indexAction();
     }
     $vars = $form->getValue();
     if ($vars['dat'] >= $this->getDi()->sqlDate) {
         throw new Am_Exception_InputError(___('Please select date before today'), 0);
     }
     $tt = array();
     foreach ($this->getItems() as $id => $item) {
         if (!$vars[$id]) {
             continue;
         }
         $tt[] = $item['title'];
         call_user_func($item['method'], $vars['dat']);
         $this->getDi()->adminLogTable->log("Cleaned up [{$item['title']}] to {$vars['dat']}");
     }
     $this->view->content = $this->view->title = ___('Records Deleted Sucessfully');
     $this->view->content .= sprintf(' <a href="%s">%s</a>', $this->getUrl(null, 'index'), ___('Back'));
     $this->view->display('admin/layout.phtml');
 }
 function clearAction()
 {
     check_demo();
     $form = $this->getForm();
     if (!$form->validate()) {
         return $this->indexAction();
     }
     $vars = $form->getValue();
     if ($vars['dat'] >= $this->getDi()->sqlDate) {
         throw new Am_Exception_InputError(___("Please select date before today"), 0);
     }
     $tt = array();
     foreach ($this->getItems() as $id => $item) {
         if (!$vars[$id]) {
             continue;
         }
         $tt[] = $item['title'];
         $table = $this->getDi()->getService(lcfirst(toCamelCase($item['table'])));
         $table->clearOld($vars['dat']);
     }
     $this->getDi()->adminLogTable->log("Cleaned up old records to {$vars['dat']} (" . join(',', $tt) . ")");
     $this->view->content = $this->view->title = ___("Records Deleted Sucessfully");
     $this->view->display('admin/layout.phtml');
 }
Example #7
0
<?php

$sub_menu = "200100";
include_once "./_common.php";
check_demo();
auth_check($auth[$sub_menu], "d");
$mb = get_member($_POST['mb_id']);
if (!$mb[mb_id]) {
    alert("회원자료가 존재하지 않습니다.");
} else {
    if ($member[mb_id] == $mb[mb_id]) {
        alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
    } else {
        if (is_admin($mb[mb_id]) == "super") {
            alert("최고 관리자는 삭제할 수 없습니다.");
        } else {
            if ($mb[mb_level] >= $member[mb_level]) {
                alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
            }
        }
    }
}
check_token();
// 회원자료 삭제
member_delete($mb[mb_id]);
if ($url) {
    goto_url("{$url}?{$qstr}&w=u&mb_id={$mb_id}");
} else {
    goto_url("./member_list.php?{$qstr}");
}
    function indexAction()
    {
        check_demo();
        $this->view->title = ___('Version Info');
        $trial = "";
        if ('==TRIAL==' != '==' . 'TRIAL==') {
            $trial = "Trial Version (expires ==TRIAL_EXPIRES==)";
        }
        if ('==LITE==' != '==' . 'LITE==') {
            $trial = "<b>LITE Version</b>";
        }
        $am_version = AM_VERSION;
        $zend_version = Zend_Version::VERSION;
        $cron_last_run = Am_Cron::getLastRun() ? amDatetime(Am_Cron::getLastRun()) : ___('Never');
        $cron_last_run_title = ___('Cron Last Run');
        $now = amDatetime('now');
        $now_title = ___('Current Server Date and Time');
        $timezone = date_default_timezone_get();
        $timezone_title = ___('Server Timezone');
        $phpversion = phpversion() . " (" . php_sapi_name() . ")";
        $os = substr(php_uname(), 0, 28);
        if (strlen($os) == 28) {
            $os = "{$os}...";
        }
        $mysql = $this->getDi()->db->selectCell("SELECT VERSION()");
        $db = $this->getDi()->getParameter('db');
        $dsn = sprintf("mysql://%s@%s:%d/%s.%s", $db['mysql']['user'], $db['mysql']['host'], $db['mysql']['port'] ? $db['mysql']['port'] : 3306, $db['mysql']['db'], $db['mysql']['prefix']);
        $root = ROOT_DIR;
        $root_title = ___('Root Folder');
        $modules = array();
        foreach ($this->getDi()->modules->getEnabled() as $m) {
            $fn = APPLICATION_PATH . '/' . $m . '/module.xml';
            if (!file_exists($fn)) {
                continue;
            }
            $xml = simplexml_load_file($fn);
            if (!$xml) {
                continue;
            }
            $version = "(" . $xml->version . ")";
            $modules[] = "{$m} {$version}";
        }
        $modules = join("<br />", $modules);
        $modules_title = ___('Modules');
        $plugins = "";
        foreach (array_merge($this->getDi()->plugins_payment->loadEnabled()->getAllEnabled(), $this->getDi()->plugins_protect->loadEnabled()->getAllEnabled()) as $p) {
            $rClass = new ReflectionClass(get_class($p));
            $plugins .= sprintf("%s (%s - %s) <br />\n", $p->getId(), preg_replace('/\\$' . 'Revision: (\\d+).*/', '$1', $rClass->getConstant('PLUGIN_REVISION')), preg_replace('/\\$' . 'Date: (.+?)\\s+.+/', '$1', $rClass->getConstant('PLUGIN_DATE')));
        }
        $plugins_title = ___('Plugins');
        $_ = explode('_', get_class($this->getDi()->cacheBackend));
        $cacheBackend = array_pop($_);
        $cacheBackend_title = ___('Cache Backend');
        $version_title = ___('Software version info');
        $amInfo = <<<CUT
<div class="grid-container">
<table class="grid">
<tr>
    <th colspan="2">{$version_title}</th>
</tr>
<tr>
    <td align="right">{$now_title}</td>
    <td><strong>{$now}</strong></td>
</tr>
<tr>
    <td align="right">{$timezone_title}</td>
    <td><strong>{$timezone}</strong></td>
</tr>
<tr>
    <td align="right">aMember</td>
    <td><strong>{$am_version}</strong>
    {$trial}
    </td>
</tr>
<tr class="odd">
    <td align="right">Zend Framework</td>
    <td><strong>{$zend_version}</strong></td>
</tr>
<tr>
    <td align="right">PHP</td>
    <td><strong>{$phpversion}</strong></td>
</tr>
<tr class="odd">
    <td align="right">OS</td>
    <td><strong>{$os}</strong></td>
</tr>
<tr>
    <td align="right" rowspan="2">MySQL</td>
    <td><strong>{$mysql}</strong></td>
</tr>
<tr>
    <td><strong>{$dsn}</strong></td>
</tr>
<tr class="odd">
    <td align="right">{$cacheBackend_title}</td>
    <td><strong>{$cacheBackend}</strong></td>
</tr>
<tr>
    <td align="right">{$root_title}</td>
    <td><strong>{$root}</strong></td>
</tr>
<tr class="odd">
    <td align="right">{$cron_last_run_title}</td>
    <td><strong>{$cron_last_run}</strong></td>
</tr>
<tr>
    <td align="right">{$modules_title}</td>
    <td>{$modules}</td>
</tr>
<tr class="odd">
    <td align="right">{$plugins_title}</td>
    <td>{$plugins}</td>
</tr>
</table>
</div>
<br /><br />
CUT;
        ob_start();
        phpinfo(1 | 4 | 8 | 16 | 32);
        $phpInfo = ob_get_clean();
        $phpStyles = <<<CUT
#phpinfo {background-color: #ffffff; color: #000000;}
#phpinfo td, #phpinfo th, #phpinfo h1, #phpinfo h2 {font-family: sans-serif;}
#phpinfo pre {margin: 0px; font-family: monospace;}
#phpinfo a:link {color: #000099; text-decoration: none; background-color: #ffffff;}
#phpinfo a:hover {text-decoration: underline;}
#phpinfo table {border-collapse: collapse;}
#phpinfo .center {text-align: center;}
#phpinfo .center table { margin-left: auto; margin-right: auto; text-align: left;}
#phpinfo .center th { text-align: center !important; }
#phpinfo td, #phpinfo th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;}
#phpinfo h1 {font-size: 150%;}
#phpinfo h2 {font-size: 125%;}
#phpinfo .p {text-align: left;}
#phpinfo .e {background-color: #ccccff; font-weight: bold; color: #000000;}
#phpinfo .h {background-color: #9999cc; font-weight: bold; color: #000000;}
#phpinfo .v {background-color: #cccccc; color: #000000;}
#phpinfo .vr {background-color: #cccccc; text-align: right; color: #000000;}
#phpinfo img {float: right; border: 0px;}
#phpinfo hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}
CUT;
        preg_match('/<body>(.*)<\\/body>/s', $phpInfo, $matches);
        $phpInfo = $matches[1];
        $content = sprintf('<style type="text/css">%s</style>%s<h1>PHP info</h1><div id="phpinfo" class="grid-container"><br />%s</div>', $phpStyles, $amInfo, $phpInfo);
        $this->view->assign('content', $content);
        $this->view->display("admin/layout.phtml");
    }
    function indexAction()
    {
        check_demo();
        $this->view->title = "Version Info";
        $trial = "";
        if ('==TRIAL==' != '==' . 'TRIAL==') {
            $trial = "Trial Version (expires ==TRIAL_EXPIRES==)";
        }
        $am_version = AM_VERSION;
        $phpversion = phpversion() . " (" . php_sapi_name() . ")";
        $os = substr(php_uname(), 0, 28);
        if (strlen($os) == 28) {
            $os = "{$os}...";
        }
        $mysql = $this->getDi()->db->selectCell("SELECT VERSION()");
        $root = ROOT_DIR;
        $modules = array();
        foreach ($this->getDi()->modules->getEnabled() as $m) {
            $fn = APPLICATION_PATH . '/' . $m . '/module.xml';
            if (!file_exists($fn)) {
                continue;
            }
            $xml = simplexml_load_file($fn);
            if (!$xml) {
                continue;
            }
            $version = "(" . $xml->version . ")";
            $modules[] = "{$m} {$version}";
        }
        $modules = join("<br />", $modules);
        $plugins = "";
        foreach (array_merge($this->getDi()->plugins_payment->loadEnabled()->getAllEnabled(), $this->getDi()->plugins_protect->loadEnabled()->getAllEnabled()) as $p) {
            $rClass = new ReflectionClass(get_class($p));
            $plugins .= sprintf("%s (%s - %s) <br />\n", $p->getId(), preg_replace('/\\$' . 'Revision: (\\d+).*/', '$1', $rClass->getConstant('PLUGIN_REVISION')), preg_replace('/\\$' . 'Date: (.+?)\\s+.+/', '$1', $rClass->getConstant('PLUGIN_DATE')));
        }
        $amInfo = <<<CUT
<div class="grid-container">
<table class='grid'>
<tr>
    <th colspan="2">Software version info</th>
</tr>
<tr>
    <td align=right>&nbsp;aMember </td>
    <td> <b>{$am_version}</b>
    {$trial}    
    </td>
</tr>
<tr class="odd">
    <td align=right>&nbsp;PHP </td>
    <td> <b>{$phpversion}</b></td>
</tr>
<tr>
    <td align=right>OS </td>
    <td> <b>{$os}</b></td>
</tr>
<tr class="odd">
    <td align=right>&nbsp;MySQL </td>
    <td> <b>{$mysql}</b></td>
</tr>
<tr>
    <td align=right>Root Folder </td>
    <td> <b>{$root}</b></td>
</tr>

<tr class="odd">
    <td align='right'>Modules</td>
    <td>{$modules}</td>
</tr>

<tr>
    <td align='right'>Plugins</td>
    <td>{$plugins}</td>
</tr>

</td></tr></table>
</div>
<br /><br />
CUT;
        ob_start();
        phpinfo(1 | 4 | 8 | 16 | 32);
        $phpInfo = ob_get_clean();
        $phpStyles = <<<CUT
#phpinfo {background-color: #ffffff; color: #000000;}
#phpinfo td, #phpinfo th, #phpinfo h1, #phpinfo h2 {font-family: sans-serif;}
#phpinfo pre {margin: 0px; font-family: monospace;}
#phpinfo a:link {color: #000099; text-decoration: none; background-color: #ffffff;}
#phpinfo a:hover {text-decoration: underline;}
#phpinfo table {border-collapse: collapse;}
#phpinfo .center {text-align: center;}
#phpinfo .center table { margin-left: auto; margin-right: auto; text-align: left;}
#phpinfo .center th { text-align: center !important; }
#phpinfo td, #phpinfo th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;}
#phpinfo h1 {font-size: 150%;}
#phpinfo h2 {font-size: 125%;}
#phpinfo .p {text-align: left;}
#phpinfo .e {background-color: #ccccff; font-weight: bold; color: #000000;}
#phpinfo .h {background-color: #9999cc; font-weight: bold; color: #000000;}
#phpinfo .v {background-color: #cccccc; color: #000000;}
#phpinfo .vr {background-color: #cccccc; text-align: right; color: #000000;}
#phpinfo img {float: right; border: 0px;}
#phpinfo hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}
CUT;
        preg_match('/<body>(.*)<\\/body>/s', $phpInfo, $matches);
        $phpInfo = $matches[1];
        $content = sprintf('<style type="text/css">%s</style>%s<h1>PHP info</h1><div id="phpinfo" class="grid-container"><br />%s</div>', $phpStyles, $amInfo, $phpInfo);
        $this->view->assign('content', $content);
        $this->view->display("admin/layout.phtml");
    }
Example #10
0
 function sendAction()
 {
     if ($this->getParam('back')) {
         return $this->_redirect('admin-email');
     }
     check_demo();
     if (!$this->saved) {
         $this->createSendSession();
         return $this->sendRedirect();
     }
     $batch = new Am_BatchProcessor(array($this, 'batchSend'), 10);
     $breaked = !$batch->run($this->saved);
     $breaked ? $this->sendRedirect() : $this->sendComplete();
 }
 public function beforeSave(array &$values, $record)
 {
     check_demo();
     unset($values['self_password']);
     if (!$values['super_user']) {
         $values['super_user'] = 0;
     }
     if (!empty($values['_passwd'])) {
         $record->setPass($values['_passwd']);
     }
 }
 public function checkAdminPermissions(Admin $admin)
 {
     check_demo();
     return $admin->isSuper();
 }
Example #13
0
function email_to_user_from_admin()
{
    global $db, $config, $t, $_AMEMBER_TEMPLATE;
    check_demo();
    $vars = get_input_vars();
    $u = $db->get_user($vars['member_id']);
    $tmp =& new_smarty();
    $tmp->assign('user', $u);
    $_AMEMBER_TEMPLATE['text'] = $vars['text'];
    $vars['text'] = $tmp->fetch('memory:text');
    $_AMEMBER_TEMPLATE['text'] = $vars['subject'];
    $vars['subject'] = $tmp->fetch('memory:text');
    mail_customer($u['email'], $vars['text'], $vars['subject'], 0, '', 0, $u['name_f'] . ' ' . $u['name_l']);
    $t->assign('member_id', $vars['member_id']);
    $t->assign('msg', "EMail Sent to customer");
    $t->assign('link', "users.php?action=actions&member_id={$vars['member_id']}");
    $t->display("admin/user_saved.html");
}