/**
* i18n Merge Implementation
*
* Does the merging of a plugin's language file with the global $i18n language
*
* @since 3.0
* @author mvlcek
* @uses GSPLUGINPATH
*
* @param string $plugin null if merging in core langs
* @param string $lang
* @param string $globali18n
* @return bool
*/
function i18n_merge_impl($plugin, $lang, &$globali18n)
{
$i18n = array();
// local from file
if (!isset($globali18n)) {
$globali18n = array();
}
//global ref to $i18n
$path = $plugin ? GSPLUGINPATH . $plugin . '/lang/' : GSLANGPATH;
$filename = $path . $lang . '.php';
$prefix = $plugin ? $plugin . '/' : '';
if (!filepath_is_safe($filename, $path) || !file_exists($filename)) {
return false;
}
include $filename;
// if core lang and glboal is empty assign
if (!$plugin && !$globali18n && count($i18n) > 0) {
$globali18n = $i18n;
return true;
}
// replace on per key basis
if (count($i18n) > 0) {
foreach ($i18n as $code => $text) {
if (!array_key_exists($prefix . $code, $globali18n)) {
$globali18n[$prefix . $code] = $text;
}
}
}
return true;
}
* Displays the log file passed to it
*
* @package GetSimple
* @subpackage Support
*/
// Setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
// Variable Settings
login_cookie_check();
$log_name = var_out(isset($_GET['log']) ? $_GET['log'] : '');
$log_path = GSDATAOTHERPATH . 'logs/';
$log_file = $log_path . $log_name;
$whois_url = 'http://whois.arin.net/rest/ip/';
// filepath_is_safe returns false if file does nt exist
if (!isset($log_name) || !filepath_is_safe($log_file, $log_path)) {
$log_data = false;
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && strlen($log_name) > 0) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "delete")) {
die("CSRF detected!");
}
}
unlink($log_file);
exec_action('logfile_delete');
redirect('support.php?success=' . urlencode('Log ' . $log_name . i18n_r('MSG_HAS_BEEN_CLR')));
}
if (!isset($log_data)) {
delete_bak($id);
redirect("backups.php?upd=bak-success&id=" . $id);
} elseif ($p == 'restore') {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "restore", "backup-edit.php")) {
die("CSRF detected!");
}
}
if (isset($_GET['new'])) {
updateSlugs($_GET['new'], $id);
restore_bak($id);
$existing = GSDATAPAGESPATH . $_GET['new'] . ".xml";
$bakfile = GSBACKUPSPATH . "pages/" . $_GET['new'] . ".bak.xml";
if (!filepath_is_safe($existing, GSDATAPAGESPATH)) {
die;
}
copy($existing, $bakfile);
unlink($existing);
redirect("edit.php?id=" . $id . "&old=" . $_GET['new'] . "&upd=edit-success&type=restore");
} else {
restore_bak($id);
redirect("edit.php?id=" . $id . "&upd=edit-success&type=restore");
}
}
get_template('header', cl($SITENAME) . ' » ' . i18n_r('BAK_MANAGEMENT') . ' » ' . i18n_r('VIEWPAGE_TITLE'));
?>
<?php
include 'template/include-nav.php';
if ($_GET['t'] && is_dir(GSTHEMESPATH . $_GET['t'] . '/')) {
$template = $_GET['t'];
}
}
if (isset($_GET['f'])) {
$_GET['f'] = $_GET['f'];
if ($_GET['f'] && is_file(GSTHEMESPATH . $template . '/' . $_GET['f'])) {
$template_file = $_GET['f'];
}
}
# if no template is selected, use the default
if ($template_file == '') {
$template_file = 'template.php';
}
$themepath = GSTHEMESPATH . $template . DIRECTORY_SEPARATOR;
if (!filepath_is_safe($themepath . $template_file, GSTHEMESPATH, true)) {
die;
}
# check for form submission
if (isset($_POST['submitsave'])) {
# check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "save")) {
die("CSRF detected!");
}
}
# save edited template file
$SavedFile = $_POST['edited_file'];
$FileContents = get_magic_quotes_gpc() ? stripslashes($_POST['content']) : $_POST['content'];
$fh = fopen(GSTHEMESPATH . $SavedFile, 'w') or die("can't open file");
/**
* Restore From Backup to custom destintation
* source locked to GSBACKUPSPATH
*
* @since 3.4
*
* @param string $backfilepath filepath to backup file
* @param string $destination filepath retore to
* @return bool success
*/
function restore_backup($bakfilepath, $destination)
{
if (!filepath_is_safe($bakfilepath, GSBACKUPSPATH)) {
return false;
}
return copy_file($bakfilepath, $destination);
}
include 'inc/common.php';
login_cookie_check();
exec_action('load-backup-edit');
# get page url to display
if ($_GET['id'] != '') {
$id = $_GET['id'];
$file = getBackupName($id, 'xml');
$draft = isset($_GET['draft']);
// (bool) using draft pages
if ($draft) {
$path = GSBACKUPSPATH . getRelPath(GSDATADRAFTSPATH, GSDATAPATH);
} else {
$path = GSBACKUPSPATH . getRelPath(GSDATAPAGESPATH, GSDATAPATH);
}
// backups/pages/
if (!filepath_is_safe($path . $file, $path)) {
die;
}
$data = getXML($path . $file);
$title = htmldecode($data->title);
$pubDate = $data->pubDate;
$parent = $data->parent;
$metak = htmldecode($data->meta);
$metad = htmldecode($data->metad);
$url = $data->url;
$content = htmldecode($data->content);
$private = $data->private;
$template = $data->template;
$menu = htmldecode($data->menu);
$menuStatus = $data->menuStatus;
$menuOrder = $data->menuOrder;
/**
* i18n Merge Implementation
*
* Does the merging of a plugin's language file with the global $i18n language
*
* @since 3.0
* @author mvlcek
* @uses GSPLUGINPATH
*
* @param string $plugin null if merging in core langs
* @param string $lang
* @param string $globali18n
* @return bool
*/
function i18n_merge_impl($plugin = '', $lang, &$globali18n)
{
$i18n = array();
// local from file
if (!isset($globali18n)) {
$globali18n = array();
}
//global ref to $i18n
$path = isset($plugin) && $plugin !== '' ? GSPLUGINPATH . $plugin . '/lang/' : GSLANGPATH;
$filename = $path . $lang . '.php';
$prefix = $plugin ? $plugin . '/' : '';
// @todo being overly safe here since we are direclty including input that can come from anywhere
if (!filepath_is_safe($filename, $path) || !file_exists($filename)) {
return false;
}
include $filename;
// if core lang and glboal is empty assign
if (!$plugin && !$globali18n && count($i18n) > 0) {
$globali18n = $i18n;
return true;
}
// replace on per key basis
if (count($i18n) > 0) {
foreach ($i18n as $code => $text) {
if (!array_key_exists($prefix . $code, $globali18n)) {
$globali18n[$prefix . $code] = $text;
}
}
}
return true;
}
* Download Files
*
* Forces the download of file types
*
* @package GetSimple
* @subpackage Download
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
login_cookie_check();
# check if all variables are set
if (isset($_GET['file'])) {
$file = removerelativepath($_GET['file']);
if (!filepath_is_safe($file, GSDATAUPLOADPATH) && !filepath_is_safe($file, GSBACKUPSPATH . DIRECTORY_SEPARATOR . 'zip')) {
die;
}
$extention = pathinfo($file, PATHINFO_EXTENSION);
header("Content-disposition: attachment; filename=" . $file);
# set content headers
if ($extention == 'zip') {
header("Content-type: application/octet-stream");
} elseif ($extention == 'gz') {
header("Content-type: application/x-gzip");
} elseif ($extention == 'mpg') {
header("Content-type: video/mpeg");
} elseif ($extention == 'jpg' || $extention == 'jpeg') {
header("Content-type: image/jpeg");
} elseif ($extention == 'txt' || $extention == 'log') {
header("Content-type: text/plain");
*/
# setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
if (getDef('GSALLOWRESETPASS', true) === false) {
die;
}
if (isset($_POST['submitted'])) {
check_for_csrf("reset_password");
$randSleep = rand(250000, 2000000);
// random sleep for .25 to 2 seconds
if (isset($_POST['username']) and !empty($_POST['username'])) {
# user filename
$file = _id($_POST['username']) . '.xml';
# get user information from existing XML file
if (filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH) && file_exists(GSUSERSPATH . $file)) {
$data = getXML(GSUSERSPATH . $file);
$userid = strtolower($data->USR);
$EMAIL = $data->EMAIL;
if (strtolower($_POST['username']) === $userid) {
# create new random password
$random = createRandomPassword();
// $random = '1234';
# create backup
backup_datafile(GSUSERSPATH . $file);
# copy user file into password change trigger file
$flagfile = GSUSERSPATH . getPWDresetName(_id($userid), 'xml');
copy_file(GSUSERSPATH . $file, $flagfile);
# change password and resave xml file
$data->PWD = passhash($random);
$status = XMLsave($data, GSUSERSPATH . $file);
/**
* Delete Draft Backup File
*
* @since 3.4
*
* @param string $id File ID to delete
* @return bool success
*/
function delete_draft_backup($id)
{
$filepath = GSBACKUPSPATH . getRelPath(GSDATADRAFTSPATH, GSDATAPATH);
// backups/pages/
$file = $filepath . $bakpagespath . $id . ".bak.xml";
if (filepath_is_safe($file, $filepath)) {
return delete_file($file, $filepath);
}
}
exec_action('load-image');
// Variable Settings
$subPath = isset($_GET['path']) ? $_GET['path'] : "";
if ($subPath != '') {
$subPath = tsl($subPath);
}
$uploadsPath = GSDATAUPLOADPATH;
$uploadsPathRel = getRelPath(GSDATAUPLOADPATH);
$thumbPathRel = getRelPath(GSTHUMBNAILPATH);
$src = strippath($_GET['i']);
$thumb_folder = GSTHUMBNAILPATH . $subPath;
$src_folder = $uploadsPath;
$src_url = tsl($SITEURL) . $uploadsPathRel . $subPath;
$thumb_folder_rel = $thumbPathRel . $subPath;
$thumb_url = tsl($SITEURL) . $thumb_folder_rel;
if (!filepath_is_safe($src_folder . $subPath . $src, GSDATAUPLOADPATH)) {
redirect("upload.php");
}
// handle jcrop thumbnail creation
if ($_SERVER['REQUEST_METHOD'] == 'POST' && matchArrayAll(array('x', 'y', 'w', 'h'), array_keys($_POST))) {
exec_action('image-crop');
$x = (int) $_POST['x'];
$y = (int) $_POST['y'];
$w = (int) $_POST['w'];
$h = (int) $_POST['h'];
$max = 10000;
// set a max to prevent excessive processing injections
if ($x < $max && $y < $max && $w < $max && $h < $max) {
require_once 'inc/imagemanipulation.php';
$objImage = new ImageManipulation($src_folder . $subPath . $src);
if ($objImage->imageok) {
}
return;
}
$themepath = GSTHEMESPATH . tsl($template);
// prevent traversal
if ($template_file != '' and !filepath_is_safe($themepath . $template_file, $themepath)) {
die(i18n_r('INVALID_OPER'));
}
# check for form submission
if (isset($_POST['submitsave'])) {
check_for_csrf("save");
# save edited template file
$filename = $_POST['edited_file'];
$FileContents = get_magic_quotes_gpc() ? stripslashes($_POST['content']) : $_POST['content'];
// prevent traversal
if (!filepath_is_safe(GSTHEMESPATH . $filename, GSTHEMESPATH)) {
die(i18n_r('INVALID_OPER'));
}
$status = save_file(GSTHEMESPATH . $filename, $FileContents);
exec_action('theme-aftersave');
// @hook theme-aftersave after a theme-edit file save
if ($status) {
$success = sprintf(i18n_r('TEMPLATE_FILE'), $filename);
} else {
$error = i18n_r('ERROR');
}
if (isset($_POST['ajaxsave'])) {
echo "<div>";
include 'template/error_checking.php';
echo '<input id="nonce" name="nonce" type="hidden" value="' . get_nonce("save") . '" />';
echo "</div>";
$path_parts = pathinfo($from_name);
$file = basename($from_name);
$sub_path = dirname($from_name);
$outfile = $save_to_file ? basename($to_name) : null;
// if empty do not resize
if (empty($max_y)) {
$max_y = null;
}
if (empty($max_x)) {
$max_x = null;
}
// debugLog($file);
// debugLog($sub_path);
// debugLog($outfile);
// travesal protection
if (!filepath_is_safe(GSDATAUPLOADPATH . $sub_path . $file, GSDATAUPLOADPATH, true, true)) {
die('invalid image');
}
// Debugging Request
// returns the imagemanipulation object json encoded,
// add base64 encoded image data ['data']
// add filesize ['bytes']
// add url to image if it was saved ['url']
if (isset($_REQUEST['debug']) || isset($_REQUEST['json'])) {
ob_start();
// $outfile = null;
}
// @todo: if needing to save as attachement from post, might need this else second request might be made with post data missing
// header('Content-Disposition: Attachment;filename='.$outfile);
$image = generate_thumbnail($file, $sub_path, $outfile, $max_x, $max_y, $crop, $image_quality, $show = true, $image_type);
if (isset($_REQUEST['debug']) || isset($_REQUEST['json'])) {
}
}
$TEMPLATE = preg_replace('/\\/+/', '/', $TEMPLATE);
if (strlen($TEMPLATE) <= 0 || $TEMPLATE == '/') {
unset($TEMPLATE);
}
}
// Send back list of theme files from a certain directory for theme-edit.php
if (isset($TEMPLATE)) {
$TEMPLATE_FILE = '';
$template = '';
$theme_templates = '';
if ($template == '') {
$template = 'template.php';
}
if (!filepath_is_safe(GSTHEMESPATH . $TEMPLATE, GSTHEMESPATH)) {
die;
}
$templates = directoryToArray(GSTHEMESPATH . $TEMPLATE . '/', true);
$allowed_extensions = array('php', 'css', 'js', 'html', 'htm');
$theme_templates .= '<select class="text" id="theme_files" style="width:425px;" name="f" >';
foreach ($templates as $file) {
$extension = pathinfo($file, PATHINFO_EXTENSION);
if (in_array($extension, $allowed_extensions)) {
$filename = pathinfo($file, PATHINFO_BASENAME);
$filenamefull = substr(strstr($file, '/theme/' . $TEMPLATE . '/'), strlen('/theme/' . $TEMPLATE . '/'));
if ($TEMPLATE_FILE == $filename) {
$sel = "selected";
} else {
$sel = "";
}
login_cookie_check();
// disable this entirely if not enabled
if (getdef('GSALLOWDOWNLOADS', true) === false) {
die(i18n('NOT_ALLOWED'));
}
# check if all variables are set
if (isset($_GET['file'])) {
$file = removerelativepath($_GET['file']);
// check that this file is safe to access
$archivesafe = filepath_is_safe($file, GSBACKUPSPATH . DIRECTORY_SEPARATOR . 'zip');
// check for archives
if ($archivesafe) {
check_for_csrf("archive", "download.php");
}
// check archive nonce
$filesafe = filepath_is_safe($file, GSDATAUPLOADPATH);
// check for uploads
if (!($filesafe || $archivesafe)) {
die(i18n('NOT_ALLOWED'));
}
// file specified is non existant or LFI! WE DIE
$extention = getFileExtension($file);
header("Content-disposition: attachment; filename=" . $file);
# set content headers
if ($extention == 'zip') {
header("Content-type: application/octet-stream");
} elseif ($extention == 'gz') {
header("Content-type: application/x-gzip");
} elseif ($extention == 'mpg') {
header("Content-type: video/mpeg");
} elseif ($extention == 'jpg' || $extention == 'jpeg') {
// prevent traversal
if ($template_file != '' and !filepath_is_safe($themepath . $template_file, $themepath)) {
die(i18n_r('INVALID_OPER'));
}
# if no template is selected, use the default
if ($template_file == '') {
$template_file = GSTEMPLATEFILE;
}
# check for form submission
if (isset($_POST['submitsave'])) {
check_for_csrf("save");
# save edited template file
$SavedFile = $_POST['edited_file'];
$FileContents = get_magic_quotes_gpc() ? stripslashes($_POST['content']) : $_POST['content'];
// prevent traversal
if (!filepath_is_safe(GSTHEMESPATH . $SavedFile, GSTHEMESPATH)) {
die(i18n_r('INVALID_OPER'));
}
$fh = fopen(GSTHEMESPATH . $SavedFile, 'w') or die("can't open file");
fwrite($fh, $FileContents);
fclose($fh);
$success = sprintf(i18n_r('TEMPLATE_FILE'), $SavedFile);
if (isset($_POST['ajaxsave'])) {
echo "<div>";
include 'template/error_checking.php';
echo '<input id="nonce" name="nonce" type="hidden" value="' . get_nonce("save") . '" />';
echo "</div>";
die;
}
}
if (isset($_GET['ajax'])) {
}
if (isset($_REQUEST['q'])) {
$image_quality = intval($_REQUEST['q']);
}
if (isset($_REQUEST['t'])) {
$image_type = intval($_REQUEST['t']);
}
if (isset($_REQUEST['x'])) {
$max_x = intval($_REQUEST['x']);
}
if (isset($_REQUEST['y'])) {
$max_y = intval($_REQUEST['y']);
}
$path_parts = pathinfo($from_name);
// travesal protection
if (!filepath_is_safe(GSDATAUPLOADPATH . $from_name, GSDATAUPLOADPATH, true)) {
die('invalid src image');
}
if (!path_is_safe(GSTHUMBNAILPATH . dirname($to_name), GSTHUMBNAILPATH, true)) {
die('invalid dest image');
}
if (!file_exists($images_folder)) {
die('Images folder does not exist (update $images_folder in the script)');
}
if ($save_to_file && !file_exists($thumbs_folder)) {
die('Thumbnails folder does not exist (update $thumbs_folder in the script)');
}
$dirs = explode('/', $path_parts['dirname']);
$folder = $thumbs_folder;
foreach ($dirs as $dir) {
$folder .= DIRECTORY_SEPARATOR . $dir;
/**
* Delete Uploaded File
*
* @since 1.0
* @uses GSTHUMBNAILPATH
* @uses GSDATAUPLOADPATH
*
* @param string $id Uploaded filename to delete
* @param string $path Path to uploaded file folder
* @return string
*/
function delete_upload($id, $path = "")
{
$filepath = GSDATAUPLOADPATH . $path;
$file = $filepath . $id;
if (path_is_safe($filepath, GSDATAUPLOADPATH) && filepath_is_safe($file, $filepath)) {
$status = unlink(GSDATAUPLOADPATH . $path . $id);
if (file_exists(GSTHUMBNAILPATH . $path . "thumbnail." . $id)) {
unlink(GSTHUMBNAILPATH . $path . "thumbnail." . $id);
}
if (file_exists(GSTHUMBNAILPATH . $path . "thumbsm." . $id)) {
unlink(GSTHUMBNAILPATH . $path . "thumbsm." . $id);
}
if ($status) {
return 'success';
}
}
return 'error';
}
* @package GetSimple
* @subpackage Support
*/
// Setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
// Variable Settings
login_cookie_check();
$log_name = isset($_GET['log']) ? $_GET['log'] : '';
$log_path = GSDATAOTHERPATH . 'logs/';
$log_file = $log_path . $log_name;
$whois_url = 'http://whois.arin.net/rest/ip/';
if (!is_file($log_file)) {
$log_data = false;
}
if (empty($log_data) && !empty($log_name) && !filepath_is_safe($log_file, $log_path)) {
die;
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && strlen($log_name) > 0) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "delete")) {
die("CSRF detected!");
}
}
unlink($log_file);
exec_action('logfile_delete');
redirect('support.php?success=' . urlencode('Log ' . $log_name . i18n_r('MSG_HAS_BEEN_CLR')));
}
if (!isset($log_data)) {
* for the form on edit.php
*
* @package GetSimple
* @subpackage Page-Edit
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
login_cookie_check();
$draft = isset($_GET['nodraft']) || isset($_POST['post-nodraft']) || !getDef('GSUSEDRAFTS', true) ? false : true;
// (bool) using draft pages
if (isset($_GET['publish']) && isset($_GET['id'])) {
$id = var_in(_id($_GET['id']));
safemodefail('publish', 'edit.php?id=' . $id);
if (!filepath_is_safe(GSDATADRAFTSPATH . $id . '.xml', GSDATADRAFTSPATH)) {
$status = false;
} else {
$status = publishDraft($id);
}
if ($status) {
exec_action('draft-publish');
// @hook draft-publish a draft was published
generate_sitemap();
// regenerates sitemap
}
redirect("pages.php?id=" . $id . "&upd=publish-" . ($status ? 'success' : 'error'));
die;
}
if (isset($_POST['submitted'])) {
check_for_csrf("edit", "edit.php");
}
if (!$editing) {
$userid = $USR;
}
// FAIL, set userid back to USR
}
}
// throw errors
if (!empty($permerror) && $showpermfail) {
$error = $permerror;
}
// load user data if editing
if (!empty($userid)) {
$file = _id($userid) . '.xml';
// file traversal protection and checks if file exists at the same time
if (!filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH)) {
die(i18n_r('ER_REQ_PROC_FAIL'));
}
if ($editing && !file_exists(GSUSERSPATH . $file)) {
$error = i18n_r('INVALID_USER');
}
// else populate data for user
$data = getXML(GSUSERSPATH . $file);
$password = $data->PWD;
// set password, since we dont need to resave it all the time
} else {
// empty user defaults
$data = new stdClass();
$data->HTMLEDITOR = true;
$data->LANG = $SITELANG;
$data->EMAIL = '';
$theme_templates = '';
# were changes submitted?
if (isset($_GET['t'])) {
$_GET['t'] = strippath($_GET['t']);
if ($_GET['t'] && is_dir(GSTHEMESPATH . $_GET['t'] . '/')) {
$template = $_GET['t'];
}
}
if (isset($_GET['f'])) {
$_GET['f'] = $_GET['f'];
if ($_GET['f'] && is_file(GSTHEMESPATH . $template . '/' . $_GET['f'])) {
$template_file = $_GET['f'];
}
}
$themepath = GSTHEMESPATH . $template . DIRECTORY_SEPARATOR;
if ($template_file != '' and !filepath_is_safe($themepath . $template_file, $themepath)) {
die;
}
# if no template is selected, use the default
if ($template_file == '') {
$template_file = 'template.php';
}
# check for form submission
if (isset($_POST['submitsave'])) {
# check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "save")) {
die("CSRF detected!");
}
}
