/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_code('type_validation'); require_lang('phpdoc'); require_code('php'); require_css('adminzone'); disable_php_memory_limit(); $filename = (array_key_exists('param', $map) ? $map['param'] : 'sources/global2') . '.php'; if (substr($filename, -8) == '.php.php') { $filename = substr($filename, 0, strlen($filename) - 4); } $full_path = (get_file_base() != '' ? get_file_base() . '/' : '') . filter_naughty($filename); if (!file_exists($full_path)) { return paragraph(do_lang_tempcode('MISSING_RESOURCE')); } $_classes = get_php_file_api($filename); $classes = new ocp_tempcode(); foreach ($_classes as $class) { if ($class['name'] == '__global') { $class['name'] = do_lang('GLOBAL_FUNCTIONS') . '_' . basename($filename); } $function_summaries = new ocp_tempcode(); $functions = new ocp_tempcode(); foreach ($class['functions'] as $function) { $ret = render_php_function($function, $class); $functions->attach($ret[0]); $function_summaries->attach($ret[1]); } $classes->attach(do_template('PHP_CLASS', array('_GUID' => '5d58fc42c5fd3a5dd190f3f3699610c2', 'CLASS_NAME' => $class['name'], 'FUNCTION_SUMMARIES' => $function_summaries, 'FUNCTIONS' => $functions))); } return do_template('PHP_FILE', array('_GUID' => '6f422e6a6e846d49864d7325b212109f', 'FILENAME' => $filename, 'CLASSES' => $classes)); }
/** * Get a splurghified version of the specified item. * * @param string The name of what the key we want to reference is in our array of maps (e.g. 'id') * @param array A row of maps for data we are splurghing; this is probably just the result of $GLOBALS['SITE_DB']->query_select * @param URLPATH The stub that links will be passed through * @param ID_TEXT The page name we will be saving customised HTML under * @param TIME The time we did our last change to the data being splurghed (so it can see if we can simply decache instead of deriving) * @param ?AUTO_LINK The ID that is at the root of our tree (NULL: db_get_first_id) * @return string A string of HTML that represents our splurghing (will desplurgh in the users browser) */ function splurgh_master_build($key_name, $map, $url_stub, $_cache_file, $last_change_time, $first_id = NULL) { if (is_null($first_id)) { $first_id = db_get_first_id(); } if (!array_key_exists($first_id, $map)) { return ''; } if (!has_js()) { warn_exit(do_lang_tempcode('MSG_JS_NEEDED')); } require_javascript('javascript_splurgh'); if (is_browser_decacheing()) { $last_change_time = time(); } $cache_file = zone_black_magic_filterer(get_custom_file_base() . '/' . get_zone_name() . '/pages/html_custom/' . filter_naughty(user_lang()) . '/' . filter_naughty($_cache_file) . '.htm'); if (!file_exists($cache_file) || is_browser_decacheing() || filesize($cache_file) == 0 || $last_change_time > filemtime($cache_file)) { $myfile = @fopen($cache_file, 'wt'); if ($myfile === false) { intelligent_write_error($cache_file); } $fulltable = array(); $splurgh = _splurgh_do_node($map, $first_id, '', $fulltable, 0); $page = do_template('SPLURGH', array('_GUID' => '8775edfc5a386fdf2cec69b0fc889952', 'KEY_NAME' => $key_name, 'URL_STUB' => $url_stub, 'SPLURGH' => str_replace('"', '\'', $splurgh))); $ev = $page->evaluate(); if (fwrite($myfile, $ev) < strlen($ev)) { warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE')); } fclose($myfile); fix_permissions($cache_file); sync_file($cache_file); return $ev; } return file_get_contents($cache_file, FILE_TEXT); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_code('textfiles'); $file = array_key_exists('param', $map) ? $map['param'] : 'admin_notes'; $title = array_key_exists('title', $map) ? $map['title'] : do_lang('NOTES'); $lang_none = array_key_exists('lang_none', $map) ? $map['lang_none'] : '0'; $scrolls = array_key_exists('scrolls', $map) ? $map['scrolls'] : '0'; $lang = $lang_none == '1' ? NULL : ''; $file = filter_naughty($file, true); $new = post_param('new', NULL); if (!is_null($new)) { $hooks = find_all_hooks('blocks', 'main_notes'); foreach (array_keys($hooks) as $hook) { require_code('hooks/blocks/main_notes/' . filter_naughty_harsh($hook)); $ob = object_factory('Hook_notes_' . filter_naughty_harsh($hook), true); if (is_null($ob)) { continue; } $ob->run($file); } write_text_file($file, $lang, $new); log_it('NOTES', $file); attach_message(do_lang_tempcode('SUCCESS'), 'inform'); } $contents = read_text_file($file, $lang, true); $post_url = get_self_url(); $map_comcode = ''; foreach ($map as $key => $val) { $map_comcode .= ' ' . $key . '="' . addslashes($val) . '"'; } return do_template('BLOCK_MAIN_NOTES', array('_GUID' => 'f737053505de3bd8ccfe806ec014b8fb', 'TITLE' => $title, 'BLOCK_NAME' => 'main_notes', 'MAP' => $map_comcode, 'CONTENTS' => $contents, 'SCROLLS' => array_key_exists('scrolls', $map) && $map['scrolls'] == '1', 'URL' => $post_url)); }
/** * Get a fields hook, from a given codename. * * @param ID_TEXT Codename * @return object Hook object */ function get_fields_hook($type) { static $fields_hook_cache = array(); if (isset($fields_hook_cache[$type])) { return $fields_hook_cache[$type]; } $path = 'hooks/systems/fields/' . filter_naughty($type); if (!in_array($type, array('author', 'auto_increment', 'codename', 'color', 'content_link', 'date', 'email', 'float', 'guid', 'integer', 'just_date', 'just_time', 'list', 'long_text', 'long_trans', 'page_link', 'password', 'picture', 'video', 'posting_field', 'radiolist', 'random', 'reference', 'short_text', 'short_trans', 'theme_image', 'tick', 'upload', 'url', 'user')) && !is_file(get_file_base() . '/sources/' . $path . '.php') && !is_file(get_file_base() . '/sources_custom/' . $path . '.php')) { $hooks = find_all_hooks('systems', 'fields'); foreach (array_keys($hooks) as $hook) { $path = 'hooks/systems/fields/' . filter_naughty($hook); require_code($path); $ob = object_factory('Hook_fields_' . filter_naughty($hook)); if (method_exists($ob, 'get_field_types')) { if (array_key_exists($type, $ob->get_field_types())) { $fields_hook_cache[$type] = $ob; return $ob; } } } } require_code($path); $ob = object_factory('Hook_fields_' . filter_naughty($type), true); if (is_null($ob)) { return get_fields_hook('short_text'); } $fields_hook_cache[$type] = $ob; return $ob; }
/** * Standard modular run function. * * @return tempcode The result of execution. */ function run() { require_lang('bulkupload'); $GLOBALS['HELPER_PANEL_PIC'] = 'pagepics/bulkuploadassistant'; $GLOBALS['HELPER_PANEL_TUTORIAL'] = 'tut_adv_comcode'; $GLOBALS['HELPER_PANEL_TEXT'] = comcode_lang_string('DOC_BULK_UPLOAD'); $title = get_page_title('BULK_UPLOAD'); $parameter = post_param('parameter', ''); require_code('form_templates'); if ($parameter == '') { $post_url = build_url(array('page' => '_SELF'), '_SELF'); $text = paragraph(do_lang_tempcode('BULK_UPLOAD_HELP')); $submit_name = do_lang_tempcode('BULK_UPLOAD'); $fields = form_input_line(do_lang_tempcode('DIRECTORY'), do_lang_tempcode('DIRECTORY_BULK'), 'parameter', 'uploads/attachments/' . date('Y-m-d', utctime_to_usertime()), true); return do_template('FORM_SCREEN', array('_GUID' => '77a2ca460745145d8a1d18cf24971fea', 'SKIP_VALIDATION' => true, 'HIDDEN' => '', 'FIELDS' => $fields, 'URL' => $post_url, 'TITLE' => $title, 'TEXT' => $text, 'SUBMIT_NAME' => $submit_name)); } else { breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('BULK_UPLOAD')))); breadcrumb_set_self(do_lang_tempcode('_RESULTS')); $out = $this->do_dir(get_custom_file_base() . '/' . filter_naughty($parameter, true)); if ($out->is_empty()) { inform_exit(do_lang_tempcode('NO_FILES')); } return do_template('BULK_HELPER_RESULTS_SCREEN', array('_GUID' => '5d373553cf21a58f15006bd4e600a9ee', 'TITLE' => $title, 'RESULTS' => $out)); } }
function run_testset($testset) { require_code('_tests/tests/' . filter_naughty($testset) . '.php'); $loader = new SimpleFileLoader(); $suite = $loader->createSuiteFromClasses($testset, array(basename($testset) . '_test_set')); /*$result = */ $suite->run(new DefaultReporter()); }
/** * A template has not been structurally cached, so compile it and store in the cache. * * @param ID_TEXT The theme the template is in the context of * @param PATH The path to the template file * @param ID_TEXT The codename of the template (e.g. foo) * @param ID_TEXT The actual codename to use for the template (e.g. thin_foo) * @param LANGUAGE_NAME The language the template is in the context of * @param string File type suffix of template file * @param ?ID_TEXT The theme to cache in (NULL: main theme) * @return tempcode The compiled tempcode */ function _do_template($theme, $path, $codename, $_codename, $lang, $suffix, $theme_orig = NULL) { if (is_null($theme_orig)) { $theme_orig = $theme; } $base_dir = ($theme == 'default' && ($suffix != '.css' || strpos($path, '/css_custom') === false) ? get_file_base() : get_custom_file_base()) . '/themes/'; global $CACHE_TEMPLATES, $FILE_ARRAY, $TEMPLATE_PREVIEW_OP, $MEM_CACHE; if (isset($FILE_ARRAY)) { $html = unixify_line_format(file_array_get('themes/' . $theme . $path . $codename . $suffix)); } else { $html = unixify_line_format(file_get_contents($base_dir . filter_naughty($theme . $path . $codename) . $suffix, FILE_TEXT)); } if (strpos($html, '{$,Parser hint: pure}') !== false) { return make_string_tempcode(preg_replace('#\\{\\$,.*\\}#U', '/*no minify*/', $html)); } if ($GLOBALS['SEMI_DEBUG_MODE'] && strpos($html, '.innerHTML') !== false && strpos($html, 'Parser hint: .innerHTML okay') === false) { require_code('site'); attach_message('Do not use the .innerHTML property in your Javascript because it will not work in true XHTML (when the browsers real XML parser is in action). Use ocPortal\'s global setInnerHTML/getInnerHTML functions.', 'warn'); } // Strip off trailing final lines from single lines templates. Editors often put these in, and it causes annoying "visible space" issues if (substr($html, -1, 1) == chr(10) && substr_count($html, chr(10)) == 1) { $html = substr($html, 0, strlen($html) - 1); } if ($TEMPLATE_PREVIEW_OP) { $test = post_param($codename, NULL); if (!is_null($test)) { $html = post_param($test . '_new'); } } $result = template_to_tempcode($html, 0, false, $codename, $theme, $lang); if ($CACHE_TEMPLATES && ($suffix == '.tpl' || $codename == 'no_cache')) { if (!is_null($MEM_CACHE)) { persistant_cache_set(array('TEMPLATE', $theme, $lang, $_codename), $result->to_assembly(), strpos($path, 'default/templates/') !== false); } else { $path2 = get_custom_file_base() . '/themes/' . $theme_orig . '/templates_cached/' . filter_naughty($lang) . '/'; $myfile = @fopen($path2 . filter_naughty($_codename) . $suffix . '.tcd', 'wb'); if ($myfile === false) { if (@mkdir($path2, 0777)) { require_code('files'); fix_permissions($path2, 0777); } else { if (file_exists($path2 . filter_naughty($_codename) . $suffix . '.tcd')) { warn_exit(do_lang_tempcode('WRITE_ERROR', $path2 . filter_naughty($_codename) . $suffix . '.tcd')); } else { warn_exit(do_lang_tempcode('WRITE_ERROR_CREATE', $path2 . filter_naughty($_codename) . $suffix . '.tcd')); } } } else { fwrite($myfile, $result->to_assembly($lang)); fclose($myfile); fix_permissions($path2 . filter_naughty($_codename) . $suffix . '.tcd'); } } } return $result; }
/** * Get all the events within a timestamp range. * * @param TIME From time (inclusive). * @param TIME To time (inclusive). * @return array List of template parameter sets (perfect for use in a Tempcode LOOP). */ function get_realtime_events($from, $to) { //restrictify(); $drops = array(); $hooks = find_all_hooks('systems', 'realtime_rain'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/realtime_rain/' . filter_naughty($hook)); $ob = object_factory('Hook_realtime_rain_' . $hook); $drops = array_merge($drops, $ob->run($from, $to)); } return $drops; }
/** * Get the tempcode for a standard box (CSS driven), with the specified content entered. Please rarely use this function; it is not good to assume people want anythings in one of these boxes... use templates instead * * @param tempcode The content being put inside the box * @param mixed The title of the standard box, string or Tempcode (blank: titleless standard box) * @param ?string The width/height classification (e.g. 100%, 100%|300px, ...) (NULL: unset) * @param ID_TEXT The type of the table. Refers to a template (STANDARDBOX_type) * @param string '|' separated list of options (meaning dependant upon templates interpretation) * @param string '|' separated list of meta information (key|value|key|value|...) * @param string '|' separated list of link information (linkhtml|...) * @param boolean If the box will be allowed to expand. * @param string Link to be added to the header of the box * @return tempcode The contents, put inside a standard box, according to the other parameters */ function put_in_standard_box($content, $title = '', $dimensions = NULL, $type = 'classic', $options = '', $meta = '', $links = '', $expand = false, $toplink = '') { if (get_page_name() == 'start' && get_zone_name() == 'adminzone' && ($options == '' || $options == 'tray_open')) { $expand = true; $options = 'tray_open'; } if ($dimensions === NULL) { $dimensions = $type == 'panel' ? get_option('panel_width') : '100%'; } if ($type == '') { $type = 'classic'; } $height = 'auto'; $dimensions_bits = explode('|', $dimensions); $width = $dimensions_bits[0]; if (is_numeric($width)) { $width .= 'px'; } if ($width == '') { $width = 'auto'; } if (array_key_exists(1, $dimensions_bits)) { $height = $dimensions_bits[1]; } if (is_numeric($height)) { $height .= 'px'; } $_meta = array(); if ($meta != '') { $meta_bits = explode('|', $meta); if (count($meta_bits) % 2 == 1) { unset($meta_bits[count($meta_bits) - 1]); } for ($i = 0; $i < count($meta_bits); $i += 2) { $_meta[] = array('KEY' => $meta_bits[$i + 0], 'VALUE' => $meta_bits[$i + 1]); } } $_links = array(); if ($links != '') { $_links = explode('|', $links); if ($_links[count($_links) - 1] == '') { array_pop($_links); } } $_options = explode('|', $options); //$interlock=in_array('interlock',$_options); return do_template('STANDARDBOX_' . filter_naughty($type), array('CONTENT' => $content, 'LINKS' => $_links, 'META' => $_meta, 'OPTIONS' => $_options, 'WIDTH' => $width, 'HEIGHT' => $height, 'TITLE' => $title, 'EXPAND' => $expand, 'TOPLINK' => $toplink), NULL, true); }
/** * Takes Salmon values from POST and handles their assimilation into the * site. */ function handle_salmon($id) { // Find out what the type our feedback should be for require_code('hooks/systems/content_meta_aware/iotd'); $cma = object_factory('Hook_content_meta_aware_iotd'); $info = $cma->info(); $db_id = $info['id_field_numeric'] ? intval($id) : $id; $_title = $GLOBALS['SITE_DB']->query_value_null_ok($info['table'], $info['title_field'], array($info['id_field'] => $db_id)); if (is_null($_title)) { warn_exit(''); } $title = $info['title_field_dereference'] ? get_translated_text($_title) : $_title; require_code('urls'); list($zone, $attributes, $_) = page_link_decode(str_replace('_WILD', $id, $info['view_pagelink_pattern'])); $url = build_url($attributes, $zone)->evaluate(); require_code('salmon/salmon'); parse_salmon_post($info['feedback_type_code'], filter_naughty($id), $url, $title); }
/** * Get a random line from a file. * * @param PATH The filename * @return string The random line */ function get_random_line($filename) { $myfile = @fopen(filter_naughty($filename, true), 'rt'); if ($myfile === false) { return ''; } $i = 0; $line = array(); while (true) { $line[$i] = fgets($myfile, 1024); if ($line[$i] === false || is_null($line[$i])) { break; } $i++; } $r = mt_rand(0, $i - 1); fclose($myfile); return trim($line[$r]); }
/** * Load up a language file, compiling it (it's not cached yet). * * @param ID_TEXT The language file name * @param ?LANGUAGE_NAME The language (NULL: uses the current language) * @param ?string The language type (lang_custom, or custom) (NULL: normal priorities are used) * @set lang_custom custom * @param PATH Where we are cacheing too * @param boolean Whether to just return if there was a loading error * @return boolean Whether we FAILED to load */ function require_lang_compile($codename, $lang, $type, $cache_path, $ignore_errors = false) { global $LANGUAGE, $REQUIRE_LANG_LOOP, $LANG_LOADED_LANG; $desire_cache = function_exists('get_option') && (get_option('is_on_lang_cache', true) == '1' || get_param_integer('keep_cache', 0) == 1 || get_param_integer('cache', 0) == 1) && get_param_integer('keep_cache', NULL) !== 0 && get_param_integer('cache', NULL) !== 0; if ($desire_cache) { if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 0) { global $DECACHED_COMCODE_LANG_STRINGS; // Cleanup language strings if (!$DECACHED_COMCODE_LANG_STRINGS) { $DECACHED_COMCODE_LANG_STRINGS = true; $comcode_lang_strings = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages', array('string_index'), array('the_zone' => '!'), '', NULL, NULL, true); if (!is_null($comcode_lang_strings)) { $GLOBALS['SITE_DB']->query_delete('cached_comcode_pages', array('the_zone' => '!')); foreach ($comcode_lang_strings as $comcode_lang_string) { delete_lang($comcode_lang_string['string_index']); } } } } $load_target = array(); } else { $load_target =& $LANGUAGE[$lang]; } global $FILE_ARRAY; if (@is_array($FILE_ARRAY) && file_array_exists('lang/' . $lang . '/' . $codename . '.ini')) { $lang_file = 'lang/' . $lang . '/' . $codename . '.ini'; $file = file_array_get($lang_file); _get_lang_file_map($file, $load_target, NULL, true); $bad = true; } else { $bad = true; $dirty = false; // Load originals $lang_file = get_file_base() . '/lang/' . $lang . '/' . filter_naughty($codename) . '.ini'; if (file_exists($lang_file)) { _get_lang_file_map($lang_file, $load_target, NULL, false); $bad = false; } // Load overrides now if they are there if ($type != 'lang') { $lang_file = get_custom_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.ini'; if (!file_exists($lang_file) && get_file_base() != get_custom_file_base()) { $lang_file = get_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.ini'; } if (!file_exists($lang_file)) { $lang_file = get_custom_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.po'; if (!file_exists($lang_file)) { $lang_file = get_file_base() . '/lang_custom/' . $lang . '/' . $codename . '-' . strtolower($lang) . '.po'; } } } if ($type != 'lang' && file_exists($lang_file)) { _get_lang_file_map($lang_file, $load_target, NULL, false); $bad = false; $dirty = true; // Tainted from the official pack, so can't store server wide } // NB: Merge op doesn't happen in require_lang. It happens when do_lang fails and then decides it has to force a recursion to do_lang(xx,fallback_lang()) which triggers require_lang(xx,fallback_lang()) when it sees it's not loaded if ($bad && $lang != fallback_lang()) { require_lang($codename, fallback_lang(), $type, $ignore_errors); $REQUIRE_LANG_LOOP--; $fallback_cache_path = get_custom_file_base() . '/lang_cached/' . fallback_lang() . '/' . $codename . '.lcd'; if (file_exists($fallback_cache_path)) { require_code('files'); @copy($fallback_cache_path, $cache_path); fix_permissions($cache_path); } if (!array_key_exists($lang, $LANG_LOADED_LANG)) { $LANG_LOADED_LANG[$lang] = array(); } $LANG_LOADED_LANG[$lang][$codename] = 1; return $bad; } if ($bad) { if ($ignore_errors) { return true; } if ($codename != 'critical_error' || $lang != get_site_default_lang()) { fatal_exit(do_lang_tempcode('MISSING_LANG_FILE', escape_html($codename), escape_html($lang))); } else { critical_error('CRIT_LANG'); } } } if (is_null($GLOBALS['MEM_CACHE'])) { // Cache if ($desire_cache) { $file = @fopen($cache_path, 'wt'); // Will fail if cache dir missing .. e.g. in quick installer if ($file) { if (fwrite($file, serialize($load_target)) > 0) { // Success fclose($file); require_code('files'); fix_permissions($cache_path); } else { // Failure fclose($file); @unlink($cache_path); } } } } else { persistant_cache_set(array('LANG', $lang, $codename), $load_target, !$dirty); } if ($desire_cache) { $LANGUAGE[$lang] += $load_target; } return $bad; }
/** * Get the name of the current page * * @return ID_TEXT The current page name */ function get_page_name() { global $PAGE_NAME_CACHE; if (isset($PAGE_NAME_CACHE)) { return $PAGE_NAME_CACHE; } global $ZONE, $GETTING_PAGE_NAME; if ($GETTING_PAGE_NAME) { return 'unknown'; } $GETTING_PAGE_NAME = true; $page = get_param('page', ''); if (strlen($page) > 80) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } if ($page == '' && $ZONE !== NULL) { $page = ocp_srv('QUERY_STRING'); if (strpos($page, '=') !== false || $page == '') { $page = $ZONE['zone_default_page']; if ($page === NULL) { $page = ''; } } } $page = filter_naughty($page); if ($ZONE !== NULL) { $PAGE_NAME_CACHE = $page; } $GETTING_PAGE_NAME = false; return $page; }
/** * The UI to choose what to import. * * @param mixed Output to show from last action (blank: none) * @return tempcode The UI */ function choose_actions($extra = '') { $title = get_page_title('IMPORT'); $session = either_param_integer('session', get_session_id()); $importer = filter_naughty(get_param('importer')); require_code('hooks/modules/admin_import/' . filter_naughty_harsh($importer)); $object = object_factory('Hook_' . filter_naughty_harsh($importer)); // Test import source is good if (method_exists($object, 'probe_db_access')) { list($db_name, $db_user, $db_password, $db_table_prefix) = $object->probe_db_access(either_param('old_base_dir')); } else { $db_name = either_param('db_name'); $db_user = either_param('db_user'); $db_password = either_param('db_password'); $db_table_prefix = either_param('db_table_prefix'); } if ($db_name == get_db_site() && $importer == 'ocp_merge' && $db_table_prefix == $GLOBALS['SITE_DB']->get_table_prefix()) { warn_exit(do_lang_tempcode('IMPORT_SELF_NO')); } $import_source = is_null($db_name) ? NULL : new database_driver($db_name, get_db_site_host(), $db_user, $db_password, $db_table_prefix); unset($import_source); $lang_array = array(); $hooks = find_all_hooks('modules', 'admin_import_types'); foreach (array_keys($hooks) as $hook) { require_code('hooks/modules/admin_import_types/' . filter_naughty_harsh($hook)); $_hook = object_factory('Hook_admin_import_types_' . filter_naughty_harsh($hook)); $lang_array += $_hook->run(); } $info = $object->info(); $session_row = $GLOBALS['SITE_DB']->query_select('import_session', array('*'), array('imp_session' => get_session_id()), '', 1); if (array_key_exists(0, $session_row)) { $old_base_dir = $session_row[0]['imp_old_base_dir']; $db_name = $session_row[0]['imp_db_name']; $db_user = $session_row[0]['imp_db_user']; $db_table_prefix = $session_row[0]['imp_db_table_prefix']; $refresh_time = $session_row[0]['imp_refresh_time']; } else { $old_base_dir = get_file_base() . '/old'; $db_name = get_db_site(); $db_user = get_db_site_user(); $db_table_prefix = array_key_exists('prefix', $info) ? $info['prefix'] : $GLOBALS['SITE_DB']->get_table_prefix(); $refresh_time = 15; } $_import_list = $info['import']; $_import_list_2 = array(); foreach ($_import_list as $import) { if (is_null($import)) { continue; } if (!array_key_exists($import, $lang_array)) { continue; } if (is_null($lang_array[$import])) { continue; } $text = do_lang(strtolower($lang_array[$import]) != $lang_array[$import] ? $lang_array[$import] : strtoupper($lang_array[$import])); $_import_list_2[$import] = $text; } if (array_key_exists('ocf_members', $_import_list_2) && get_forum_type() == $importer && $db_name == get_db_forums() && $db_table_prefix == $GLOBALS['FORUM_DB']->get_table_prefix()) { $_import_list_2['ocf_switch'] = do_lang_tempcode('SWITCH_TO_OCF'); } $import_list = new ocp_tempcode(); // asort($_import_list_2); Let's preserve order here $just = get_param('just', NULL); $first = true; $skip_hidden = array(); $parts_done = collapse_2d_complexity('imp_id', 'imp_session', $GLOBALS['SITE_DB']->query_select('import_parts_done', array('imp_id', 'imp_session'), array('imp_session' => get_session_id()))); foreach ($_import_list_2 as $import => $text) { if (array_key_exists($import, $parts_done)) { $import_list->attach(do_template('IMPORT_ACTION_LINE', array('CHECKED' => false, 'DISABLED' => true, 'NAME' => 'import_' . $import, 'TEXT' => $text, 'ADVANCED_URL' => $info['supports_advanced_import'] ? build_url(array('page' => '_SELF', 'type' => 'advanced_hook', 'session' => $session, 'content_type' => $import, 'importer' => $importer), '_SELF') : new ocp_tempcode()))); } else { $checked = is_null($just) && $first; $import_list->attach(do_template('IMPORT_ACTION_LINE', array('_GUID' => 'f2215115f920200a0a1ba6bc776ad945', 'CHECKED' => $checked, 'NAME' => 'import_' . $import, 'TEXT' => $text, 'ADVANCED_URL' => $info['supports_advanced_import'] ? build_url(array('page' => '_SELF', 'type' => 'advanced_hook', 'session' => $session, 'content_type' => $import, 'importer' => $importer), '_SELF') : new ocp_tempcode()))); } if ($just == $import) { $first = true; $just = NULL; } else { $first = false; } $skip_hidden[] = 'import_' . $import; } $message = array_key_exists('message', $info) ? $info['message'] : ''; if (count($parts_done) == count($_import_list_2)) { inform_exit(do_lang_tempcode($message === '' ? '_IMPORT_ALL_FINISHED' : 'IMPORT_ALL_FINISHED', $message)); } $url = build_url(array('page' => '_SELF', 'type' => 'import', 'session' => $session, 'importer' => $importer), '_SELF'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('IMPORT')), array('_SELF:_SELF:session:importer=' . $importer, do_lang_tempcode('IMPORT_SESSION')))); $hidden = new ocp_tempcode(); $hidden->attach(build_keep_post_fields($skip_hidden)); $hidden->attach(build_keep_form_fields('', true)); return do_template('IMPORT_ACTION_SCREEN', array('_GUID' => 'a3a69637e541923ad76e9e7e6ec7e1af', 'EXTRA' => $extra, 'MESSAGE' => $message, 'TITLE' => $title, 'FIELDS' => '', 'HIDDEN' => $hidden, 'IMPORTER' => $importer, 'IMPORT_LIST' => $import_list, 'URL' => $url)); }
/** * The actualiser to translate code (called externally, and may operate on many lang files). * * @return tempcode The UI */ function set_lang_code_2() { $lang = post_param('lang'); $lang_files = get_lang_files(fallback_lang()); foreach (array_keys($lang_files) as $lang_file) { $for_base_lang = get_lang_file_map(fallback_lang(), $lang_file, true); $for_base_lang_2 = get_lang_file_map($lang, $lang_file, false); $descriptions = get_lang_file_descriptions(fallback_lang(), $lang_file); $out = ''; foreach ($for_base_lang_2 + $for_base_lang as $key => $now_val) { $val = post_param('l_' . $key, array_key_exists($key, $for_base_lang_2) ? $for_base_lang_2[$key] : $now_val); if (str_replace(chr(10), '\\n', $val) != $now_val || !array_key_exists($key, $for_base_lang) || $for_base_lang[$key] != $val || !file_exists(get_file_base() . '/lang/' . fallback_lang() . '/' . $lang_file . '.ini')) { // if it's changed from default ocPortal, or not in default ocPortal, or was already changed in language file, or whole file is not in default ocPortal $out .= $key . '=' . str_replace(chr(10), '\\n', $val) . "\n"; } } if ($out != '') { $path = get_custom_file_base() . '/lang_custom/' . filter_naughty($lang) . '/' . filter_naughty($lang_file) . '.ini'; $path_backup = $path . '.' . strval(time()); if (file_exists($path)) { @copy($path, $path_backup) or intelligent_write_error($path_backup); sync_file($path_backup); } $myfile = @fopen($path, 'wt'); if ($myfile === false) { intelligent_write_error($path); } fwrite($myfile, "[descriptions]\n"); foreach ($descriptions as $key => $description) { if (fwrite($myfile, $key . '=' . $description . "\n") == 0) { warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE')); } } fwrite($myfile, "\n[strings]\n"); fwrite($myfile, $out); fclose($myfile); fix_permissions($path); sync_file($path); $path_backup2 = $path . '.latest_in_ocp_edit'; @copy($path, $path_backup2) or intelligent_write_error($path_backup2); sync_file($path_backup2); } } $title = get_page_title('TRANSLATE_CODE'); log_it('TRANSLATE_CODE'); require_code('view_modes'); erase_cached_language(); erase_cached_templates(); // Show it worked / Refresh $url = post_param('redirect', ''); if ($url == '') { return inform_screen($title, do_lang_tempcode('SUCCESS')); } return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
} $temp_all_ids = collapse_2d_complexity('id', 'path', $GLOBALS['SITE_DB']->query_select('theme_images', array('id', 'path'), array('theme' => $theme))); foreach ($full_img_set as $image_code) { if (!in_array($image_code, $THEME_WIZARD_IMAGES_NO_WILD)) { if (array_key_exists($image_code, $temp_all_ids) && strpos($temp_all_ids[$image_code], $theme . '/images_custom/') !== false && (!url_is_local($temp_all_ids[$image_code]) || file_exists(get_custom_file_base() . '/' . $temp_all_ids[$image_code]))) { continue; } $orig_path = find_theme_image($image_code, true, true, 'default', 'EN'); if ($orig_path == '') { continue; } // Theme has specified non-existent image as themewizard-compatible if (strpos($orig_path, '/' . fallback_lang() . '/') !== false) { $composite = 'themes/' . filter_naughty($theme) . '/images/EN/'; } else { $composite = 'themes/' . filter_naughty($theme) . '/images/'; } afm_make_directory($composite, true); $saveat = get_custom_file_base() . '/' . $composite . $image_code . '.png'; $saveat_url = $composite . $image_code . '.png'; if (!file_exists($saveat)) { $image = calculate_theme($seed, 'default', 'equations', $image_code, $dark, $theme_map, $theme_landscape, 'EN'); if (!is_null($image)) { $pos = strpos($image_code, '/'); if ($pos !== false || strpos($orig_path, '/EN/') !== false) { afm_make_directory($composite . substr($image_code, 0, $pos), true, true); } @imagepng($image, $saveat) or intelligent_write_error($saveat); imagedestroy($image); fix_permissions($saveat); sync_file($saveat);
/** * The actualiser for uploading a file. * * @return tempcode The UI. */ function module_do_upload() { if (!has_specific_permission(get_member(), 'upload_filedump')) { access_denied('I_ERROR'); } $title = get_page_title('FILEDUMP_UPLOAD'); if (function_exists('set_time_limit')) { @set_time_limit(0); } // Slowly uploading a file can trigger time limit, on some servers $place = filter_naughty(post_param('place')); require_code('uploads'); if (!is_swf_upload(true) && (!array_key_exists('file', $_FILES) || !is_uploaded_file($_FILES['file']['tmp_name']))) { $attach_name = 'file'; $max_size = get_max_file_size(); if (isset($_FILES[$attach_name]) && ($_FILES[$attach_name]['error'] == 1 || $_FILES[$attach_name]['error'] == 2)) { warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size))); } elseif (isset($_FILES[$attach_name]) && ($_FILES[$attach_name]['error'] == 3 || $_FILES[$attach_name]['error'] == 6 || $_FILES[$attach_name]['error'] == 7)) { warn_exit(do_lang_tempcode('ERROR_UPLOADING_' . strval($_FILES[$attach_name]['error']))); } else { warn_exit(do_lang_tempcode('ERROR_UPLOADING')); } } $file = $_FILES['file']['name']; if (get_magic_quotes_gpc()) { $file = stripslashes($file); } if (!has_specific_permission(get_member(), 'upload_anything_filedump') || get_file_base() != get_custom_file_base()) { check_extension($file); } $file = str_replace('.', '-', basename($file, '.' . get_file_extension($file))) . '.' . get_file_extension($file); if (!file_exists(get_custom_file_base() . '/uploads/filedump' . $place . $file)) { $max_size = get_max_file_size(); if ($_FILES['file']['size'] > $max_size) { warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format(intval($max_size)))); } $full = get_custom_file_base() . '/uploads/filedump' . $place . $file; if (is_swf_upload(true)) { @rename($_FILES['file']['tmp_name'], $full) or warn_exit(do_lang_tempcode('FILE_MOVE_ERROR', escape_html($file), escape_html('uploads/filedump' . $place))); } else { @move_uploaded_file($_FILES['file']['tmp_name'], $full) or warn_exit(do_lang_tempcode('FILE_MOVE_ERROR', escape_html($file), escape_html('uploads/filedump' . $place))); } fix_permissions($full); sync_file($full); $return_url = build_url(array('page' => '_SELF', 'place' => $place), '_SELF'); $test = $GLOBALS['SITE_DB']->query_value_null_ok('filedump', 'description', array('name' => $file, 'path' => $place)); if (!is_null($test)) { delete_lang($test); } $GLOBALS['SITE_DB']->query_delete('filedump', array('name' => $file, 'path' => $place), '', 1); $description = post_param('description'); $GLOBALS['SITE_DB']->query_insert('filedump', array('name' => $file, 'path' => $place, 'the_member' => get_member(), 'description' => insert_lang_comcode($description, 3))); require_code('notifications'); $subject = do_lang('FILEDUMP_NOTIFICATION_MAIL_SUBJECT', get_site_name(), $file, $place); $mail = do_lang('FILEDUMP_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape($file), array(comcode_escape($place), comcode_escape($description))); dispatch_notification('filedump', $place, $subject, $mail); log_it('FILEDUMP_UPLOAD', $file, $place); if (has_actual_page_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), get_page_name(), get_zone_name())) { syndicate_described_activity('filedump:ACTIVITY_FILEDUMP_UPLOAD', $place . '/' . $file, '', '', '', '', '', 'filedump'); } return redirect_screen($title, $return_url, do_lang_tempcode('SUCCESS')); } else { warn_exit(do_lang_tempcode('OVERWRITE_ERROR')); } return new ocp_tempcode(); }
/** * Log an action * * @param ID_TEXT The type of activity just carried out (a lang string) * @param ?SHORT_TEXT The most important parameter of the activity (e.g. id) (NULL: none) * @param ?SHORT_TEXT A secondary (perhaps, human readable) parameter of the activity (e.g. caption) (NULL: none) */ function _log_it($type, $a = NULL, $b = NULL) { if (!function_exists('get_member')) { return; } // If this is during installation if (get_option('site_closed') == '1' && get_option('no_stats_when_closed', true) === '1') { return; } // Run hooks, if any exist $hooks = find_all_hooks('systems', 'upon_action_logging'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/upon_action_logging/' . filter_naughty($hook)); $ob = object_factory('upon_action_logging' . filter_naughty($hook), true); if (is_null($ob)) { continue; } $ob->run($type, $a, $b); } $ip = get_ip_address(); $GLOBALS['SITE_DB']->query_insert('adminlogs', array('the_type' => $type, 'param_a' => is_null($a) ? '' : substr($a, 0, 80), 'param_b' => is_null($b) ? '' : substr($b, 0, 80), 'date_and_time' => time(), 'the_user' => get_member(), 'ip' => $ip)); decache('side_tag_cloud'); decache('main_staff_actions'); decache('main_staff_checklist'); decache('main_awards'); decache('main_multi_content'); decache('side_stored_menu'); // Due to the content counts in the CMS/Admin Zones if (get_page_name() != 'admin_themewizard' && get_page_name() != 'admin_import') { require_all_lang(); static $logged = 0; $logged++; if ($logged < 10) { require_all_lang(); if (is_null($a)) { $a = do_lang('NA'); } if (is_null($a)) { $a = do_lang('NA'); } require_code('notifications'); $subject = do_lang('ACTIONLOG_NOTIFICATION_MAIL_SUBJECT', get_site_name(), do_lang($type), array($a, $b)); $mail = do_lang('ACTIONLOG_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape(do_lang($type)), array(is_null($a) ? '' : comcode_escape($a), is_null($b) ? '' : comcode_escape($b))); if (addon_installed('actionlog')) { dispatch_notification('actionlog', $type, $subject, $mail); } } } }
/** * The actualiser to move a page. * * @return tempcode The UI */ function _move() { $title = get_page_title('MOVE_PAGES'); if (get_file_base() != get_custom_file_base()) { warn_exit(do_lang_tempcode('SHARED_INSTALL_PROHIBIT')); } $GLOBALS['HELPER_PANEL_PIC'] = 'pagepics/move'; $GLOBALS['HELPER_PANEL_TUTORIAL'] = 'tut_structure'; $zone = post_param('zone', NULL); if (is_null($zone)) { $post_url = build_url(array('page' => '_SELF', 'type' => get_param('type')), '_SELF', NULL, true); $hidden = build_keep_form_fields('', true); return do_template('YESNO_SCREEN', array('_GUID' => 'c6e872cc62bdc7cf1c5157fbfdb2dfd6', 'TITLE' => $title, 'TEXT' => do_lang_tempcode('Q_SURE'), 'URL' => $post_url, 'HIDDEN' => $hidden)); } $new_zone = post_param('destination_zone', ''); if (substr($new_zone, -1) == ':') { $new_zone = substr($new_zone, 0, strlen($new_zone) - 1); } //$pages=find_all_pages_wrap($zone); $pages = array(); require_code('site'); foreach ($_POST as $key => $val) { if (substr($key, 0, 6) == 'page__' && $val === '1') { $page = substr($key, 6); $page_details = _request_page($page, $zone, NULL, NULL, true); if ($page_details === false) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $pages[$page] = strtolower($page_details[0]); if (array_key_exists(3, $page_details)) { $pages[$page] .= '/' . $page_details[3]; } } } $afm_needed = false; foreach ($pages as $page => $type) { if (post_param_integer('page__' . $page, 0) == 1) { if ($type != 'comcode_custom') { $afm_needed = true; } } } if ($afm_needed) { require_code('abstract_file_manager'); force_have_afm_details(); } $cannot_move = new ocp_tempcode(); foreach ($pages as $page => $type) { if (!is_string($page)) { $page = strval($page); } if (post_param_integer('page__' . $page, 0) == 1) { if (substr($type, 0, 7) == 'modules') { $_page = $page . '.php'; } elseif (substr($type, 0, 7) == 'comcode') { $_page = $page . '.txt'; } elseif (substr($type, 0, 4) == 'html') { $_page = $page . '.htm'; } if (file_exists(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page))) { if (!$cannot_move->is_empty()) { $cannot_move->attach(do_lang_tempcode('LIST_SEP')); } $cannot_move->attach(do_lang_tempcode('PAGE_WRITE', escape_html($page))); continue; } } } $moved_something = NULL; foreach ($pages as $page => $type) { if (!is_string($page)) { $page = strval($page); } if (post_param_integer('page__' . $page, 0) == 1) { $moved_something = $page; if (substr($type, 0, 7) == 'modules') { $_page = $page . '.php'; } elseif (substr($type, 0, 7) == 'comcode') { $_page = $page . '.txt'; } elseif (substr($type, 0, 4) == 'html') { $_page = $page . '.htm'; } if (file_exists(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page))) { continue; } if (file_exists(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page))) { if ($afm_needed) { afm_move(zone_black_magic_filterer(filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page, true), zone_black_magic_filterer(filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page, true)); } else { rename(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page), zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty($type) . '/' . $_page)); } } // If a non-overridden one is there too, need to move that too if (strpos($type, '_custom') !== false && file_exists(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page)) && !file_exists(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page))) { if ($afm_needed) { afm_move(zone_black_magic_filterer(filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page, true), zone_black_magic_filterer(filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page, true)); } else { rename(zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($zone) . ($zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page), zone_black_magic_filterer(get_custom_file_base() . '/' . filter_naughty($new_zone) . ($new_zone != '' ? '/' : '') . 'pages/' . filter_naughty(str_replace('_custom', '', $type)) . '/' . $_page)); } } log_it('MOVE_PAGES', $page); } } if (is_null($moved_something)) { warn_exit(do_lang_tempcode('NOTHING_SELECTED')); } persistant_cache_empty(); require_lang('addons'); if ($cannot_move->is_empty()) { $message = do_lang_tempcode('SUCCESS'); } else { $message = do_lang_tempcode('WOULD_NOT_OVERWRITE_BUT_SUCCESS', $cannot_move); } breadcrumb_set_self(do_lang_tempcode('DONE')); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('PAGES')), array('_SELF:_SELF:move', do_lang_tempcode('MOVE_PAGES')))); decache('main_sitemap'); if (has_js()) { return inform_screen($title, $message); // Came from site-tree editor, so want to just close this window when done } return $this->do_next_manager($title, $moved_something, $new_zone, new ocp_tempcode()); }
/** * Cancel a subscription. * * @return tempcode The interface. */ function cancel() { $title = get_page_title('SUBSCRIPTION_CANCEL'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MY_SUBSCRIPTIONS')))); $id = get_param_integer('id'); $via = $GLOBALS['SITE_DB']->query_value('subscriptions', 's_via', array('id' => $id)); if ($via != 'manual' && $via != '') { require_code('hooks/systems/ecommerce_via/' . filter_naughty($via)); $hook = object_factory($via); if ($hook->auto_cancel($id) !== true) { require_code('notifications'); $trans_id = $GLOBALS['SITE_DB']->query_value('transactions', 'id', array('purchase_id' => strval($id))); $username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); dispatch_notification('subscription_cancelled_staff', NULL, do_lang('SUBSCRIPTION_CANCELLED_SUBJECT', NULL, NULL, NULL, get_site_default_lang()), do_lang('SUBSCRIPTION_CANCELLED_BODY', $trans_id, $username, NULL, get_site_default_lang())); } } $GLOBALS['SITE_DB']->query_delete('subscriptions', array('id' => $id, 's_member_id' => get_member()), '', 1); $url = build_url(array('page' => '_SELF'), '_SELF'); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_all_lang(); require_code('zones2'); $skip_pages = array_key_exists('skip', $map) ? explode(',', $map['skip']) : array(); $comcode_page_rows = $GLOBALS['SITE_DB']->query_select('comcode_pages', array('*')); $_zones = array(); $zones = find_all_zones(false, true); $GLOBALS['MEMORY_OVER_SPEED'] = true; $low_memory = ini_get('memory_limit') != '-1' && ini_get('memory_limit') != '0' && ini_get('memory_limit') != '' && intval(preg_replace('#M$#', '', ini_get('memory_limit'))) < 26 || get_option('has_low_memory_limit') === '1'; // Reorder a bit $zones2 = array(); foreach (array('', 'site') as $zone_match) { foreach ($zones as $i => $zone) { if ($zone[0] == $zone_match) { $zones2[] = $zone; unset($zones[$i]); } } } $zones2 = array_merge($zones2, $zones); foreach ($zones2 as $z) { list($zone, $zone_title, , $zone_default_page) = $z; if (has_zone_access(get_member(), $zone)) { $_pages = array(); $pages = find_all_pages_wrap($zone); if (isset($pages[$zone_default_page])) { $default = $pages[$zone_default_page]; $pages = array($zone_default_page => $default) + $pages; } foreach ($pages as $page => $page_type) { if (is_integer($page)) { $page = strval($page); } if (substr($page, 0, 6) == 'panel_') { continue; } if (substr($page, 0, 1) == '_') { continue; } if (in_array($page, $skip_pages)) { continue; } if (in_array($zone . ':' . $page, $skip_pages)) { continue; } if ($page == '404') { continue; } if (strpos($page, '_tree_made') !== false) { continue; } if ($page == 'sitemap') { continue; } if ($page == 'forums' && substr($page_type, 0, 7) == 'modules' && (get_forum_type() == 'ocf' || get_forum_type() == 'none')) { continue; } if ($page == 'join' && substr($page_type, 0, 7) == 'modules' && !is_guest()) { continue; } if (has_page_access(get_member(), $page, $zone)) { $_entrypoints = array(); $__entrypoints = $low_memory ? array(NULL) : extract_module_functions_page($zone, $page, array('get_entry_points')); if (!is_null($__entrypoints[0])) { $entrypoints = is_array($__entrypoints[0]) ? call_user_func_array($__entrypoints[0][0], $__entrypoints[0][1]) : (strpos($__entrypoints[0], '::') !== false ? NULL : eval($__entrypoints[0])); // The strpos thing is a little hack that allows it to work for base-class derived modules if (is_null($entrypoints)) { $path = zone_black_magic_filterer($zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php', true); if ($low_memory && !defined('HIPHOP_PHP') && strpos(file_get_contents(get_file_base() . '/' . $path), ' extends standard_aed_module') !== false) { $new_code = str_replace(',parent::get_entry_points()', '', str_replace('parent::get_entry_points(),', '', $__entrypoints[0])); if (strpos($new_code, 'parent::') !== false) { continue; } $entrypoints = eval($new_code); } else { require_code($path); if (class_exists('Mx_' . filter_naughty_harsh($page))) { $object = object_factory('Mx_' . filter_naughty_harsh($page)); } else { $object = object_factory('Module_' . filter_naughty_harsh($page)); } $entrypoints = $object->get_entry_points(); } } } else { $entrypoints = array('!'); } if (!is_array($entrypoints)) { $entrypoints = array('!'); } if ($entrypoints == array('!')) { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); $title = ucwords(str_replace('_', ' ', $page)); if (substr($page_type, 0, 7) == 'comcode') { foreach ($comcode_page_rows as $page_row) { if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) { continue 2; } } $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); if (!is_file($path)) { $path = zone_black_magic_filterer(get_file_base() . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); } $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '[/title]', $start); $matches = array(); $title_portion = str_replace('{$SITE_NAME}', get_site_name(), substr($page_contents, $start, $end - $start)); if (preg_match('#\\{\\!([\\w:]+)\\}#', $title_portion, $matches) != 0) { $title_portion = str_replace($matches[0], do_lang($matches[1]), $title_portion); } if (preg_match('#^[^<>\\[\\{\\&]*$#', $title_portion, $matches) != 0) { $title = $matches[0]; } elseif (!$low_memory) { $_title = comcode_to_tempcode($title_portion); $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset())); } } } elseif (substr($page_type, 0, 4) == 'html') { $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '</title>', $start); $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset())); } } $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '92e657f8b9a3642df053f54e724e66f6', 'URL' => $url, 'NAME' => $title, 'CHILDREN' => array())); $_pages[$title] = $temp->evaluate(); // FUDGEFUDGE } elseif (count($entrypoints) != 0) { foreach ($entrypoints as $entrypoint => $title) { if (($entrypoint == 'concede' || $entrypoint == 'invisible' || $entrypoint == 'logout') && is_guest()) { continue; } if ($entrypoint == '!') { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); } else { $url = build_url(array('page' => $page, 'type' => $entrypoint), $zone, NULL, false, false, true); } $_entrypoints[$title] = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'ae2ed2549644a8e699e0938b3ab98ddb', 'URL' => $url, 'NAME' => do_lang_tempcode($title), 'CHILDREN' => array())); } //ksort($_entrypoints); $title = do_lang('MODULE_TRANS_NAME_' . $page, NULL, NULL, NULL, NULL, false); if (is_null($title)) { $title = ucwords(str_replace('_', ' ', preg_replace('#^ocf\\_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote($zone)) . '_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote(str_replace('zone', '', $zone))) . '_#', '', $page))))); } if (count($_entrypoints) == 1) { $temp_keys = array_keys($_entrypoints); $temp = $_entrypoints[$temp_keys[0]]; } else { $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'dfc5cc7db0301acd938d3b2e3fceaab8', 'URL' => new ocp_tempcode(), 'NAME' => $title, 'CHILDREN' => $_entrypoints)); } $_pages[$title] = $temp->evaluate(); // FUDGEFUDGE } } } $url = new ocp_tempcode(); if ($_pages != array()) { $keys = array_keys($_pages); $first = $_pages[$keys[0]]; ksort($_pages); $_pages = array($keys[0] => $first) + $_pages; } $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '38abb0a0e5bec968b28b4791320dd0dc', 'URL' => $url, 'NAME' => $zone_title, 'CHILDREN' => $_pages)); $_zones[] = $temp->evaluate(); // FUDGEFUDGE } } // To avoid running out of memory $out = do_template('BLOCK_MAIN_SITEMAP', array('_GUID' => 'd0807b30925e47d10cdb2c36231436ab', 'CHILDREN' => $_zones)); $e = $out->evaluate(); $explode = explode('__keep__', $e); // the URLs are build without keep and the templates tack it on the end if (strpos($e, '__keep__') !== false) { $out = new ocp_tempcode(); foreach ($explode as $i => $bit) { if ($i != 0) { $out->attach(symbol_tempcode('KEEP', NULL, array(ENTITY_ESCAPED))); } if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($bit); } $out->attach($bit); } } $e = $out->evaluate(); if (strpos($e, '__keep1__') !== false) { $explode = explode('__keep1__', $e); $out = new ocp_tempcode(); foreach ($explode as $i => $bit) { if ($i != 0) { $out->attach(symbol_tempcode('KEEP', array('1'), array(ENTITY_ESCAPED))); } if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($bit); } $out->attach($bit); } } return $out; }
/** * Get the ID of the currently active member. * It see's if the session exists / cookie is valid -- and gets the member id accordingly * * @param boolean Whether to just do a quick check, don't establish new sessions * @return MEMBER The member requesting this web page (possibly the guest member - which strictly speaking, is not a member) */ function get_member($quick_only = false) { global $SESSION_CACHE, $MEMBER_CACHED, $GETTING_MEMBER, $SITE_INFO; if ($MEMBER_CACHED !== NULL) { $GETTING_MEMBER = false; return $MEMBER_CACHED; } // If lots of aging sessions, clean out reset($SESSION_CACHE); if (count($SESSION_CACHE) > 50 && $SESSION_CACHE[key($SESSION_CACHE)]['last_activity'] < time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) { delete_expired_sessions_or_recover(); } // Try via backdoor that someone with full server access can place $backdoor_ip_address = mixed(); // Enable to a real IP address to force login from FTP access (if lost admin password) if (array_key_exists('backdoor_ip', $SITE_INFO)) { $backdoor_ip_address = $SITE_INFO['backdoor_ip']; } if (is_string($backdoor_ip_address) && get_ip_address() == $backdoor_ip_address) { require_code('users_active_actions'); $MEMBER_CACHED = restricted_manually_enabled_backdoor(); // Will have created a session in here already return $MEMBER_CACHED; } if ($GETTING_MEMBER) { if (!isset($GLOBALS['FORUM_DRIVER'])) { return db_get_first_id(); } // :S return $GLOBALS['FORUM_DRIVER']->get_guest_id(); } $GETTING_MEMBER = true; global $FORCE_INVISIBLE_GUEST; if ($FORCE_INVISIBLE_GUEST) { $GETTING_MEMBER = false; if (!isset($GLOBALS['FORUM_DRIVER'])) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $MEMBER_CACHED = $GLOBALS['FORUM_DRIVER']->get_guest_id(); return $MEMBER_CACHED; } $member = NULL; $cookie_bits = explode(':', str_replace('|', ':', get_member_cookie())); $base = $cookie_bits[0]; // Try by session $session = get_session_id(); if ($session != -1 && get_param_integer('keep_force_htaccess', 0) == 0) { $ip = get_ip_address(3); // I hope AOL can cope with this $allow_unbound_guest = true; // Note: Guest sessions are not IP bound $member_row = NULL; if ($SESSION_CACHE !== NULL && array_key_exists($session, $SESSION_CACHE) && $SESSION_CACHE[$session] !== NULL && array_key_exists('the_user', $SESSION_CACHE[$session]) && (get_option('ip_strict_for_sessions') == '0' || $SESSION_CACHE[$session]['ip'] == $ip || is_guest($SESSION_CACHE[$session]['the_user']) && $allow_unbound_guest || $SESSION_CACHE[$session]['session_confirmed'] == 0 && !is_guest($SESSION_CACHE[$session]['the_user'])) && $SESSION_CACHE[$session]['last_activity'] > time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) { $member_row = $SESSION_CACHE[$session]; } if ($member_row !== NULL && (!array_key_exists($base, $_COOKIE) || !is_guest($member_row['the_user']))) { $member = $member_row['the_user']; if ($member !== NULL && time() - $member_row['last_activity'] > 10) { //$GLOBALS['SITE_DB']->query_update('sessions',array('last_activity'=>time(),'the_zone'=>get_zone_name(),'the_page'=>get_page_name()),array('the_session'=>$session),'',1); Done in get_page_title now $SESSION_CACHE[$session]['last_activity'] = time(); if (get_value('session_prudence') !== '1') { persistant_cache_set('SESSION_CACHE', $SESSION_CACHE); } } global $SESSION_CONFIRMED; $SESSION_CONFIRMED = $member_row['session_confirmed']; if (get_forum_type() == 'ocf') { $GLOBALS['FORUM_DRIVER']->ocf_flood_control($member); } if (!is_guest($member) && $GLOBALS['FORUM_DRIVER']->is_banned($member)) { warn_exit(do_lang_tempcode('USER_BANNED')); } // Test this member still exists if ($GLOBALS['FORUM_DRIVER']->get_username($member) === NULL) { $member = $GLOBALS['FORUM_DRIVER']->get_guest_id(); } if (array_key_exists($base, $_COOKIE)) { global $IS_A_COOKIE_LOGIN; $IS_A_COOKIE_LOGIN = true; } } else { require_code('users_inactive_occasionals'); set_session_id(-1); } } if ($member === NULL && get_session_id() == -1 && get_param_integer('keep_force_htaccess', 0) == 0) { // Try by cookie (will defer to forum driver to authorise against detected cookie) require_code('users_inactive_occasionals'); $member = try_cookie_login(); // Can forum driver help more directly? if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member')) { $member = $GLOBALS['FORUM_DRIVER']->get_member(); } } // Try via additional login providers. They can choose whether to respect existing $member of get_session_id() settings. Some may do an account linkage, so we need to let them decide what to do. $hooks = find_all_hooks('systems', 'login_providers'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/login_providers/' . $hook); $ob = object_factory('Hook_login_provider_' . $hook); $member = $ob->try_login($member); } // Guest or banned if ($member === NULL) { $member = $GLOBALS['FORUM_DRIVER']->get_guest_id(); $is_guest = true; } else { $is_guest = is_guest($member); } // If we are doing a very quick init, bomb out now - no need to establish session etc global $SITE_INFO; if ($quick_only) { $GETTING_MEMBER = false; return $member; } // If one of the try_* functions hasn't actually created the session, call it here $session = get_session_id(); if ($session == -1) { require_code('users_inactive_occasionals'); create_session($member); } // If we are logged in, maybe do some further processing if (!$is_guest) { // Is there a su operation? $ks = get_param('keep_su', ''); if ($ks != '') { require_code('users_inactive_occasionals'); $member = try_su_login($member); } // Run hooks, if any exist $hooks = find_all_hooks('systems', 'upon_login'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/upon_login/' . filter_naughty($hook)); $ob = object_factory('upon_login' . filter_naughty($hook), true); if ($ob === NULL) { continue; } $ob->run(false, NULL, $member); // false means "not a new login attempt" } } // Ok we have our answer $MEMBER_CACHED = $member; $GETTING_MEMBER = false; // We call this to ensure any HTTP-auth specific code has a chance to run is_httpauth_login(); return $member; }
/** * Find the notification object for a particular notification code. * * @param ID_TEXT The notification code to use * @return ?object Notification object (NULL: could not find) */ function _get_notification_ob_for_code($notification_code) { $path = 'hooks/systems/notifications/' . filter_naughty($notification_code); if (!is_file(get_file_base() . '/sources/' . $path . '.php') && !is_file(get_file_base() . '/sources_custom/' . $path . '.php')) { require_all_lang(); $hooks = find_all_hooks('systems', 'notifications'); foreach (array_keys($hooks) as $hook) { $path = 'hooks/systems/notifications/' . filter_naughty($hook); require_code($path); $ob = object_factory('Hook_Notification_' . filter_naughty($hook)); if (method_exists($ob, 'list_handled_codes')) { if (array_key_exists($notification_code, $ob->list_handled_codes())) { return $ob; } } } } else { require_code($path); return object_factory('Hook_Notification_' . filter_naughty($notification_code)); } return NULL; //return object_factory('Hook_Notification'); // default }
/** * AJAX script for dynamically extended sitetree. */ function site_tree_script() { header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past $root_perms = array('submit_cat_highrange_content' => 0, 'edit_cat_highrange_content' => 0, 'edit_own_cat_highrange_content' => 0, 'delete_cat_highrange_content' => 0, 'delete_own_cat_highrange_content' => 0, 'submit_highrange_content' => 1, 'bypass_validation_highrange_content' => 1, 'edit_own_highrange_content' => 1, 'edit_highrange_content' => 1, 'delete_own_highrange_content' => 1, 'delete_highrange_content' => 1, 'submit_cat_midrange_content' => 0, 'edit_cat_midrange_content' => 0, 'edit_own_cat_midrange_content' => 0, 'delete_cat_midrange_content' => 0, 'delete_own_cat_midrange_content' => 0, 'submit_midrange_content' => 1, 'bypass_validation_midrange_content' => 1, 'edit_own_midrange_content' => 1, 'edit_midrange_content' => 1, 'delete_own_midrange_content' => 1, 'delete_midrange_content' => 1, 'submit_cat_lowrange_content' => 0, 'edit_cat_lowrange_content' => 0, 'edit_own_cat_lowrange_content' => 0, 'delete_cat_lowrange_content' => 0, 'delete_own_cat_lowrange_content' => 0, 'submit_lowrange_content' => 1, 'bypass_validation_lowrange_content' => 1, 'edit_own_lowrange_content' => 1, 'edit_lowrange_content' => 1, 'delete_own_lowrange_content' => 1, 'delete_lowrange_content' => 1); require_code('zones2'); require_code('zones3'); // Usergroups we have $admin_groups = $GLOBALS['FORUM_DRIVER']->get_super_admin_groups(); $groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, true); if (!has_actual_page_access(get_member(), 'admin_site_tree', 'adminzone')) { exit; } if (function_exists('set_time_limit')) { @set_time_limit(30); } disable_php_memory_limit(); // Needed for loading large amount of permissions (potentially) // ====== // Saving // ====== if (get_param_integer('set_perms', 0) == 1) { if (!has_actual_page_access(get_member(), 'admin_permissions', 'adminzone')) { exit; } // Build a map of every page link we are setting permissions for $map = array(); foreach (array_merge($_GET, $_POST) as $i => $page_link) { if (get_magic_quotes_gpc()) { $page_link = stripslashes($page_link); } if (substr($i, 0, 4) == 'map_') { $map[intval(substr($i, 4))] = $page_link; } } // Read it all in foreach ($map as $i => $page_link) { // Decode page link $matches = array(); $type = ''; if ($page_link == '_root') { $type = 'root'; } elseif (preg_match('#^([^:]*):([^:]+):.+$#', $page_link, $matches) != 0) { $type = 'cat'; } elseif (preg_match('#^([^:]*):([^:]+)$#', $page_link, $matches) != 0) { $type = 'page'; } elseif (preg_match('#^([^:]*):?$#', $page_link, $matches) != 0) { $type = 'zone'; } else { $type = 'root'; } // Working out what we're doing with privilege overrides if ($type == 'page' || $type == 'cat') { $zone = $matches[1]; $page = $matches[2]; list($overridables, $sp_page) = get_module_overridables($zone, $page); } if ($type == 'root') { // Insertion foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { // SP's foreach (array_keys($root_perms) as $overide) { $val = post_param_integer(strval($i) . 'gsp_' . $overide . '_' . strval($group), -2); if ($val != -2) { $GLOBALS['SITE_DB']->query_delete('gsp', array('specific_permission' => $overide, 'group_id' => $group, 'the_page' => '', 'module_the_name' => '', 'category_name' => '')); if ($val != -1) { $GLOBALS['SITE_DB']->query_insert('gsp', array('specific_permission' => $overide, 'group_id' => $group, 'module_the_name' => '', 'category_name' => '', 'the_page' => '', 'the_value' => $val)); } } } } } } elseif ($type == 'zone') { $zone = $matches[1]; // Insertion foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { // View access $view = post_param_integer(strval($i) . 'g_view_' . strval($group), -1); if ($view != -1) { $GLOBALS['SITE_DB']->query_delete('group_zone_access', array('zone_name' => $zone, 'group_id' => $group)); if ($view == 1) { $GLOBALS['SITE_DB']->query_insert('group_zone_access', array('zone_name' => $zone, 'group_id' => $group)); } } } } } elseif ($type == 'page') { // Insertion foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { // View access $view = post_param_integer(strval($i) . 'g_view_' . strval($group), -1); if ($view != -1) { $GLOBALS['SITE_DB']->query_delete('group_page_access', array('zone_name' => $zone, 'page_name' => $page, 'group_id' => $group)); if ($view == 0) { // Pages have access by row non-presence, for good reason $GLOBALS['SITE_DB']->query_insert('group_page_access', array('zone_name' => $zone, 'page_name' => $page, 'group_id' => $group)); } } // SP's foreach (array_keys($overridables) as $overide) { $val = post_param_integer(strval($i) . 'gsp_' . $overide . '_' . strval($group), -2); if ($val != -2) { $GLOBALS['SITE_DB']->query_delete('gsp', array('specific_permission' => $overide, 'group_id' => $group, 'the_page' => $sp_page)); if ($val != -1) { $GLOBALS['SITE_DB']->query_insert('gsp', array('specific_permission' => $overide, 'group_id' => $group, 'module_the_name' => '', 'category_name' => '', 'the_page' => $sp_page, 'the_value' => $val)); } } } } } } elseif ($type == 'cat') { $_pagelinks = extract_module_functions_page($zone, $page, array('extract_page_link_permissions'), array($page_link)); list($category, $module) = is_array($_pagelinks[0]) ? call_user_func_array($_pagelinks[0][0], $_pagelinks[0][1]) : eval($_pagelinks[0]); // If $_pagelinks[0] is NULL then it's an error: extract_page_link_permissions is always there when there are cat permissions // Insertion foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { // View access $view = post_param_integer(strval($i) . 'g_view_' . strval($group), -1); if ($view != -1) { $GLOBALS['SITE_DB']->query_delete('group_category_access', array('module_the_name' => $module, 'category_name' => $category, 'group_id' => $group)); if ($view == 1) { $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => $module, 'category_name' => $category, 'group_id' => $group)); } } // SP's foreach ($overridables as $overide => $cat_support) { if (is_array($cat_support)) { $cat_support = $cat_support[0]; } if ($cat_support == 0) { continue; } $val = post_param_integer(strval($i) . 'gsp_' . $overide . '_' . strval($group), -2); if ($val != -2) { $GLOBALS['SITE_DB']->query_delete('gsp', array('specific_permission' => $overide, 'group_id' => $group, 'module_the_name' => $module, 'category_name' => $category, 'the_page' => '')); if ($val != -1) { $new_settings = array('specific_permission' => $overide, 'group_id' => $group, 'module_the_name' => $module, 'category_name' => $category, 'the_page' => '', 'the_value' => $val); $GLOBALS['SITE_DB']->query_insert('gsp', $new_settings); } } } } } } } decache('main_sitemap'); $GLOBALS['SITE_DB']->query_delete('cache'); if (function_exists('persistant_cache_empty')) { persistant_cache_empty(); } // Tra la la tada return; } // ======= // Loading // ======= $default = get_param('default', NULL, true); header('Content-Type: text/xml'); $permissions_needed = get_param_integer('get_perms', 0) == 1; // Whether we are limiting our tree to permission-supporting @ini_set('ocproducts.xss_detect', '0'); echo '<' . '?xml version="1.0" encoding="' . get_charset() . '"?' . '>'; echo '<request><result>'; require_lang('permissions'); require_lang('zones'); $page_link = get_param('id', NULL, true); $_sp_access = $GLOBALS['SITE_DB']->query_select('gsp', array('*')); $sp_access = array(); foreach ($_sp_access as $a) { if (!isset($sp_access[$a['group_id']])) { $sp_access[$a['group_id']] = array(); } $sp_access[$a['group_id']][] = $a; } if (!is_null($page_link) && $page_link != '' && (strpos($page_link, ':') === false || strpos($page_link, ':') === strlen($page_link) - 1)) { if (strpos($page_link, ':') === strlen($page_link) - 1) { $page_link = substr($page_link, 0, strlen($page_link) - 1); } // Pages in the zone $zone = $page_link; $page_type = get_param('page_type', NULL); $pages = find_all_pages_wrap($zone, false, true, FIND_ALL_PAGES__NEWEST, $page_type); ksort($pages); if ($permissions_needed) { $zone_access = $GLOBALS['SITE_DB']->query_select('group_zone_access', array('*'), array('zone_name' => $zone)); $page_access = $GLOBALS['SITE_DB']->query_select('group_page_access', array('*'), array('zone_name' => $zone)); } foreach ($pages as $page => $page_type) { if (!is_string($page)) { $page = strval($page); } $full_page_type = $page_type; $description = ''; if (strpos($full_page_type, '/') !== false) { $full_page_type = substr($full_page_type, 0, strpos($full_page_type, '/')); } if (strpos($full_page_type, ':') !== false) { $full_page_type = substr($full_page_type, 0, strpos($full_page_type, ':')); } switch ($full_page_type) { case 'redirect': list(, $redir_zone, $redir_page) = explode(':', $page_type); $page_title = html_entity_decode(strip_tags(str_replace(array('<kbd>', '</kbd>'), array('"', '"'), do_lang('REDIRECT_PAGE_TO', xmlentities($redir_zone), xmlentities($redir_page)))), ENT_QUOTES) . ': ' . (is_string($page) ? $page : strval($page)); break; case 'comcode': case 'comcode_custom': $page_title = do_lang('COMCODE_PAGE') . ': ' . (is_string($page) ? $page : strval($page)); break; case 'html': case 'html_custom': $page_title = 'HTML: ' . $page; break; case 'modules': case 'modules_custom': $page_title = do_lang('MODULE') . ': ' . $page; $matches = array(); if (preg_match('#@package\\s+(\\w+)#', file_get_contents(zone_black_magic_filterer(get_file_base() . '/' . $zone . '/pages/' . $page_type . '/' . $page . '.php')), $matches) != 0) { $package = $matches[1]; $path = get_file_base() . '/sources_custom/hooks/systems/addon_registry/' . $package . '.php'; if (!file_exists($path)) { $path = get_file_base() . '/sources/hooks/systems/addon_registry/' . $package . '.php'; } if (file_exists($path)) { require_lang('zones'); require_code('zones2'); $functions = extract_module_functions($path, array('get_description')); $description = is_array($functions[0]) ? call_user_func_array($functions[0][0], $functions[0][1]) : eval($functions[0]); $description = do_lang('FROM_ADDON', $package, $description); } } break; case 'minimodules': case 'minimodules_custom': $page_title = do_lang('MINIMODULE') . ': ' . $page; break; default: $page_title = do_lang('PAGE') . ': ' . $page; break; } if ($permissions_needed) { $view_perms = ''; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $view_perms .= 'g_view_' . strval($group) . '="' . (!in_array(array('zone_name' => $zone, 'page_name' => is_string($page) ? $page : strval($page), 'group_id' => $group), $page_access) ? 'true' : 'false') . '" '; } } $pagelinks = NULL; if (substr($page_type, 0, 7) != 'modules') { $overridables = array(); } else { list($overridables, $sp_page) = get_module_overridables($zone, $page); } $sp_perms = ''; foreach ($overridables as $overridable => $cat_support) { $lang_string = do_lang('PT_' . $overridable); if (is_array($cat_support)) { $lang_string = do_lang($cat_support[1]); } if (strlen($lang_string) > 20 && strpos($lang_string, '(') !== false) { $lang_string = preg_replace('# \\([^\\)]*\\)#', '', $lang_string); } $sp_perms .= 'sp_' . $overridable . '="' . xmlentities($lang_string) . '" '; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $override_value = -1; foreach ($sp_access[$group] as $test) { if ($test['specific_permission'] == $overridable && $test['the_page'] == $sp_page) { $override_value = $test['the_value']; } } if ($override_value != -1) { $sp_perms .= 'gsp_' . $overridable . '_' . strval($group) . '="' . strval($override_value) . '" '; } } } } if (count($overridables) == 0) { $sp_perms = 'no_sps="1" '; } $has_children = $sp_perms != ''; if (count(array_diff(array_keys($overridables), array('submit_highrange_content', 'submit_midrange_content', 'submit_lowrange_content'))) != 0) { $sp_perms .= 'inherits_something="1" '; } $serverid = $zone . ':' . (is_string($page) ? $page : strval($page)); echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'description="' . xmlentities($description) . '" img_func_1="permissions_img_func_1" img_func_2="permissions_img_func_2" highlighted="true" ' . $view_perms . $sp_perms . ' id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities($page_title) . '" has_children="' . ($has_children ? 'true' : 'false') . '" selectable="true">'; } else { $extra = ''; if (strpos($page_type, 'modules') === 0) { $info = extract_module_info(zone_black_magic_filterer(get_file_base() . '/' . $zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php')); if (!is_null($info) && array_key_exists('author', $info)) { $extra = 'author="' . xmlentities($info['author']) . '" organisation="' . xmlentities($info['organisation']) . '" version="' . xmlentities(integer_format($info['version'])) . '" '; } } $has_children = false; // For a normal tree, we have children if we have entry points. We have children if we have categories also - but where there are categories there are also entry points if (strpos($page_type, 'modules') === 0) { $_entrypoints = extract_module_functions_page($zone, $page, array('get_entry_points')); if (!is_null($_entrypoints[0])) { $entrypoints = is_string($_entrypoints[0]) && strpos($_entrypoints[0], '::') !== false ? array('whatever' => 1) : (is_array($_entrypoints[0]) ? call_user_func_array($_entrypoints[0][0], $_entrypoints[0][1]) : eval($_entrypoints[0])); // The strpos thing is a little hack that allows it to work for base-class derived modules if (!is_array($entrypoints)) { $entrypoints = array('whatever' => 1); } $has_children = array_keys($entrypoints) != array('!'); } } global $MODULES_ZONES; $not_draggable = array_key_exists($page, $MODULES_ZONES) || $zone == 'adminzone' && substr($page, 0, 6) == 'admin_' && substr($page_type, 0, 6) == 'module'; $serverid = $zone . ':' . $page; echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . '' . $extra . 'type="' . xmlentities($page_type) . '" description="' . xmlentities($description) . '" draggable="' . ($not_draggable ? 'false' : 'page') . '" droppable="' . ($page_type == 'zone' ? 'page' : 'false') . '" id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities($page_title) . '" has_children="' . ($has_children ? 'true' : 'false') . '" selectable="true">'; } echo '</category>'; } } elseif (!is_null($page_link) && $page_link != '') { $matches = array(); preg_match('#^([^:]*):([^:]*)#', $page_link, $matches); $zone = $matches[1]; $page = $matches[2]; if ($permissions_needed) { $category_access = $GLOBALS['SITE_DB']->query_select('group_category_access', array('*')); } $_pagelinks = extract_module_functions_page($zone, $page, array('get_page_links'), array(1, true, $page_link)); if (!is_null($_pagelinks[0])) { $pagelinks = is_array($_pagelinks[0]) ? call_user_func_array($_pagelinks[0][0], $_pagelinks[0][1]) : eval($_pagelinks[0]); if (!is_null($pagelinks[0]) && !is_null($pagelinks[1])) { $_overridables = extract_module_functions_page(get_module_zone($pagelinks[1]), $pagelinks[1], array('get_sp_overrides')); if (!is_null($_overridables[0])) { $overridables = is_array($_overridables[0]) ? call_user_func_array($_overridables[0][0], $_overridables[0][1]) : eval($_overridables[0]); } else { $overridables = array(); } } else { $overridables = array(); } } else { $pagelinks = NULL; } $_pagelinks = extract_module_functions_page($zone, $page, array('extract_page_link_permissions'), array($page_link)); list($category, $module) = is_null($_pagelinks[0]) || strlen($matches[0]) == strlen($page_link) ? array('!', '') : (is_array($_pagelinks[0]) ? call_user_func_array($_pagelinks[0][0], $_pagelinks[0][1]) : eval($_pagelinks[0])); // If $_pagelinks[0] is NULL then it's an error: extract_page_link_permissions is always there when there are cat permissions // Entry points under here if (!$permissions_needed && $zone . ':' . $page == $page_link) { $path = zone_black_magic_filterer(filter_naughty($zone) . ($zone == '' ? '' : '/') . 'pages/modules_custom/' . filter_naughty($page) . '.php', true); if (!file_exists(get_file_base() . '/' . $path)) { $path = zone_black_magic_filterer(filter_naughty($zone) . '/pages/modules/' . filter_naughty($page) . '.php', true); } require_code($path); if (class_exists('Mx_' . filter_naughty_harsh($page))) { $object = object_factory('Mx_' . filter_naughty_harsh($page)); } else { $object = object_factory('Module_' . filter_naughty_harsh($page)); } require_all_lang(); $entrypoints = $object->get_entry_points(); foreach ($entrypoints as $entry_point => $lang_string) { $serverid = $zone . ':' . $page; echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'type="entry_point" id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . ':type=' . $entry_point . '" title="' . xmlentities(do_lang('ENTRY_POINT') . ': ' . do_lang($lang_string)) . '" has_children="false" selectable="true">'; echo '</category>'; } } // Categories under here if (!is_null($pagelinks)) { foreach ($pagelinks[0] as $pagelink) { $keys = array_keys($pagelink); if (is_string($keys[0])) { $module_the_name = array_key_exists(3, $pagelinks) ? $pagelinks[3] : NULL; $category_name = is_string($pagelink['id']) ? $pagelink['id'] : strval($pagelink['id']); $actual_page_link = str_replace('!', $category_name, $pagelinks[2]); $title = $pagelink['title']; $has_children = $pagelink['child_count'] != 0; } else { $cms_module_name = NULL; $module_the_name = $pagelink[1]; $category_name = is_null($pagelink[2]) ? '' : (is_string($pagelink[2]) ? $pagelink[2] : strval($pagelink[2])); $actual_page_link = $pagelink[0]; $title = $pagelink[3]; $has_children = array_key_exists(7, $pagelink) ? $pagelink[7] : NULL; } $cms_module_name = $pagelinks[1]; if ($category_name == $category) { continue; } if ($module_the_name == 'catalogues_category' && $category_name == '') { continue; } if (!is_null($cms_module_name)) { $edit_type = '_ec'; if ($module_the_name == 'catalogues_catalogue') { $edit_type = '_ev'; } $actual_edit_link = preg_replace('#^[\\w\\_]+:[\\w\\_]+:type=[\\w\\_]+:(id|catalogue\\_name)=#', get_module_zone($cms_module_name) . ':' . $cms_module_name . ':' . $edit_type . ':', $actual_page_link); } else { $actual_edit_link = ''; } $actual_page_link = str_replace('_SELF:_SELF', $zone . ':' . $page, $actual_page_link); // Support for lazy notation if ($permissions_needed) { $highlight = $module_the_name == 'catalogues_catalogue' ? 'true' : 'false'; $view_perms = ''; $sp_perms = ''; if (!is_null($module_the_name)) { foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $view_perms .= 'g_view_' . strval($group) . '="' . (in_array(array('module_the_name' => $module_the_name, 'category_name' => $category_name, 'group_id' => $group), $category_access) ? 'true' : 'false') . '" '; } } foreach ($overridables as $overridable => $cat_support) { $lang_string = do_lang('PT_' . $overridable); if (is_array($cat_support)) { $lang_string = do_lang($cat_support[1]); } if (strlen($lang_string) > 20 && strpos($lang_string, '(') !== false) { $lang_string = preg_replace('# \\([^\\)]*\\)#', '', $lang_string); } if (is_array($cat_support)) { $cat_support = $cat_support[0]; } if ($cat_support == 0) { continue; } $sp_perms .= 'sp_' . $overridable . '="' . xmlentities($lang_string) . '" '; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $override_value = -1; foreach ($sp_access[$group] as $test) { if ($test['specific_permission'] == $overridable && $test['the_page'] == '' && $test['category_name'] == $category_name && $test['module_the_name'] == $module_the_name) { $override_value = $test['the_value']; } } if ($override_value != -1) { $sp_perms .= 'gsp_' . $overridable . '_' . strval($group) . '="' . strval($override_value) . '" '; } } } } } if (count(array_diff(array_keys($overridables), array('submit_highrange_content', 'submit_midrange_content', 'submit_lowrange_content'))) != 0) { $sp_perms .= 'inherits_something="1" '; } $serverid = $actual_page_link; echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'img_func_1="permissions_img_func_1" img_func_2="permissions_img_func_2" highlighted="' . $highlight . '" ' . $view_perms . $sp_perms . ' id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities($title) . '" has_children="' . ($has_children ? 'true' : 'false') . '" selectable="' . (!is_null($module_the_name) ? 'true' : 'false') . '">'; } else { $serverid = $actual_page_link; echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'type="category" id="' . uniqid('', true) . '" edit="' . xmlentities($actual_edit_link) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities($title) . '" has_children="' . ($has_children ? 'true' : 'false') . '" selectable="true">'; } echo '</category>'; } } } else { // Start of tree if ($permissions_needed) { $view_perms = ''; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $view_perms .= 'g_view_' . strval($group) . '="true" '; } // This isn't actually displayed in the editor } $sp_perms = ''; $sp_perms_opera_hack = ''; foreach (array_keys($root_perms) as $overridable) { $sp_perms .= 'sp_' . $overridable . '="' . xmlentities(do_lang('PT_' . $overridable)) . '" '; $sp_perms_opera_hack .= '<attribute key="' . 'sp_' . $overridable . '" value="' . xmlentities(do_lang('PT_' . $overridable)) . '" />'; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $override_value = 0; foreach ($sp_access[$group] as $test) { if ($test['specific_permission'] == $overridable && $test['the_page'] == '' && $test['module_the_name'] == '' && $test['category_name'] == '') { $override_value = $test['the_value']; } } $sp_perms .= 'gsp_' . $overridable . '_' . strval($group) . '="' . strval($override_value) . '" '; $sp_perms_opera_hack .= '<attribute key="' . 'gsp_' . $overridable . '_' . strval($group) . '" value="' . strval($override_value) . '" />'; } } } echo '<category serverid="_root" expanded="true" title="' . do_lang('ROOT') . '" has_children="true" selectable="true" img_func_1="permissions_img_func_1" img_func_2="permissions_img_func_2" id="' . uniqid('', true) . '" ' . $view_perms . '>'; echo $sp_perms_opera_hack; } else { echo '<category serverid="_root" expanded="true" title="' . do_lang('ROOT') . '" has_children="true" selectable="false" type="root" id="' . uniqid('', true) . '">'; } // Zones $zones = $GLOBALS['SITE_DB']->query_select('zones', array('zone_title', 'zone_name', 'zone_default_page'), NULL, 'ORDER BY zone_title', 50); if ($permissions_needed) { $zone_access = $GLOBALS['SITE_DB']->query_select('group_zone_access', array('*')); $page_access = $GLOBALS['SITE_DB']->query_select('group_page_access', array('*')); } $start_links = get_param_integer('start_links', 0) == 1; foreach ($zones as $_zone) { if (get_option('collapse_user_zones') == '1' && $_zone['zone_name'] == 'site') { continue; } $_zone['text_original'] = get_translated_text($_zone['zone_title']); $zone = $_zone['zone_name']; $zone_title = $_zone['text_original']; $serverid = $zone; if ($start_links) { $serverid = $zone . ':'; } $pages = find_all_pages_wrap($zone, false, true, FIND_ALL_PAGES__NEWEST); if ($permissions_needed) { $view_perms = ''; foreach ($groups as $group => $group_name) { if (!in_array($group, $admin_groups)) { $view_perms .= 'g_view_' . strval($group) . '="' . (in_array(array('zone_name' => $zone, 'group_id' => $group), $zone_access) ? 'true' : 'false') . '" '; } } echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'img_func_1="permissions_img_func_1" img_func_2="permissions_img_func_2" no_sps="1" highlighted="true" ' . $view_perms . ' id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities(do_lang('ZONE') . ': ' . $zone_title) . '" has_children="' . (count($pages) != 0 ? 'true' : 'false') . '" selectable="true">'; } else { echo '<category ' . ($serverid == $default ? 'selected="yes" ' : '') . 'type="zone" droppable="page" id="' . uniqid('', true) . '" serverid="' . xmlentities($serverid) . '" title="' . xmlentities(do_lang('ZONE') . ': ' . $zone_title) . '" has_children="' . (count($pages) != 0 ? 'true' : 'false') . '" selectable="true">'; } echo '</category>'; } echo '</category>'; } // Mark parent cats for pre-expansion if (!is_null($default) && $default != '' && strpos($default, ':') !== false) { list($zone, $page) = explode(':', $default, 2); echo "\n" . '<expand>' . $zone . '</expand>'; echo "\n" . '<expand>' . $zone . ':</expand>'; echo "\n" . '<expand>' . $zone . ':' . $page . '</expand>'; } echo '</result></request>'; }
/** * Get a tempcoded version of a normal XHTML template. It is perhaps the most common ocPortal function to load up templates using do_template, and then attach them together either as parameters to each other, or via the tempcode attach method. * * @param ID_TEXT The codename of the template being loaded * @param ?array A map of parameters for the template (key to value) (NULL: no parameters) * @param ?LANGUAGE_NAME The language to load the template in (templates can embed language references) (NULL: users own language) * @param boolean Whether to not produce a stack dump if the template is missing * @param ?ID_TEXT Alternate template to use if the primary one does not exist (NULL: none) * @param string File type suffix of template file (e.g. .tpl) * @param string Subdirectory type to look in * @set templates css * @param ID_TEXT Theme to use * @return tempcode The tempcode for this template */ function do_template($codename, $parameters = NULL, $lang = NULL, $light_error = false, $fallback = NULL, $suffix = '.tpl', $type = 'templates', $theme = NULL) { if (is_null($lang) || $lang == '') { global $USER_LANG_CACHED; $lang = isset($USER_LANG_CACHED) ? $USER_LANG_CACHED : (function_exists('user_lang') ? user_lang() : 'EN'); } if ($GLOBALS['SEMI_DEBUG_MODE']) { if ($codename != 'tempcode_test' && $codename != 'handle_conflict_resolution' && strtoupper($codename) != strtoupper($codename)) { fatal_exit('Template names should be in upper case, and the files should be stored in upper case.'); } if (substr($codename, -7) == '_SCREEN' || $codename == 'POOR_XHTML_WRAPPER' || $codename == 'OCF_WRAPPER') { $GLOBALS['SCREEN_TEMPLATE_CALLED'] = $codename; } } if (is_null($parameters)) { $parameters = array(); } global $RECORD_TEMPLATES_USED, $FILE_ARRAY, $MEM_CACHE, $CACHE_TEMPLATES, $KEEP_MARKERS, $SHOW_EDIT_LINKS, $XHTML_SPIT_OUT, $TEMPLATE_CACHE, $MOBILE, $FORUM_DRIVER; $special_treatment = ($KEEP_MARKERS || $SHOW_EDIT_LINKS) && is_null($XHTML_SPIT_OUT); // Is it already loaded? if ($RECORD_TEMPLATES_USED) { global $RECORDED_TEMPLATES_USED; $RECORDED_TEMPLATES_USED[] = $codename; } // Variables we'll need if (!isset($theme)) { $theme = isset($FORUM_DRIVER) && is_object($FORUM_DRIVER) && method_exists($FORUM_DRIVER, 'get_theme') ? filter_naughty($FORUM_DRIVER->get_theme()) : 'default'; } $_codename = $MOBILE ? $codename . '_mobile' : $codename; if (isset($TEMPLATE_CACHE[$theme][$codename][$lang])) { $_data = $TEMPLATE_CACHE[$theme][$codename][$lang]->bind($parameters, $codename); // Copy and pasted to remove need for an function call if ($special_treatment) { if ($KEEP_MARKERS) { $__data = make_string_tempcode('<!-- START-TEMPLATE=' . $codename . ' -->'); $__data->attach($_data); $__data->attach('<!-- END-TEMPLATE=' . $codename . ' -->'); $_data = $__data; } if ($SHOW_EDIT_LINKS) { $edit_url = build_url(array('page' => 'admin_themes', 'theme' => $FORUM_DRIVER->get_theme(), 'template' => $codename), 'adminzone'); $_data->attach('<br /><a href="' . escape_html($edit_url->evaluate()) . '">' . do_lang('EDIT') . ' ' . $codename . '</a>'); } } return $_data; } // Is it structurally cached on disk yet? $data = mixed(); if ($CACHE_TEMPLATES) { if (!is_null($MEM_CACHE)) { $data = persistant_cache_get(array('TEMPLATE', $theme, $lang, $_codename)); if (!is_null($data)) { $_data = new ocp_tempcode(); $_data->from_assembly($data); if ($_data->bits == array()) { $data = false; } // Corrupt somehow } else { $data = false; } } elseif (is_null($data)) { $_data = new ocp_tempcode(); $tcp_path = get_custom_file_base() . '/themes/' . $theme . '/templates_cached/' . $lang . '/' . $_codename . $suffix . '.tcd'; $data = @file_get_contents($tcp_path, FILE_BINARY); if ($data === '') { $data = false; } // '' needed for PHP4 - weird if ($data !== false) { $_data->from_assembly($data); if ($_data->bits == array()) { $data = false; } // Corrupt somehow } } } else { $data = false; } if ($data === false) { if (!isset($FILE_ARRAY)) { $_data = NULL; $prefix_default = get_file_base() . '/themes/'; $prefix = $theme == 'default' ? $prefix_default : get_custom_file_base() . '/themes/'; if (file_exists($prefix . $theme . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix . $theme . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (!is_null($GLOBALS['CURRENT_SHARE_USER']) && $theme != 'default' && file_exists($prefix_default . $theme . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (!is_null($GLOBALS['CURRENT_SHARE_USER']) && $theme != 'default' && file_exists($prefix_default . $theme . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template('default', '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template('default', '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif ($codename != $_codename) { if (file_exists($prefix . $theme . '/' . $type . '_custom/' . $codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix . $theme . '/' . $type . '/' . $codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '_custom/' . $codename . $suffix)) { $_data = _do_template('default', '/' . $type . '_custom/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '/' . $codename . $suffix)) { $_data = _do_template('default', '/' . $type . '/', $codename, $_codename, $lang, $suffix, $theme); } } if (is_null($_data)) { if (is_null($fallback)) { if ($light_error) { return paragraph(do_lang_tempcode('MISSING_TEMPLATE_FILE', escape_html($codename))); } fatal_exit(do_lang_tempcode('MISSING_TEMPLATE_FILE', escape_html($codename))); } else { $result = do_template($fallback, $parameters, $lang); $TEMPLATE_CACHE[$theme][$codename][$lang] = $TEMPLATE_CACHE[$fallback][$lang]; return $result; } } } else { $_data = _do_template('default', '/' . $type . '/', $codename, $codename, $lang, $suffix, $theme); } } $TEMPLATE_CACHE[$theme][$codename][$lang] = $_data; $ret = $_data->bind($parameters, $codename); if ($special_treatment) { if ($KEEP_MARKERS) { $__data = new ocp_tempcode(); $__data->attach('<!-- START-TEMPLATE=' . $codename . ' -->'); $__data->attach($ret); $__data->attach('<!-- END-TEMPLATE=' . $codename . ' -->'); $ret = $__data; } if ($SHOW_EDIT_LINKS && $codename != 'PARAM_INFO') { $param_info = do_template('PARAM_INFO', array('MAP' => $parameters)); $edit_url = build_url(array('page' => 'admin_themes', 'theme' => $FORUM_DRIVER->get_theme(), 'template' => $codename), 'adminzone'); $SHOW_EDIT_LINKS = false; $ret = do_template('TEMPLATE_EDIT_LINK', array('_GUID' => '511ae911d31a5b237a4371ff22fc78fd', 'PARAM_INFO' => $param_info, 'CONTENTS' => $ret, 'CODENAME' => $codename, 'EDIT_URL' => $edit_url)); $SHOW_EDIT_LINKS = true; } } return $ret; }
foreach ($comcode_page_rows as $page_row) { if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) { continue 2; } } $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '[/title]', $start); $_title = comcode_to_tempcode(substr($page_contents, $start, $end - $start), NULL, true); $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset())); } } elseif (substr($page_type, 0, 4) == 'html') { $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '</title>', $start); $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset())); } } $temp = '<DT><A HREF="' . escape_html($url->evaluate()) . '">' . escape_html($title) . '</A>'; $_pages[$title] = $temp; } elseif (count($entrypoints) != 0) { foreach ($entrypoints as $entrypoint => $title) { if ($entrypoint == '!') { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); } else {
/** * Handle GET URLs requesting embedded media files. */ function handle_self_referencing_embedment() { // If this is self-referring to CSS or logo if (array_key_exists('type', $_GET)) { $type = $_GET['type']; if ($type == 'ajax_ftp_details') { header('Content-Type: text/plain'); if (!function_exists('ftp_connect')) { echo do_lang('NO_PHP_FTP'); exit; } $conn = false; $domain = trim(get_param('ftp_domain')); $port = 21; if (strpos($domain, ':') !== false) { list($domain, $_port) = explode(':', $domain, 2); $port = intval($_port); } if (function_exists('ftp_ssl_connect')) { $conn = @ftp_ssl_connect($domain, $port); } $ssl = $conn !== false; $username = get_param('ftp_username'); $password = get_param('ftp_password'); $ssl = $conn !== false; if ($ssl && !@ftp_login($conn, $username, $password)) { $conn = false; $ssl = false; } if ($conn === false) { $conn = ftp_connect($domain, $port); } if ($conn === false) { echo do_lang('NO_FTP_CONNECT'); exit; } if (!$ssl && !@ftp_login($conn, $username, $password)) { echo do_lang('NO_FTP_LOGIN', @strval($php_errormsg)); ftp_close($conn); exit; } $ftp_folder = get_param('ftp_folder'); if (substr($ftp_folder, -1) != '/') { $ftp_folder .= '/'; } if (!@ftp_chdir($conn, $ftp_folder)) { echo do_lang('NO_FTP_DIR', @strval($php_errormsg), '1'); ftp_close($conn); exit; } $files = @ftp_nlist($conn, '.'); if ($files === false) { $files = array(); if (@ftp_rename($conn, 'install.php', 'install.php')) { $files = array('install.php', 'data.ocp'); } } if (!in_array('install.php', $files)) { echo do_lang('NO_FTP_DIR', @strval($php_errormsg), '2'); } ftp_close($conn); exit; } if ($type == 'ajax_db_details') { header('Content-Type: text/plain'); global $SITE_INFO; if (!isset($SITE_INFO)) { $SITE_INFO = array(); } $SITE_INFO['db_type'] = get_param('db_type'); require_code('database'); if (get_param('db_site') == '') { $db = new database_driver(get_param('db_forums'), get_param('db_forums_host'), get_param('db_forums_user'), get_param('db_forums_password'), '', true); } else { $db = new database_driver(get_param('db_site'), get_param('db_site_host'), get_param('db_site_user'), get_param('db_site_password'), '', true); } $connection =& $db->connection_write; if (count($connection) > 4) { call_user_func_array(array($db->static_ob, 'db_get_connection'), $connection); } exit; } if ($type == 'logo') { header('Content-type: image/png'); if (!file_exists(get_file_base() . '/themes/default/images/' . get_site_default_lang() . '/logo/trimmed-logo.png')) { $out = file_array_get('themes/default/images/' . get_site_default_lang() . '/logo/trimmed-logo.png'); echo $out; } else { print file_get_contents(get_file_base() . '/themes/default/images/' . get_site_default_lang() . '/logo/trimmed-logo.png'); exit; } exit; } if ($type == 'contract') { header('Content-type: image/png'); if (!file_exists(get_file_base() . '/themes/default/images/contract.png')) { $out = file_array_get('themes/default/images/contract.png'); echo $out; } else { print file_get_contents(get_file_base() . '/themes/default/images/contract.png'); exit; } exit; } if ($type == 'expand') { header('Content-type: image/png'); if (!file_exists(get_file_base() . '/themes/default/images/expand.png')) { $out = file_array_get('themes/default/images/expand.png'); echo $out; } else { print file_get_contents(get_file_base() . '/themes/default/images/expand.png'); exit; } exit; } if (substr($type, 0, 15) == 'themes/default/') { header('Content-type: image/png'); if (!file_exists(get_file_base() . '/' . $type)) { $out = file_array_get(filter_naughty($type)); echo $out; } else { print file_get_contents(get_file_base() . '/' . filter_naughty($type)); exit; } exit; } if ($type == 'css') { header('Content-Type: text/css'); if (!file_exists(get_file_base() . '/themes/default/css/global.css')) { $file = file_array_get('themes/default/css/global.css'); } else { $file = file_get_contents(get_file_base() . '/themes/default/css/global.css', FILE_TEXT); } $file = preg_replace('#\\{\\$IMG;?\\,([^,\\}\']+)\\}#', 'install.php?type=themes/default/images/${1}.png', $file); require_code('tempcode_compiler'); $css = template_to_tempcode($file, 0, false, ''); $file = $css->evaluate(); print $file; exit; } if ($type == 'css_2') { header('Content-Type: text/css'); if (!file_exists(get_file_base() . '/themes/default/css/install.css')) { $file = file_array_get('themes/default/css/install.css'); echo $file; } else { $file = file_get_contents(get_file_base() . '/themes/default/css/install.css', FILE_TEXT); } $file = preg_replace('#\\{\\$IMG\\,([^,\\}\']+)\\}#', 'themes/default/images/${1}.png', $file); require_code('tempcode_compiler'); $css = template_to_tempcode($file, 0, false, ''); $file = $css->evaluate(); print $file; exit; } exit; } }
/** * Farm out the files for downloads. */ function dload_script() { // Closed site $site_closed = get_option('site_closed'); if ($site_closed == '1' && !has_specific_permission(get_member(), 'access_closed_site') && !$GLOBALS['IS_ACTUALLY_ADMIN']) { header('Content-Type: text/plain'); @exit(get_option('closed')); } global $SITE_INFO; if (!is_guest() || !isset($SITE_INFO['any_guest_cached_too']) || $SITE_INFO['any_guest_cached_too'] == '0') { if (get_param('for_session', '-1') != md5(strval(get_session_id())) && get_option('anti_leech') == '1' && ocp_srv('HTTP_REFERER') != '') { warn_exit(do_lang_tempcode('LEECH_BLOCK')); } } require_lang('downloads'); $id = get_param_integer('id', 0); // Lookup $rows = $GLOBALS['SITE_DB']->query_select('download_downloads', array('*'), array('id' => $id), '', 1); if (!array_key_exists(0, $rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $myrow = $rows[0]; // Permission if (!has_category_access(get_member(), 'downloads', strval($myrow['category_id']))) { access_denied('CATEGORY_ACCESS'); } // Cost? $got_before = $GLOBALS['SITE_DB']->query_value_null_ok('download_logging', 'the_user', array('the_user' => get_member(), 'id' => $id)); if (addon_installed('points')) { if ($myrow['download_cost'] > 0) { require_code('points2'); $member = get_member(); if (is_guest($member)) { access_denied('NOT_AS_GUEST'); } // Check they haven't downloaded this before (they only get charged once - maybe they are resuming) if (is_null($got_before)) { $cost = $myrow['download_cost']; $member = get_member(); if (is_guest($member)) { access_denied('NOT_AS_GUEST'); } $dif = $cost - available_points($member); if ($dif > 0 && !has_specific_permission(get_member(), 'have_negative_gift_points')) { warn_exit(do_lang_tempcode('LACKING_POINTS', integer_format($dif))); } require_code('points2'); charge_member($member, $cost, do_lang('DOWNLOADED_THIS', get_translated_text($myrow['name']))); if ($myrow['download_submitter_gets_points'] == 1) { system_gift_transfer(do_lang('THEY_DOWNLOADED_THIS', get_translated_text($myrow['name'])), $cost, $myrow['submitter']); } } } } // Filename $full = $myrow['url']; $breakdown = @pathinfo($full) or warn_exit(do_lang_tempcode('HTTP_DOWNLOAD_NO_SERVER', $full)); // $filename=$breakdown['basename']; if (!array_key_exists('extension', $breakdown)) { $extension = ''; } else { $extension = strtolower($breakdown['extension']); } if (url_is_local($full)) { $_full = get_custom_file_base() . '/' . rawurldecode($full); } else { $_full = rawurldecode($full); } // Is it non-local? If so, redirect if (!url_is_local($full) || !file_exists(get_file_base() . '/' . rawurldecode(filter_naughty($full)))) { if (url_is_local($full)) { $full = get_custom_base_url() . '/' . $full; } if (strpos($full, chr(10)) !== false || strpos($full, chr(13)) !== false) { log_hack_attack_and_exit('HEADER_SPLIT_HACK'); } header('Location: ' . $full); log_download($id, 0, !is_null($got_before)); // Bandwidth used is 0 for an external download return; } // Some basic security: don't fopen php files if ($extension == 'php') { log_hack_attack_and_exit('PHP_DOWNLOAD_INNOCENT', integer_format($id)); } // Size, bandwidth, logging $size = filesize($_full); if (is_null($got_before)) { $bandwidth = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT SUM(file_size) AS answer FROM ' . get_table_prefix() . 'download_logging l LEFT JOIN ' . get_table_prefix() . 'download_downloads d ON l.id=d.id WHERE date_and_time>' . strval(time() - 24 * 60 * 60 * 32)); if ($bandwidth + floatval($size) > floatval(get_option('maximum_download')) * 1024 * 1024 * 1024 && !has_specific_permission(get_member(), 'bypass_bandwidth_restriction')) { warn_exit(do_lang_tempcode('TOO_MUCH_DOWNLOAD')); } require_code('files2'); check_shared_bandwidth_usage($size); } log_download($id, $size, !is_null($got_before)); // Send header if (strpos($myrow['original_filename'], chr(10)) !== false || strpos($myrow['original_filename'], chr(13)) !== false) { log_hack_attack_and_exit('HEADER_SPLIT_HACK'); } header('Content-Type: application/octet-stream' . '; authoritative=true;'); if (get_option('immediate_downloads') == '1') { require_code('mime_types'); header('Content-Type: ' . get_mime_type(get_file_extension($myrow['original_filename'])) . '; authoritative=true;'); header('Content-Disposition: filename="' . str_replace(chr(13), '', str_replace(chr(10), '', addslashes($myrow['original_filename']))) . '"'); } else { if (strstr(ocp_srv('HTTP_USER_AGENT'), 'MSIE') !== false) { header('Content-Disposition: filename="' . str_replace(chr(13), '', str_replace(chr(10), '', addslashes($myrow['original_filename']))) . '"'); } else { header('Content-Disposition: attachment; filename="' . str_replace(chr(13), '', str_replace(chr(10), '', addslashes($myrow['original_filename']))) . '"'); } } header('Accept-Ranges: bytes'); // Caching header("Pragma: private"); header("Cache-Control: private"); header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 60 * 60 * 24 * 365) . ' GMT'); $time = is_null($myrow['edit_date']) ? $myrow['add_date'] : $myrow['edit_date']; $time = max($time, filemtime($_full)); header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $time) . ' GMT'); // Default to no resume $from = 0; $new_length = $size; @ini_set('zlib.output_compression', 'Off'); // They're trying to resume (so update our range) $httprange = ocp_srv('HTTP_RANGE'); if (strlen($httprange) > 0) { $_range = explode('=', ocp_srv('HTTP_RANGE')); if (count($_range) == 2) { if (strpos($_range[0], '-') === false) { $_range = array_reverse($_range); } $range = $_range[0]; if (substr($range, 0, 1) == '-') { $range = strval($size - intval(substr($range, 1)) - 1) . $range; } if (substr($range, -1, 1) == '-') { $range .= strval($size - 1); } $bits = explode('-', $range); if (count($bits) == 2) { list($from, $to) = array_map('intval', $bits); if ($to - $from != 0 || $from == 0) { $new_length = $to - $from + 1; header('HTTP/1.1 206 Partial Content'); header('Content-Range: bytes ' . $range . '/' . strval($size)); } else { $from = 0; } } } } header('Content-Length: ' . strval($new_length)); if (function_exists('set_time_limit')) { @set_time_limit(0); } error_reporting(0); // Send actual data $myfile = fopen($_full, 'rb'); fseek($myfile, $from); $i = 0; flush(); // Works around weird PHP bug that sends data before headers, on some PHP versions while ($i < $new_length) { $content = fread($myfile, min($new_length - $i, 1048576)); echo $content; $len = strlen($content); if ($len == 0) { break; } $i += $len; } fclose($myfile); /* Security note... at the download adding/editing stage, we ensured that only files accessible to the web server (in raw form) could end up in our database. Therefore we did not check here that our file was accessible in raw form. */ }
/** * Recursively find theme images under the specified details. Does not find custom theme images, as it doesn't check the DB. * * @param ID_TEXT The theme * @param string The subdirectory to search under * @param array A map (lang=>1) of the languages in the system, so the codes may be filtered out of the image codes in our result list * @return array A map, theme-image-code=>URL */ function find_images_do_dir($theme, $subdir, $langs) { $full = ($theme == 'default' ? get_file_base() : get_custom_file_base()) . '/themes/' . filter_naughty($theme) . '/' . filter_naughty($subdir); $out = array(); $_dir = @opendir($full); if ($_dir !== false) { while (false !== ($file = readdir($_dir))) { if ($file != '.' && $file != '..') { if (is_dir($full . $file)) { $out = array_merge($out, find_images_do_dir($theme, $subdir . $file . '/', $langs)); } else { $ext = substr($file, -4); if ($ext == '.png' || $ext == '.gif' || $ext == '.jpg' || $ext == 'jpeg') { $_file = explode('.', $file); $_subdir = $subdir; foreach (array_keys($langs) as $lang) { $_subdir = str_replace('/' . $lang . '/', '/', $_subdir); } $_subdir = preg_replace('#(^|/)images(\\_custom)?/#', '', $_subdir); $out[$_subdir . $_file[0]] = 'themes/' . rawurlencode($theme) . '/' . $subdir . rawurlencode($file); } } } } closedir($_dir); } return $out; }
/** * A template has not been structurally cached, so compile it and store in the cache. * * @param ID_TEXT The theme the template is in the context of * @param PATH The path to the template file * @param ID_TEXT The codename of the template (e.g. foo) * @param ID_TEXT The actual codename to use for the template (e.g. foo_mobile) * @param LANGUAGE_NAME The language the template is in the context of * @param string File type suffix of template file (e.g. .tpl) * @param ?ID_TEXT The theme to cache in (NULL: main theme) * @return tempcode The compiled tempcode */ function _do_template($theme, $path, $codename, $_codename, $lang, $suffix, $theme_orig = NULL) { if (is_null($theme_orig)) { $theme_orig = $theme; } if (is_null($GLOBALS['CURRENT_SHARE_USER'])) { $base_dir = ($theme == 'default' && ($suffix != '.css' || strpos($path, '/css_custom') === false) ? get_file_base() : get_custom_file_base()) . '/themes/'; } else { $base_dir = get_custom_file_base() . '/themes/'; if (!is_file($base_dir . $theme . $path . $codename . $suffix)) { $base_dir = get_file_base() . '/themes/'; } } global $CACHE_TEMPLATES, $FILE_ARRAY, $TEMPLATE_PREVIEW_OP, $MEM_CACHE; if (isset($FILE_ARRAY)) { $html = unixify_line_format(file_array_get('themes/' . $theme . $path . $codename . $suffix)); } else { $html = unixify_line_format(file_get_contents($base_dir . filter_naughty($theme . $path . $codename) . $suffix, FILE_TEXT)); } if ($GLOBALS['SEMI_DEBUG_MODE'] && strpos($html, '.innerHTML') !== false && !running_script('install') && strpos($html, 'Parser hint: .innerHTML okay') === false) { attach_message('Do not use the .innerHTML property in your Javascript because it will not work in true XHTML (when the browsers real XML parser is in action). Use ocPortal\'s global setInnerHTML/getInnerHTML functions.', 'warn'); } // Strip off trailing final lines from single lines templates. Editors often put these in, and it causes annoying "visible space" issues if (substr($html, -1, 1) == chr(10) && substr_count($html, chr(10)) == 1) { $html = substr($html, 0, strlen($html) - 1); } if ($TEMPLATE_PREVIEW_OP) { $test = post_param($codename, NULL); if (!is_null($test)) { $html = post_param($test . '_new'); } } $result = template_to_tempcode($html, 0, false, $suffix != '.tpl' ? '' : $codename, $theme_orig, $lang); if ($CACHE_TEMPLATES && !$TEMPLATE_PREVIEW_OP && ($suffix == '.tpl' || $codename == 'no_cache')) { $path2 = get_custom_file_base() . '/themes/' . $theme_orig . '/templates_cached/' . filter_naughty($lang) . '/'; $myfile = @fopen($path2 . filter_naughty($_codename) . $suffix . '.tcp', 'wb'); if ($myfile === false) { @mkdir(dirname($path2), 0777); fix_permissions(dirname($path2), 0777); sync_file(dirname($path2)); if (@mkdir($path2, 0777)) { fix_permissions($path2, 0777); sync_file($path2); } else { if ($codename == 'SCREEN_TITLE') { critical_error('PASSON', do_lang('WRITE_ERROR', escape_html($path2 . filter_naughty($_codename) . $suffix . '.tcp'))); } // Bail out hard if would cause a loop intelligent_write_error($path2 . filter_naughty($_codename) . $suffix . '.tcp'); } } else { $data_to_write = '<' . '?php' . chr(10) . $result->to_assembly($lang) . chr(10) . '?' . '>'; if (fwrite($myfile, $data_to_write) >= strlen($data_to_write)) { // Success fclose($myfile); require_code('files'); fix_permissions($path2 . filter_naughty($_codename) . $suffix . '.tcp'); } else { // Failure fclose($myfile); @unlink($path2 . filter_naughty($_codename) . $suffix . '.tcp'); // Can't leave this around, would cause problems } } } return $result; }