function elFinder_tinymce($discard) { $file = FULLWEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/elFinder/elfinder.php?XSRFToken=' . getXSRFToken('elFinder'); ?> <script type="text/javascript"> // <!-- <![CDATA[ function elFinderBrowser(field_name, url, type, win) { tinymce.activeEditor.windowManager.open({ file: '<?php echo $file; ?> ', // use an absolute path! title: 'elFinder 2.0', width: 900, height: 450, close_previous: 'no', inline: 'yes', // This parameter only has an effect if you use the inlinepopups plugin! popup_css: false, // Disable TinyMCE's default popup CSS resizable: 'yes' }, { setUrl: function(url) { win.document.getElementById(field_name).value = url; } }); return false; } // ]]> --> </script> <?php return 'elFinderBrowser'; }
echo gettext('Zenphoto License agreement'); ?> </h1> <div id="container"> <p class="notebox"> <?php printf(gettext('This license is in English because the <em>Free Software Foundation</em> does not approve translations as officially valid. Unofficial translations are available <a href="%s">here</a>.'), 'http://www.gnu.org/licenses/old-licenses/gpl-2.0-translations.html'); ?> </p> <?php if (!getOption('license_accepted')) { $_SESSION['license_return'] = getRequestURI(); ?> <p class="buttons"> <a href="<?php echo FULLWEBPATH . '/' . ZENFOLDER . '/license.php?licenseAccept&XSRFToken=' . getXSRFToken('ZenphotoLicense'); ?> " alt="<?php echo gettext('You must accept this license to continue to use Zenphoto.'); ?> "><?php echo gettext('I agree to these terms and conditions'); ?> </a> </p> <br class="clearall" /> <?php } ?> <br class="clearall" /> <div class="tabbox">
<script type="text/javascript"> // <!-- <![CDATA[ function handleSelectorChange(type) { $('#add,#titlelabel,#link_row,#link,#link_label,#visible_row,#show_visible,#span_row').show(); $('#include_li_label').hide(); $('#type').val(type); $('#link_label').html('<?php echo js_encode(gettext('URL')); ?> '); $('#titlelabel').html('<?php echo js_encode(gettext('Title')); ?> '); $('#XSRFToken').val('<?php echo getXSRFToken('update_menu'); ?> '); switch (type) { case 'all_items': $('#albumselector,#pageselector,#categoryselector,#custompageselector,#titleinput,#titlelabel,#link_row,#visible_row,#span_row').hide(); $('#selector').html('<?php echo js_encode(gettext("All menu items")); ?> '); $('#description').html('<?php echo js_encode(gettext('This adds menu items for all zenphoto objects. (It creates a "default" menuset.)')); ?> '); break; case "galleryindex":
query($sql); $sql = "UPDATE " . prefix('images') . " SET `mtime`=0 {$imagewhere};"; query($sql); } if (!empty($folder) && empty($id)) { echo "<p> " . sprintf(gettext("<em>%s</em> not found"), $folder) . "</p>"; } else { if (empty($r)) { echo "<p>" . $allset . "</p>"; } else { echo "<p>" . sprintf(gettext("We are all set to refresh the metadata for <em>%s</em>"), $r) . "</p>"; } echo '<p>' . gettext('This process should start automatically. If not press: ') . '</p>'; ?> <p><a href="<?php echo $starturl . '&XSRFToken=' . getXSRFToken('refresh'); ?> " title="<?php echo gettext("Refresh image metadata."); ?> " style="font-size: 15pt; font-weight: bold;"> <?php echo gettext("Go!"); ?> </a> </p> <?php } } echo "\n" . '</div>';
<button type="reset" onclick="$('.copydelete').hide();"> <img src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /images/reset.png" alt="" /> <strong><?php echo gettext("Reset"); ?> </strong> </button> <div class="floatright"> <strong><a href="admin-edit.php?<?php echo $admintype; ?> &add&XSRFToken=<?php echo getXSRFToken('add'); ?> " title="<?php echo $additem; ?> "><img src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /images/add.png" alt="" /> <?php echo $additem; ?> </a></strong> <?php if (!$result->transient) { if (is_AdminEditPage("newscategory")) { ?>
/** * Starts a sechedule script run * @param string $script The script file to load * @param array $params "POST" parameters * @param bool $inline set to true to run the task "in-line". Set false run asynchronously */ function cron_starter($script, $params, $offsetPath, $inline = false) { global $_zp_authority, $_zp_loggedin, $_zp_current_admin_obj, $_zp_HTML_cache; $admin = $_zp_authority->getMasterUser(); if ($inline) { $_zp_current_admin_obj = $admin; $_zp_loggedin = $_zp_current_admin_obj->getRights(); foreach ($params as $key => $value) { if ($key == 'XSRFTag') { $key = 'XSRFToken'; $value = getXSRFToken($value); } $_POST[$key] = $_GET[$key] = $_REQUEST[$key] = $value; } require_once $script; } else { $auth = sha1($script . serialize($admin)); $paramlist = 'link=' . $script; foreach ($params as $key => $value) { $paramlist .= '&' . $key . '=' . $value; } $paramlist .= '&auth=' . $auth . '&offsetPath=' . $offsetPath; $_zp_HTML_cache->abortHTMLCache(); ?> <script type="text/javascript"> // <!-- <![CDATA[ $.ajax({ type: 'POST', cache: false, data: '<?php echo $paramlist; ?> ', url: '<?php echo WEBPATH . '/' . ZENFOLDER; ?> /cron_runner.php' }); // ]]> --> </script> <?php } }
} if ($commentexists_count != 0) { $postinfo .= '<li class="import-exists">' . sprintf(ngettext('%1$u comment already exists.', '%1$u comments already exist.', $commentexists_count), $commentexists_count) . '</li>'; } if ($commentcount != 0) { $postinfo .= '<li class="import-success">' . sprintf(ngettext('%1$u comment imported.', '%1$u comments imported.', $commentcount), $commentcount) . '</li>'; } } else { $postinfo .= '<ul><li class="import-nothing">' . gettext('No comments to import') . '</li>'; } debugLogVar('Wordpress import - Comments for "' . $post['title'] . '" (' . $post['type'] . ')', $comments); $postinfo .= '</ul></li>'; $postcount++; } // posts foreach $metaURL = 'wordpress_import.php?refresh=' . $postcount . '&dbname=' . $wp_dbname . '&dbuser='******'&dbpass='******'&dbhost=' . $wp_dbhost . '&tableprefix=' . $wp_prefix . '&convertlinefeeds=' . getcheckboxState('convertlinefeeds') . '&XSRFToken=' . getXSRFToken('wordpress'); } else { // if posts are available at all $metaURL = ''; // to be sure... $postinfo .= "<li class='import-nothing'>" . gettext("No posts or pages to import.") . "</li>"; } } // if db data set $zenphoto_tabs['overview']['subtabs'] = array(gettext('Wordpress') => ''); printAdminHeader('overview', 'wordpress'); if (!empty($metaURL) && $postcount < $posttotalcount) { ?> <meta http-equiv="refresh" content="1; url=<?php echo $metaURL; ?>
/** * Checks for Cross Site Request Forgeries * @param string $action */ function XSRFdefender($action) { $token = getXSRFToken($action); if (!isset($_REQUEST['XSRFToken']) || $_REQUEST['XSRFToken'] != $token) { zp_apply_filter('admin_XSRF_access', false, $action); header("HTTP/1.0 302 Found"); header("Status: 302 Found"); header('Location: ' . FULLWEBPATH . '/' . ZENFOLDER . '/admin.php?action=external&error&msg=' . sprintf(gettext('ā%sā Cross Site Request Forgery blocked.'), $action)); exitZP(); } unset($_REQUEST['XSRFToken']); unset($_POST['XSRFToken']); unset($_GET['XSRFToken']); }
/** * Prints the table part of a single page item for the sortable pages list * * @param object $page The array containing the single page * @param bool $flag set to true to flag the element as having a problem with nesting level */ function printItemsListTable($item, $flag) { $gallery = new Gallery(); ?> <div class="page-list_row"> <div class="page-list_title"> <?php $array = getItemTitleAndURL($item); printItemEditLink($item); ?> </div> <div class="page-list_extra"><?php echo html_encode(truncate_string($array['name'], 40, '...')); ?> </div> <div class="page-list_extra"><em><?php echo $item['type']; ?> </em></div> <div class="page-list_iconwrapper"> <div class="page-list_icon"> <?php if ($array['protected']) { ?> <img src="../../images/lock_2.png" alt="<?php echo gettext("The object of this menu is under password protection"); ?> " title="<?php echo gettext("The object of this menu is under password protection"); ?> " style="border: 0px;" /> <?php } else { ?> <img src="../../images/place_holder_icon.png" alt="<?php echo gettext("under password protection"); ?> "style="border: 0px;" /> <?php } ?> </div> <div class="page-list_icon"> <?php if ($item['show'] === '1') { ?> <a href="menu_tab.php?publish&id=<?php echo $item['id'] . "&show=0"; ?> &add&XSRFToken=<?php echo getXSRFToken('update_menu'); ?> " title="<?php echo gettext('hide'); ?> " > <img src="../../images/pass.png" alt="<?php echo gettext('hide'); ?> " style="border: 0px;" /> </a> <?php } else { ?> <a href="menu_tab.php?publish&id=<?php echo $item['id'] . "&show=1"; ?> &add&XSRFToken=<?php echo getXSRFToken('update_menu'); ?> " title="<?php echo gettext('show'); ?> "> <img src="../../images/action.png" alt="<?php echo gettext('show'); ?> " style="border: 0px;" /> </a> <?php } ?> </div> <div class="page-list_icon"> <?php switch ($item['type']) { default: if (!empty($array['url'])) { ?> <a href="<?php echo $array['url']; ?> "> <img src="../../images/view.png" alt="<?php echo gettext('view'); ?> " title="<?php echo gettext('view'); ?> " style="border: 0px;" /> </a> <?php break; } case 'menulabel': case 'menufunction': case 'html': ?> <img src="../../images/icon_inactive.png" alt="" style="border: 0px;" /> <?php break; } ?> </div> <div class="page-list_icon"> <a href="javascript:deleteMenuItem('<?php echo $item['id']; ?> ','<?php printf(gettext('Ok to delete %s? This cannot be undone.'), html_encode($array['name'])); ?> ');" > <img src="../../images/fail.png" alt="<?php echo gettext('delete'); ?> " title="<?php echo gettext('delete'); ?> " style="border: 0px;" /> </a> </div> <div class="page-list_icon"> <input class="checkbox" type="checkbox" name="ids[]" value="<?php echo html_encode($item['id']); ?> " onclick="triggerAllBox(this.form, 'ids[]', this.form.allbox);" /> </div> </div> </div> <?php }
function upload_extra($uploadlimit, $passedalbum) { global $_zp_current_admin_obj, $upload_extensions; ?> <script type="text/javascript"> // <!-- <![CDATA[ if (FlashDetect.installed) { $(document).ready(function() { $('#fileUpload').uploadify({ 'uploader': '<?php echo WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER; ?> /uploader_flash/uploadify.swf', 'cancelImg': 'images/fail.png', 'script': '<?php echo WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER; ?> /uploader_flash/uploader.php', 'scriptData': { 'auth': '<?php echo $_zp_current_admin_obj->getPass(); ?> ', 'id': '<?php echo $_zp_current_admin_obj->getID(); ?> ', 'XSRFToken': '<?php echo getXSRFToken('upload'); ?> ' }, 'folder': '/', 'multi': true, <?php $uploadbutton = SERVERPATH . '/' . ZENFOLDER . '/locale/' . getOption('locale') . '/select_files_button.png'; if (!file_exists($uploadbutton)) { $uploadbutton = SERVERPATH . '/' . ZENFOLDER . '/images/select_files_button.png'; } $discard = NULL; $info = zp_imageDims($uploadbutton, $discard); if ($info['height'] > 60) { $info['height'] = round($info['height'] / 3); $rollover = "'rollover': true,"; } else { $rollover = ""; } $uploadbutton = str_replace(SERVERPATH, WEBPATH, $uploadbutton); ?> 'buttonImg': '<?php echo $uploadbutton; ?> ', 'height': '<?php echo $info['height']; ?> ', 'width': '<?php echo $info['width']; ?> ', <?php echo $rollover; ?> 'checkScript': '<?php echo WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER; ?> /uploader_flash/check.php', 'displayData': 'speed', 'simUploadLimit': 3, 'sizeLimit': <?php echo $uploadlimit; ?> , 'onAllComplete': function(event, data) { if (data.errors) { return false; } else { <?php if (zp_loggedin(ALBUM_RIGHTS | MANAGE_ALL_ALBUM_RIGHTS)) { ?> launchScript('admin-edit.php',['page=edit','subpage=1','tab=imageinfo','album='+encodeURIComponent($('#folderdisplay').val()),'uploaded=1','albumimagesort=id_desc']); <?php } else { ?> launchScript('admin-upload.php',['uploaded=1']); <?php } ?> } }, 'fileDesc': '<?php echo gettext('Zenphoto supported file types | all files'); ?> ', 'fileExt': '<?php $list = implode(';*.', $upload_extensions); echo '*.' . $list . ' | *.*'; ?> ' }); }); } // ]]> --> </script> <div id="fileUpload" style="color:red"> <?php echo gettext("There appears to be no <em>Flash</em> plugin installed in your browser."); ?> </div> <p class="buttons" id="fileUploadbuttons" style="display: none;"> <a href="javascript:$('#fileUpload').uploadifySettings('folder','/'+$('#publishalbumslot').val()+':'+$('#folderdisplay').val()+':'+$('#albumtitle').val()); $('#fileUpload').uploadifyUpload()"><img src="images/pass.png" alt="" /><?php echo gettext("Upload"); ?> </a> <a href="javascript:$('#fileUpload').uploadifyClearQueue()"><img src="images/fail.png" alt="" /><?php echo gettext("Cancel"); ?> </a> <br clear="all" /><br /> </p> <?php }
</p> <?php if (!extensionEnabled('downloadList')) { echo '<strong>' . gettext('The downloadList plugin is not active') . '</strong>'; } else { ?> <p class="buttons"><a href="?removeoutdateddownloads&XSRFToken=<?php echo getXSRFToken('removeoutdateddownloads'); ?> "><?php echo gettext('Clear outdated downloads from database'); ?> </a></p> <p class="buttons"><a href="?removealldownloads&XSRFToken=<?php echo getXSRFToken('removealldownloads'); ?> "><?php echo gettext('Clear all downloads from database'); ?> </a></p><br class="clearall" /> <br class="clearall" /><br /> <?php printBarGraph(); } ?> </div> </div><!-- content --> <?php printAdminFooter();
static function admin_toolbox_news($redirect, $zf) { global $_zp_CMS, $_zp_current_category, $_zp_current_article; if (is_NewsArticle()) { if (zp_loggedin(ZENPAGE_NEWS_RIGHTS) && $_zp_CMS && $_zp_CMS->news_enabled) { // page is a NewsArticle--provide zenpage edit, delete, and Add links echo "<li><a href=\"" . $zf . '/' . PLUGIN_FOLDER . "/zenpage/admin-edit.php?newsarticle&edit&titlelink=" . html_encode($_zp_current_article->getTitleLink()) . "&subpage=object\">" . gettext("Edit Article") . "</a></li>"; if (GALLERY_SESSION) { // XSRF defense requires sessions ?> <li> <a href="javascript:confirmDelete('<?php echo $zf . '/' . PLUGIN_FOLDER; ?> /zenpage/admin-news.php?del=<?php echo getNewsID(); ?> &XSRFToken=<?php echo getXSRFToken('delete'); ?> ',deleteArticle)" title="<?php echo gettext("Delete article"); ?> "><?php echo gettext("Delete Article"); ?> </a> </li> <?php } echo "<li><a href=\"" . $zf . '/' . PLUGIN_FOLDER . "/zenpage/admin-edit.php?newsarticle&add\">" . gettext("Add Article") . "</a></li>"; } $redirect .= '&title=' . urlencode($_zp_current_article->getTitlelink()); } else { if (!empty($_zp_current_category)) { $redirect .= '&category=' . $_zp_current_category->getTitlelink(); } } return $redirect; }
zp_apply_filter('admin_note', 'upload', $subtab); ?> <h1><?php echo $title; ?> </h1> <script type="text/javascript"> $().ready(function () { var elf = $('#elfinder').elfinder({ lang: '<?php echo $locale; ?> ', // language (OPTIONAL) customData: { 'XSRFToken': '<?php echo getXSRFToken('elFinder'); ?> ', 'zp_user_auth': '<?php echo zp_getCookie('zp_user_auth'); ?> ', <?php if ($theme) { if (zp_loggedin(THEMES_RIGHTS) && is_dir(SERVERPATH . '/' . THEMEFOLDER . '/' . $theme)) { ?> 'themeEdit': '<?php echo $theme; ?> ', <?php
} ?> </td> <td style="border-top: 4px solid #D1DBDF;" valign="top"> <?php if (!empty($groupname)) { $msg = gettext('Are you sure you want to delete this group?'); ?> <a href="javascript:if(confirm(<?php echo "'" . $msg . "'"; ?> )) { launchScript('',['action=deletegroup','group=<?php echo addslashes($groupname); ?> ','XSRFToken=<?php echo getXSRFToken('deletegroup'); ?> ']); }" title="<?php echo gettext('Delete this group.'); ?> " style="color: #c33;"> <img src="../../images/fail.png" style="border: 0px;" alt="Delete" /> </a> <?php } ?> </td> </tr> <?php $id++;
"; var deleteAlbum2 = "<?php echo gettext("Are you Absolutely Positively sure you want to delete the album? THIS CANNOT BE UNDONE!"); ?> "; function newAlbum(folder,albumtab) { var album = prompt('<?php echo gettext('New album name?'); ?> ', '<?php echo gettext('new album'); ?> '); if (album) { launchScript('',['action=newalbum','album='+folder,'name='+encodeURIComponent(album),'albumtab='+albumtab,'XSRFToken=<?php echo getXSRFToken('newalbum'); ?> ']); } } function confirmAction() { if ($('#checkallaction').val() == 'deleteall') { return confirm('<?php echo js_encode(gettext("Are you sure you want to delete the checked items?")); ?> '); } else { return true; } } // ]]> -->
static function albumbutton($html, $object, $prefix) { $html .= '<hr />'; if (query_single_row('SELECT * FROM ' . prefix('plugin_storage') . ' WHERE `type`="cacheManager" LIMIT 1')) { $disable = ''; $title = gettext('Finds images that have not been cached and creates the cached versions.'); } else { $disable = ' disabled="disabled"'; $title = gettext("You must first set the plugin options for cached image parameters."); } $html .= '<div class="button buttons tooltip" title="' . $title . '"><a href="' . WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/cacheManager/cacheImages.php?album=' . html_encode($object->name) . '&XSRFToken=' . getXSRFToken('cacheImages') . '"' . $disable . '><img src="images/cache.png" />' . gettext('Cache album images') . '</a><br class="clearall" /></div>'; return $html; }
/** * Prints the publish/un-published/scheduled publishing icon with a link for the pages and news articles list. * * @param string $object Object of the page or news article to check * @return string */ function printPublishIconLink($object, $type) { $urladd1 = ""; $urladd2 = ""; $urladd3 = ""; if ($type == "news") { if (isset($_GET['page'])) { $urladd1 = "&page=" . $_GET['page']; } if (isset($_GET['date'])) { $urladd2 = "&date=" . $_GET['date']; } if (isset($_GET['category'])) { $urladd3 = "&category=" . $_GET['category']; } } if ($object->getDateTime() > date('Y-m-d H:i:s')) { if ($object->getShow()) { $title = gettext("Publish immediately (skip scheduling)"); ?> <a href="?skipscheduling=1&titlelink=<?php echo html_encode($object->getTitlelink()) . $urladd1 . $urladd2 . $urladd3; ?> &XSRFToken=<?php echo getXSRFToken('update'); ?> " title="<?php echo $title; ?> "> <img src="images/clock.png" alt="<?php gettext("Scheduled for published"); ?> " title="<?php echo $title; ?> " /></a> <?php } else { $title = gettext("Enable scheduled publishing"); ?> <a href="?publish=1&titlelink=<?php echo html_encode($object->getTitlelink()) . $urladd1 . $urladd2 . $urladd3; ?> &XSRFToken=<?php echo getXSRFToken('update'); ?> " title="<?php echo $title; ?> "> <img src="../../images/action.png" alt="<?php echo gettext("Un-published"); ?> " title="<?php echo $title; ?> " /></a> <?php } } else { if ($object->getShow()) { $title = gettext("Un-publish"); ?> <a href="?publish=0&titlelink=<?php echo html_encode($object->getTitlelink()) . $urladd1 . $urladd2 . $urladd3; ?> &XSRFToken=<?php echo getXSRFToken('update'); ?> " title="<?php echo $title; ?> "> <img src="../../images/pass.png" alt="<?php echo gettext("Published"); ?> " title="<?php echo $title; ?> " /></a> <?php } else { $dt = $object->getExpireDate(); if (empty($dt)) { $title = gettext("Publish"); ?> <a href="?publish=1&titlelink=<?php echo html_encode($object->getTitlelink()) . $urladd1 . $urladd2 . $urladd3; ?> &XSRFToken=<?php echo getXSRFToken('update'); ?> "> <?php } else { $title = gettext("Publish (override expiration)"); ?> <a href="?publish=2&titlelink=<?php echo html_encode($object->getTitlelink()) . $urladd1 . $urladd2 . $urladd3; ?> &XSRFToken=<?php echo getXSRFToken('update'); ?> "> <?php } ?> <img src="../../images/action.png" alt="<?php echo gettext("Un-published"); ?> " title= "<?php echo $title; ?> " /></a> <?php } } }
<?php /** * This template is used to generate cache images. Running it will process the entire gallery, * supplying an album name (ex: loadAlbums.php?album=newalbum) will only process the album named. * Passing clear=on will purge the designated cache before generating cache images * @package plugins */ // force UTF-8 Ć define('OFFSET_PATH', 3); require_once "../../admin-globals.php"; require_once SERVERPATH . '/' . ZENFOLDER . '/template-functions.php'; require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/cacheManager/functions.php'; admin_securityChecks(NULL, $return = currentRelativeURL()); XSRFdefender('cacheDBImages'); $zenphoto_tabs['overview']['subtabs'] = array(gettext('Cache images') => PLUGIN_FOLDER . '/cacheManager/cacheImages.php?page=overview&tab=images', gettext('Cache stored images') => PLUGIN_FOLDER . '/cacheManager/cacheDBImages.php?page=overview&tab=DB&XSRFToken=' . getXSRFToken('cacheDBImages')); printAdminHeader('overview', 'DB'); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs(); echo "\n" . '<div id="content">'; printSubtabs('Cache'); ?> <div class="tabbox"> <?php zp_apply_filter('admin_note', 'cache', ''); ?> <p class="notebox"> <?php
echo $count; ?> </div> </td> </tr> <?php } ?> </table> <?php } if (zp_loggedin(ADMIN_RIGHTS)) { ?> <p class="buttons"> <a href="?reset&XSRFToken=<?php echo getXSRFToken('search_statistics'); ?> "><?php echo gettext('reset'); ?> </a> </p> <br class="clearall" /> <p> <a href="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /admin-options.php?tab=plugin&show-search_statistics#search_statistics" ><?php echo gettext('Change <em>Threshold</em> values'); ?> </a>
/** * Prints the table part of a single page item for the sortable pages list * * @param object $page The array containing the single page * @param bool $flag set to true to flag the element as having a problem with nesting level */ function printItemsListTable($item, $flag) { global $_zp_gallery; $array = getItemTitleAndURL($item); if ($array['valid']) { switch ($item['type']) { case "album": $link = '<a href="../../admin-edit.php?page=edit&album=' . html_encode($item['link']) . '">' . html_encode(truncate_string($item['link'], 40, '...')) . '</a>'; break; case "zenpagenewsindex": if (!class_exists('zenpage')) { $link = '<span class="notebox">' . gettext('Zenpage CMS plugin required for this item type!') . '</span>'; } break; case "zenpagepage": if (class_exists('zenpage')) { $link = '<a href="../zenpage/admin-edit.php?page&titlelink=' . html_encode($item['link']) . '">' . html_encode(truncate_string($item['link'], 40, '...')) . '</a>'; } else { $link = '<span class="notebox">' . gettext('Zenpage CMS plugin required for this item type!') . '</span>'; } break; case "zenpagecategory": if (class_exists('zenpage')) { $link = '<a href="../zenpage/admin-edit.php?newscategory&titlelink=' . html_encode($item['link']) . '">' . html_encode(truncate_string($item['link'], 40, '...')) . '</a>'; } else { $link = '<span class="notebox">' . gettext('Zenpage CMS plugin required for this item type!') . '</span>'; } break; case 'customlink': $link = '<a href="' . html_encode($item['link']) . '">' . html_encode(truncate_string($item['link'], 40, '...')) . '</a>'; break; case 'menulabel': $link = ''; break; default: $link = html_encode(truncate_string($item['link'], 40, '...')); break; } } else { $link = '<span class="notebox">' . sprintf(gettext('Target does not exists in <em>%1$s</em> theme'), $array['theme']) . '</span>'; } ?> <div class="page-list_row"> <div class="page-list_title"> <?php printItemEditLink($item); ?> </div> <div class="page-list_extra"> <em><?php echo $item['type']; ?> </em> </div> <div class="page-list_extra"> <?php echo $link; ?> </div> <div class="page-list_iconwrapper"> <div class="page-list_icon"> <?php if ($array['protected']) { ?> <img src="../../images/lock_2.png" alt="<?php echo gettext("The object of this menu is under password protection"); ?> " title="<?php echo gettext("The object of this menu is under password protection"); ?> " style="border: 0px;" /> <?php } else { ?> <img src="../../images/place_holder_icon.png" alt="<?php echo gettext("under password protection"); ?> " style="border: 0px;" /> <?php } ?> </div> <div class="page-list_icon"> <?php if ($item['show'] === '1') { ?> <a href="menu_tab.php?publish&id=<?php echo $item['id'] . "&show=0"; ?> &add&XSRFToken=<?php echo getXSRFToken('update_menu'); ?> " title="<?php echo gettext('hide'); ?> " > <img src="../../images/pass.png" alt="<?php echo gettext('hide'); ?> " style="border: 0px;" /> </a> <?php } else { ?> <a href="menu_tab.php?publish&id=<?php echo $item['id'] . "&show=1"; ?> &add&XSRFToken=<?php echo getXSRFToken('update_menu'); ?> " title="<?php echo gettext('show'); ?> "> <img src="../../images/action.png" alt="<?php echo gettext('show'); ?> " style="border: 0px;" /> </a> <?php } ?> </div> <div class="page-list_icon"> <?php switch ($item['type']) { default: if (!empty($array['url'])) { ?> <a href="<?php echo $array['url']; ?> "> <img src="../../images/view.png" alt="<?php echo gettext('view'); ?> " title="<?php echo gettext('view'); ?> " style="border: 0px;" /> </a> <?php break; } case 'menulabel': case 'menufunction': case 'html': ?> <img src="../../images/icon_inactive.png" alt="" style="border: 0px;" /> <?php break; } ?> </div> <div class="page-list_icon"> <a href="javascript:deleteMenuItem('<?php echo $item['id']; ?> ','<?php printf(gettext('Ok to delete %s? This cannot be undone.'), html_encode($array['name'])); ?> ');" > <img src="../../images/fail.png" alt="<?php echo gettext('delete'); ?> " title="<?php echo gettext('delete'); ?> " style="border: 0px;" /> </a> </div> <div class="page-list_icon"> <input class="checkbox" type="checkbox" name="ids[]" value="<?php echo html_encode($item['id']); ?> " onclick="triggerAllBox(this.form, 'ids[]', this.form.allbox);" /> </div> </div> </div> <?php }
/** * Prints the clickable drop down toolbox on any theme page with generic admin helpers * */ function adminToolbox() { global $_zp_current_album, $_zp_current_image, $_zp_current_search, $_zp_gallery_page, $_zp_gallery, $_zp_current_admin_obj, $_zp_loggedin; if (zp_loggedin()) { $zf = PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . WEBPATH . "/" . ZENFOLDER; $page = getCurrentPage(); ob_start(); ?> <script type="text/javascript"> // <!-- <![CDATA[ function newAlbum(folder, albumtab) { var album = prompt('<?php echo gettext('New album name?'); ?> ', '<?php echo gettext('new album'); ?> '); if (album) { launchScript('<?php echo $zf; ?> /admin-edit.php', ['action=newalbum', 'album=' + encodeURIComponent(folder), 'name=' + encodeURIComponent(album), 'albumtab=' + albumtab, 'XSRFToken=<?php echo getXSRFToken('newalbum'); ?> ']); } } // ]]> --> </script> <div id="zp__admin_module"> <a id="zp__admin_link" href="javascript:toggle('zp__admin_data');"> <span>ZP</span> <h3><?php echo $_zp_current_admin_obj->getUser(); ?> </h3> </a> <div id="zp__admin_data" style="display: none;"> <ul style="list-style-type: none;" > <?php $outputA = ob_get_contents(); ob_end_clean(); ob_start(); if (zp_loggedin(OVERVIEW_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin.php', gettext("Overview"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(UPLOAD_RIGHTS | FILES_RIGHTS | THEMES_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-upload.php', gettext("Upload"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(ALBUM_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-edit.php', gettext("Albums"), NULL, NULL, NULL); ?> </li> <?php } zp_apply_filter('admin_toolbox_global', $zf); if (zp_loggedin(TAGS_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-tags.php', gettext("Tags"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(USER_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-users.php', gettext("Users"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(OPTIONS_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-options.php?tab=general', gettext("Options"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(THEMES_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-themes.php', gettext("Themes"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(ADMIN_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-plugins.php', gettext("Plugins"), NULL, NULL, NULL); ?> </li> <li> <?php printLinkHTML($zf . '/admin-logs.php', gettext("Logs"), NULL, NULL, NULL); ?> </li> <?php } $gal = getOption('custom_index_page'); if (empty($gal) || !file_exists(SERVERPATH . '/' . THEMEFOLDER . '/' . $_zp_gallery->getCurrentTheme() . '/' . internalToFilesystem($gal) . '.php')) { $gal = 'index.php'; } else { $gal .= '.php'; } $inImage = false; switch ($_zp_gallery_page) { case 'index.php': case $gal: // script is either index.php or the gallery index page if (zp_loggedin(ADMIN_RIGHTS)) { ?> <li> <?php printLinkHTML($zf . '/admin-edit.php?page=edit', gettext("Sort Gallery"), NULL, NULL, NULL); ?> </li> <?php } if (zp_loggedin(UPLOAD_RIGHTS)) { // admin has upload rights, provide an upload link for a new album if (GALLERY_SESSION) { // XSRF defense requires sessions ?> <li> <a href="javascript:newAlbum('',true);"><?php echo gettext("New Album"); ?> </a> </li> <?php } } if ($_zp_gallery_page == 'index.php') { $redirect = ''; } else { $redirect = "&p=" . urlencode(stripSuffix($_zp_gallery_page)); } if ($page > 1) { $redirect .= "&page={$page}"; } zp_apply_filter('admin_toolbox_gallery', $zf); break; case 'image.php': $inImage = true; // images are also in albums[sic] // images are also in albums[sic] case 'album.php': // script is album.php $albumname = $_zp_current_album->name; if ($_zp_current_album->isMyItem(ALBUM_RIGHTS)) { // admin is empowered to edit this album--show an edit link ?> <li> <?php printLinkHTML($zf . '/admin-edit.php?page=edit&album=' . pathurlencode($_zp_current_album->name), gettext('Edit album'), NULL, NULL, NULL); ?> </li> <?php if (!$_zp_current_album->isDynamic()) { if ($_zp_current_album->getNumAlbums()) { ?> <li> <?php printLinkHTML($zf . '/admin-edit.php?page=edit&album=' . pathurlencode($albumname) . '&tab=subalbuminfo', gettext("Sort subalbums"), NULL, NULL, NULL); ?> </li> <?php } if ($_zp_current_album->getNumImages() > 0) { ?> <li> <?php printLinkHTML($zf . '/admin-albumsort.php?page=edit&album=' . pathurlencode($albumname) . '&tab=sort', gettext("Sort images"), NULL, NULL, NULL); ?> </li> <?php } } // and a delete link if (GALLERY_SESSION) { // XSRF defense requires sessions ?> <li> <a href="javascript:confirmDeleteAlbum('<?php echo $zf; ?> /admin-edit.php?page=edit&action=deletealbum&album=<?php echo urlencode(pathurlencode($albumname)); ?> &XSRFToken=<?php echo getXSRFToken('delete'); ?> ');" title="<?php echo gettext('Delete the album'); ?> "><?php echo gettext('Delete album'); ?> </a> </li> <?php } } if ($_zp_current_album->isMyItem(UPLOAD_RIGHTS) && !$_zp_current_album->isDynamic()) { // provide an album upload link if the admin has upload rights for this album and it is not a dynamic album ?> <li> <?php printLinkHTML($zf . '/admin-upload.php?album=' . pathurlencode($albumname), gettext("Upload Here"), NULL, NULL, NULL); ?> </li> <?php if (GALLERY_SESSION) { // XSRF defense requires sessions ?> <li> <a href="javascript:newAlbum('<?php echo pathurlencode($albumname); ?> ',true);"><?php echo gettext("New Album Here"); ?> </a> </li> <?php } } zp_apply_filter('admin_toolbox_album', $albumname, $zf); if ($inImage) { // script is image.php $imagename = $_zp_current_image->filename; if (!$_zp_current_album->isDynamic()) { // don't provide links when it is a dynamic album if ($_zp_current_album->isMyItem(ALBUM_RIGHTS)) { // if admin has edit rights on this album, provide a delete link for the image. if (GALLERY_SESSION) { // XSRF defense requires sessions ?> <li> <a href="javascript:confirmDelete('<?php echo $zf; ?> /admin-edit.php?page=edit&action=deleteimage&album=<?php echo urlencode(pathurlencode($albumname)); ?> &image=<?php echo urlencode($imagename); ?> &XSRFToken=<?php echo getXSRFToken('delete'); ?> ',deleteImage);" title="<?php echo gettext("Delete the image"); ?> "><?php echo gettext("Delete image"); ?> </a> </li> <?php } ?> <li> <a href="<?php echo $zf; ?> /admin-edit.php?page=edit&album=<?php echo pathurlencode($albumname); ?> &singleimage=<?php echo urlencode($imagename); ?> &tab=imageinfo&nopagination" title="<?php echo gettext('Edit image'); ?> "><?php echo gettext('Edit image'); ?> </a> </li> <?php } // set return to this image page zp_apply_filter('admin_toolbox_image', $albumname, $imagename, $zf); } $redirect = "&album=" . html_encode(pathurlencode($albumname)) . "&image=" . urlencode($imagename); } else { // set the return to this album/page $redirect = "&album=" . html_encode(pathurlencode($albumname)); if ($page > 1) { $redirect .= "&page={$page}"; } } break; case 'search.php': $words = $_zp_current_search->getSearchWords(); if (!empty($words)) { // script is search.php with a search string if (zp_loggedin(UPLOAD_RIGHTS)) { $link = $zf . '/admin-dynamic-album.php?' . substr($_zp_current_search->getSearchParams(), 1); // if admin has edit rights allow him to create a dynamic album from the search ?> <li> <a href="<?php echo $link; ?> " title="<?php echo gettext('Create an album from the search'); ?> " ><?php echo gettext('Create Album'); ?> </a> </li> <?php } zp_apply_filter('admin_toolbox_search', $zf); } $redirect = "&p=search" . $_zp_current_search->getSearchParams() . "&page={$page}"; break; default: // arbitrary custom page $gal = stripSuffix($_zp_gallery_page); $redirect = "&p=" . urlencode($gal); if ($page > 1) { $redirect .= "&page={$page}"; } $redirect = zp_apply_filter('admin_toolbox_' . $gal, $redirect, $zf); break; } $redirect = zp_apply_filter('admin_toolbox_close', $redirect, $zf); if ($_zp_current_admin_obj->logout_link) { // logout link $sec = (int) (SERVER_PROTOCOL == 'https' & true); $link = SEO_FULLWEBPATH . '/index.php?logout=' . $sec . $redirect; ?> <li> <a href="<?php echo $link; ?> "><?php echo gettext("Logout"); ?> </a> </li> <?php } $outputB = ob_get_contents(); ob_end_clean(); if ($outputB) { echo $outputA . $outputB; ?> </ul> </div> </div> <?php } } }
echo gettext('Reset hitcounter'); ?> " /></a> </td> <?php } ?> <td class="page-list_icon"> <a href="javascript:confirmDelete('admin-news.php<?php echo $option . $divider; ?> delete=<?php echo $article->getTitlelink(); ?> &XSRFToken=<?php echo getXSRFToken('delete'); ?> ','<?php echo js_encode(gettext('Are you sure you want to delete this article? THIS CANNOT BE UNDONE!')); ?> ')" title="<?php echo gettext('Delete article'); ?> "> <img src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /images/fail.png" alt="" title="<?php echo gettext('Delete article'); ?> " /></a>
/** * * HTML for the configuration change notification */ function reconfigurePage($diff, $needs, $mandatory) { if (OFFSET_PATH) { $where = 'admin'; } else { $where = 'gallery'; } if (function_exists('getXSRFToken')) { $token = '&xsrfToken=' . getXSRFToken('setup'); } else { $token = ''; } $l1 = '<a href="' . WEBPATH . '/' . ZENFOLDER . '/setup.php?autorun=' . $where . $token . '">'; $l2 = '</a>'; ?> <div class="reconfigbox"> <h1> <?php echo gettext('ZenPhoto20 has detected a change in your installation.'); ?> </h1> <div id="errors"> <ul> <?php foreach ($diff as $thing => $rslt) { switch ($thing) { case 'SERVER_SOFTWARE': echo '<li>' . sprintf(gettext('Your server software has changed from %1$s to %2$s.'), $rslt['old'], $rslt['new']) . '</li>'; break; case 'DATABASE': $dbs = db_software(); echo '<li>' . sprintf(gettext('Your database software has changed from %1$s to %2$s.'), $rslt['old'], $rslt['new']) . '</li>'; break; case 'ZENPHOTO': echo '<li>' . sprintf(gettext('ZenPhoto20 %1$s has been copied over %2$s.'), ZENPHOTO_VERSION, $rslt['old']) . '</li>'; break; case 'FOLDER': echo '<li>' . sprintf(gettext('Your installation has moved from %1$s to %2$s.'), $rslt['old'], $rslt['new']) . '</li>'; break; case 'CONFIGURATION': echo '<li>' . gettext('Your installation configuration is damaged.') . ' ' . $rslt['old'] . '</li>'; $l1 = ''; break; case 'REQUESTS': if (!empty($rslt)) { echo '<li><div id="files">'; echo gettext('setup has been requested by:'); echo '<ul>'; foreach ($rslt['old'] as $request) { echo '<li>' . $request . '</li>'; } echo '</ul></div></li>'; } break; default: $sz = @filesize(SERVERPATH . '/' . ZENFOLDER . '/' . $thing); echo '<li>' . sprintf(gettext('The script <code>%1$s</code> has changed.'), $thing) . '</li>'; break; } } ?> </ul> </div> <p> <?php if ($mandatory) { printf(gettext('The change detected is critical. You <strong>must</strong> run %1$ssetup%2$s for your site to function.'), $l1, $l2); } else { printf(gettext('The change detected may not be critical but you should run %1$ssetup%2$s at your earliest convenience.'), $l1, $l2); } ?> </p> </div> <?php }
launchScript('',['deletemenuset=<?php echo html_encode($menuset); ?> ','XSRFToken=<?php echo getXSRFToken('delete_menu'); ?> ']); } }; function deleteMenuItem(item,warn) { if (confirm(warn)) { launchScript('',['delete','id='+item,'menuset=<?php echo $menuset; ?> ','XSRFToken=<?php echo getXSRFToken('delete_menu'); ?> ']); } } function confirmAction() { if ($('#checkallaction').val() == 'deleteall') { return confirm('<?php echo js_encode(gettext("Are you sure you want to delete the checked items?")); ?> '); } else { return true; } } // ]]> -->
<br class="clearall" /> </p> <br class="clearall" /> <?php } else { if (Zenphoto_Authority::getVersion() > Zenphoto_Authority::$preferred_version) { ?> <br class="clearall" /> <p class="notebox"> <?php printf(gettext('You may wish to revert the <em>Zenphoto_Authority</em> user rights to version %s for backwards compatibility with prior Zenphoto releases.'), Zenphoto_Authority::getVersion() - 1); ?> <br class="clearall" /> <span class="buttons"> <a onclick="launchScript('', ['action=migrate_rights', 'revert=true', 'XSRFToken=<?php echo getXSRFToken('migrate_rights'); ?> ']);"><?php echo gettext('Revert rights'); ?> </a> </span> <br class="clearall" /> </p> <br class="clearall" /> <?php } } } ?> <script type="text/javascript">
foreach ($albums as $key => $album) { if (hasDynamicAlbumSuffix($album)) { unset($albums[$key]); } else { if ($c) { echo ','; } echo "'" . $album . "'"; $c++; } } ?> ]; function reStart() { var datum = '?imagecount='+imagecount+'&albumcount='+albumcount+'&todo='+albumspending.join(',')+'&XSRFToken=<?php echo getXSRFToken('seo_cleanup'); ?> '; window.location = 'seo_cleanup.php'+datum; } //--> </script> <?php echo '</head>'; ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php
<?php /** * * Zenphoto cron task handler */ define('OFFSET_PATH', 1); require_once 'admin-globals.php'; $_zp_current_admin_obj = $_zp_loggedin = $_zp_null_account = NULL; $link = sanitize($_POST['link']); if (isset($_POST['auth'])) { $auth = sanitize($_POST['auth']); $admin = $_zp_authority->getAnAdmin(array('`user`=' => $_zp_authority->master_user, '`valid`=' => 1)); if (sha1($link . serialize($admin)) == $auth && $admin->getRights()) { $_zp_current_admin_obj = $admin; $_zp_loggedin = $admin->getRights(); } } admin_securityChecks(NULL, currentRelativeURL(__FILE__)); if (isset($_POST['XSRFTag'])) { $_REQUEST['XSRFToken'] = $_POST['XSRFToken'] = $_GET['XSRFToken'] = getXSRFToken(sanitize($_POST['XSRFTag'])); } else { unset($_POST['XSRFToken']); unset($_GET['XSRFToken']); unset($_REQUEST['XSRFToken']); } require_once $link;
?> "> <a href="admin-edit.php?action=refresh&album=<?php echo html_encode(pathurlencode($album->name)); ?> &image=<?php echo urlencode($image->filename); ?> &subpage=<?php echo $pagenum; ?> &tagsort=<?php echo html_encode($tagsort); ?> &XSRFToken=<?php echo getXSRFToken('imagemetadata'); ?> " > <img src="images/cache.png" alt="" /><?php echo gettext("Refresh Metadata"); ?> </a> <br class="clearall" /> </div> <?php if (isImagePhoto($image) || !is_null($image->objectsThumb)) { ?> <div class="button buttons tooltip" title="<?php printf(gettext('crop %s'), $image->filename); ?> ">
<body> <?php printLogoAndLinks(); ?> <div id="main"> <div id="content"> <h1><?php echo gettext('Setup request'); ?> </h1> <div class="tabbox"> <p> <?php if (zpFunctions::hasPrimaryScripts()) { if ($found) { echo '<a href="' . WEBPATH . '/' . ZENFOLDER . '/setup.php?xsrfToken=' . getXSRFToken('setup') . '">' . gettext('Click to restore the setup scripts and run setup.') . '</a>'; } else { printf(gettext('You must restore the setup files from the %1$s release.'), ZENPHOTO_VERSION); } } else { echo gettext('You must restore the setup files on your primary installation to run the setup operation.'); } ?> </p> </div> </div> </div> </body> </html> <?php }
echo WEBPATH . '/' . ZENFOLDER; ?> /images/icon_mail.png" style="border: 0px;" alt="<?php echo gettext('Reply'); ?> " /></a> </td> <td class="page-list_icon"> <a href="javascript:if(confirm('<?php echo gettext('Are you sure you want to delete this comment?'); ?> ')) { window.location='?action=deletecomment&id=<?php echo $id; ?> &XSRFToken=<?php echo getXSRFToken('deletecomment'); ?> '; }" title="<?php echo gettext('Delete this comment.'); ?> " > <img src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /images/fail.png" style="border: 0px;" alt="<?php echo gettext('Delete'); ?> " /></a></td> <td class="page-list_icon"><input type="checkbox" name="ids[]" value="<?php echo $id;