/**
* Register a callback for the given event(s)
*
* @throws iMSCP_Plugin_Exception
* @param iMSCP_Events_Manager_Interface $eventsManager
*/
public function register(iMSCP_Events_Manager_Interface $eventsManager)
{
if (!is_xhr()) {
// Do not act on AJAX request
$components = $this->getConfigParam('components');
if ($components) {
if (is_array($components)) {
foreach ($components as $component) {
require_once 'Component/' . $component . '.php';
$componentClass = "iMSCP_Plugin_DebugBar_Component_{$component}";
$component = new $componentClass();
if (!$component instanceof iMSCP_Plugin_DebugBar_Component_Interface) {
throw new iMSCP_Plugin_Exception('Any DebugBar component must implement the iMSCP_Plugin_DebugBar_Component_Interface interface.');
} else {
$events = $component->getListenedEvents();
if (!empty($events)) {
$eventsManager->registerListener($events, $component, $component->getPriority());
}
}
$this->components[] = $component;
}
$eventsManager->registerListener($this->getListenedEvents(), $this, -100);
} else {
throw new iMSCP_Plugin_Exception('DebugBar plugin: components parameter must be an array containing list of DeburBar components');
}
}
}
}
/**
* Runs initializer
*
* @throws iMSCP_Exception
* @param string|iMSCP_Config_Handler_File $command Initializer method or an iMSCP_Config_Handler_File object
* @param iMSCP_Config_Handler_File $config OPTIONAL iMSCP_Config_Handler_File object
* @return iMSCP_Initializer
*/
public static function run($command = 'processAll', iMSCP_Config_Handler_File $config = null)
{
if (!self::$_initialized) {
if ($command instanceof iMSCP_Config_Handler_File) {
$config = $command;
$command = 'processAll';
}
// Overrides _processAll command for CLI interface
if ($command == 'processAll' && PHP_SAPI == 'cli') {
$command = 'processCLI';
} elseif (is_xhr()) {
$command = 'processAjax';
}
$initializer = new self(is_object($config) ? $config : new iMSCP_Config_Handler_File());
$initializer->{$command}();
} else {
throw new iMSCP_Exception('i-MSCP is already fully initialized.');
}
return $initializer;
}
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_status_resp();
} elseif (isset($_GET['dprfile'])) {
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_dpr_message();
} elseif (isset($_GET['ebrfile'])) {
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_ebr_message();
} elseif (isset($_GET['fv997'])) {
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_997_message();
} elseif (isset($_GET['ackfile'])) {
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_ta1_message();
} elseif (isset($_GET['batchicn'])) {
$html_str = is_xhr() ? '' : ibr_html_heading('claimstatus');
$html_str .= ibr_disp_997_for_batch();
} elseif (array_key_exists('showlog', $_GET)) {
$la = filter_input(INPUT_GET, 'showlog', FILTER_SANITIZE_STRING);
$html_str = $la ? csv_log_html() : "input parameter error<br />";
} elseif (array_key_exists('archivelog', $_GET)) {
$la = filter_input(INPUT_GET, 'archivelog', FILTER_SANITIZE_STRING);
$html_str = $la ? csv_log_archive() : "input parameter error<br />";
} elseif (array_key_exists('getnotes', $_GET)) {
$la = filter_input(INPUT_GET, 'getnotes', FILTER_SANITIZE_STRING);
$html_str = $la ? ibr_history_notes() : "input parameter error<br />";
} else {
$html_str = "EDI History: unknown parameter<br />" . PHP_EOL;
//$html_str .= var_dump($_GET) . PHP_EOL;
}
} else {
write_log(sprintf('New domain alias `%s` has been added by %', $domainAliasName, $_SESSION['user_logged']), E_USER_NOTICE);
set_page_message(tr('Domain alias successfully scheduled for addition.'), 'success');
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
return true;
}
/***********************************************************************************************************************
* Main
*/
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onResellerScriptStart);
check_login('reseller');
resellerHasFeature('domain_aliases') && resellerHasCustomers() or showBadRequestErrorPage();
if (is_xhr() && isset($_POST['customer_id'])) {
echo getJsonDomainsList(clean_input($_POST['customer_id']));
return;
}
$resellerProps = imscp_getResellerProperties($_SESSION['user_id']);
if ($resellerProps['max_als_cnt'] != 0 && $resellerProps['current_als_cnt'] >= $resellerProps['max_als_cnt']) {
set_page_message(tr('You have reached the maximum number of domain aliasses allowed by your subscription.'), 'warning');
redirectTo('users.php');
}
if (!empty($_POST) && addDomainAlias()) {
redirectTo('alias.php');
}
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'reseller/alias_add.tpl', 'page_message' => 'layout', 'customer_option' => 'page', 'shared_mount_point_domain' => 'page'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('Reseller / Domains / Add Domain Alias'), 'TR_CUSTOMER_ACCOUNT' => tr('Customer account'), 'TR_DOMAIN_ALIAS' => tr('Domain alias'), 'TR_DOMAIN_ALIAS_NAME' => tr('Domain alias name'), 'TR_DOMAIN_ALIAS_NAME_TOOLTIP' => tr("You must omit 'www'. It will be added automatically."), 'TR_SHARED_MOUNT_POINT' => tr('Shared mount point'), 'TR_SHARED_MOUNT_POINT_TOOLTIP' => tr('Allows to share the mount point of another domain.'), 'TR_URL_FORWARDING' => tr('URL forwarding'), 'TR_URL_FORWARDING_TOOLTIP' => tr('Allows to forward any request made to this domain alias to a specific URL. Be aware that when this option is in use, no Web folder is created for the domain alias.'), 'TR_FORWARD_TO_URL' => tr('Forward to URL'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_HTTP' => 'http://', 'TR_HTTPS' => 'https://', 'TR_FTP' => 'ftp://', 'TR_ADD' => tr('Add'), 'TR_CANCEL' => tr('Cancel')));
generateNavigation($tpl);
$actions = tr('n\\a');
}
$row['actions'] = $actions;
$output['aaData'][] = $row;
}
return $output;
}
/***********************************************************************************************************************
* Main
*/
// Include core library
require 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onResellerScriptStart);
check_login('reseller');
resellerHasFeature('domain_aliases') or showBadRequestErrorPage();
if (is_xhr()) {
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-type: application/json');
header('Status: 200 OK');
echo json_encode(reseller_getDatatable());
exit;
}
/** @var $tpl iMSCP_pTemplate */
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'reseller/alias.tpl', 'page_message' => 'layout', 'als_add_button' => 'page'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('Reseller / Customers / Domain Aliases'), 'TR_ALIAS_NAME' => tr('Domain alias name'), 'TR_MOUNT_POINT' => tr('Mount point'), 'TR_FORWARD_URL' => tr('Forward URL'), 'TR_STATUS' => tr('Status'), 'TR_CUSTOMER' => tr('Customer'), 'TR_ACTIONS' => tr('Actions'), 'TR_ADD_DOMAIN_ALIAS' => tr('Add domain alias'), 'TR_MESSAGE_DELETE_ALIAS' => tr('Are you sure you want to delete the %s domain alias?', '%s'), 'TR_MESSAGE_DELETE_ALIAS_ORDER' => tr('Are you sure you want to delete the %s domain alias order?', '%s'), 'TR_PROCESSING_DATA' => tr('Processing...')));
iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) {
/** @var $e \iMSCP_Events_Event */
$e->getParam('translations')->core['dataTable'] = getDataTablesPluginTranslations(false);
});
/**
* Gzip Filter
*
* This method can be used both for create standard gz files, and as filter for the ob_start() function to help
* facilitate sending gzip encoded data to the clients browsers that support the gzip content-coding.
*
* According the PHP documentation, when used as filter for the ob_start() function, and if any error occurs, FALSE
* is returned and then, content is sent to the client browser without compression. Note that FALSE is also
* returned when the data are already encoded.
*
* If used in {@link self::FILTER_FILE} mode and if the $filePath is not specified, the encoded string is returned
* instead of be written in a file.
*
* @param string $data Data to be compressed
* @param string $filePath File path to be used for gz file creation]
* @return string|bool Encoded string in gzip file format, FALSE on failure
*/
public function filter($data, $filePath = '')
{
$this->_data = $data;
// Act as filter for the PHP ob_start function
if ($this->_mode === self::FILTER_BUFFER) {
if (ini_get('output_handler') != 'ob_gzhandler' && !ini_get('zlib.output_compression') && !headers_sent() && connection_status() == CONNECTION_NORMAL && $this->_getEncoding() && strcmp(substr($data, 0, 2), " ‹")) {
if ($this->compressionInformation && !is_xhr()) {
$statTime = microtime(true);
$gzipData = $this->_getEncodedData();
$time = round((microtime(true) - $statTime) * 1000, 2);
$this->_gzipDataSize = strlen($gzipData);
$gzipData = $this->_addCompressionInformation($time);
} else {
$gzipData = $this->_getEncodedData();
$this->_gzipDataSize = strlen($gzipData);
}
// Send required headers
$this->_sendHeaders();
} else {
return false;
}
// Create standard gz file
} else {
$gzipData = $this->_getEncodedData();
if ($filePath != '' && $gzipData !== false) {
$this->_writeFile($gzipData, $filePath);
}
}
return $gzipData;
}
<?php
$tmpl_vars['contact_success'] = false;
if (!empty($_POST['name']) && !empty($_POST['email']) && !empty($_POST['message'])) {
$time = time();
$subject = 'Contact via lynx.io contact form';
$message = <<<EOF
Contacted at {$time}.
From: {$_POST['name']} <{$_POST['email']}>
Body:
{$_POST['message']}
EOF;
$headers = <<<EOF
From: {$config['email']}
Reply-To: {$_POST['email']}
EOF;
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && mail($config['email'], $subject, $message, $headers)) {
$tmpl_vars['contact_success'] = true;
} else {
$tmpl_vars['contact_failure'] = true;
}
}
if (is_xhr(true)) {
$success = $tmpl_vars['contact_success'];
echo $success ? '"Successfully sent"' : '"Failed to send"';
} else {
$tmpl_vars['page_title'] = 'Contact';
$twig->display('contact.twig.html', $tmpl_vars);
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
// Avoid unneeded generation during Ajax request
if (!is_xhr()) {
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'reseller/user_add4.tpl';
// static page messages
gen_logged_from($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - User/Add user'), 'TR_MANAGE_DOMAIN_ALIAS' => tr('Manage domain alias'), 'TR_ADD_ALIAS' => tr('Add domain alias'), 'TR_DOMAIN_NAME' => tr('Domain name'), 'TR_DOMAIN_ACCOUNT' => tr('User account'), 'TR_MOUNT_POINT' => tr('Directory mount point'), 'TR_DOMAIN_IP' => tr('Domain IP'), 'TR_DMN_HELP' => tr("You do not need 'www.' EasySCP will add it on its own."), 'TR_FORWARD' => tr('Forward to URL'), 'TR_ADD' => tr('Add alias'), 'TR_DOMAIN_ALIAS' => tr('Domain alias'), 'TR_STATUS' => tr('Status'), 'TR_ADD_USER' => tr('Add user'), 'TR_GO_USERS' => tr('Done'), 'TR_ENABLE_FWD' => tr("Enable Forward"), 'TR_ENABLE' => tr("Enable"), 'TR_DISABLE' => tr("Disable"), 'TR_PREFIX_HTTP' => 'http://', 'TR_PREFIX_HTTPS' => 'https://', 'TR_PREFIX_FTP' => 'ftp://'));
gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl');
gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl');
if (isset($_SESSION['dmn_id']) && $_SESSION['dmn_id'] !== '') {
$domain_id = $_SESSION['dmn_id'];
$reseller_id = $_SESSION['user_id'];
$query = "\n\t\t\tSELECT\n\t\t\t\tdomain_id, status\n\t\t\tFROM\n\t\t\t\tdomain\n\t\t\tWHERE\n\t\t\t\tdomain_id = ?\n\t\t\tAND\n\t\t\t\tdomain_created_id = ?\n\t\t;";
$result = exec_query($sql, $query, array($domain_id, $reseller_id));
if ($result->recordCount() == 0) {
set_page_message(tr('User does not exist or you do not have permission to access this interface!'), 'warning');
// Back to the users page
function autherz($flag, $redirect = false)
{
if (!$flag) {
if (is_xhr()) {
echo "expired";
} else {
$goto = $redirect ? $redirect : $_SERVER['HTTP_HOST'];
header("Location: http://{$redirect}");
}
exit;
}
}
<?php
$slug = $matches[2];
// Get comments
if (!empty($_GET['timestamp']) || is_xhr(true)) {
$timestamp = (int) $_GET['timestamp'];
if ($timestamp < time() - 68400) {
echo '"Invalid time"';
exit;
}
$newComments = array();
foreach (get_comments($slug) as $comment) {
if ($comment->date > $timestamp) {
$newComments[] = array('author' => $comment->author, 'website' => $comment->website, 'date' => date('jS M Y \\a\\t h:i:s A', $comment->date), 'text' => $comment->text);
}
}
echo json_encode($newComments);
exit;
}
if (is_readable('cache/articles/' . $slug . '.json')) {
$info = file_get_contents('cache/articles/' . $slug . '.json');
$info = json_decode($info, true);
$raw_body = file_get_contents('articles/' . $slug . '.md');
if ($raw_body === $info['raw_body']) {
if (is_readable('authors/' . $info['author'] . '.json')) {
$author = file_get_contents('authors/' . $info['author'] . '.json');
$info['author'] = json_decode($author);
} else {
unset($info['author']);
}
$tmpl_vars['article'] = $info;
/**
* check for valid user login
*
* @param string $fName Full file path (ie. the magic __FILE__ constant value)
*/
function check_login($fName = null)
{
// session-type check:
if (!check_user_login()) {
if (is_xhr()) {
header('HTTP/1.0 403 Forbidden');
exit;
}
user_goto('/index.php');
}
if (!is_null($fName)) {
// TODO: Prüfen ob das so ok ist. Das '\\' wird bei Windows Pfaden benötigt.
// $levels = explode('/', realpath(dirname($fName)));
// $levels = explode('\\', realpath(dirname($fName)));
// $level = $levels[count($levels) - 1];
$level = basename(dirname($fName));
$userType = $_SESSION['user_type'] == 'user' ? 'client' : $_SESSION['user_type'];
if ($userType != $level) {
if ($userType != 'admin' && (!isset($_SESSION['logged_from']) || $_SESSION['logged_from'] != 'admin')) {
$userLoggued = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $_SESSION['user_logged'];
write_log('Warning! user |' . $userLoggued . '| requested |' . tohtml($_SERVER['REQUEST_URI']) . '| with REQUEST_METHOD |' . $_SERVER['REQUEST_METHOD'] . '|');
}
user_goto('/index.php');
}
}
}
}
return $ret;
}
/***********************************************************************************************************************
* Main
*/
// Include core library
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
customerHasFeature('ftp') or showBadRequestErrorPage();
$mainDmnProps = get_domain_default_props($_SESSION['user_id']);
$mainDmnId = $mainDmnProps['domain_id'];
$mainDmnName = $mainDmnProps['domain_name'];
$ftpAccountLimit = $mainDmnProps['domain_ftpacc_limit'];
if (is_xhr() && isset($_POST['domain_type'])) {
echo json_encode(ftp_getDomainList($mainDmnName, $mainDmnId, clean_input($_POST['domain_type'])));
exit;
} elseif (!empty($_POST)) {
// Check for ftp account limit (only on new account submission to avoid too many query each time the page
// is displayed
$nbFtpAccounts = get_customer_running_ftp_acc_cnt($_SESSION['user_id']);
if ($ftpAccountLimit && $nbFtpAccounts >= $ftpAccountLimit) {
set_page_message(tr('FTP account limit reached.'), 'error');
redirectTo('ftp_accounts.php');
}
if (ftp_addAccount($mainDmnName)) {
redirectTo('ftp_accounts.php');
}
}
/** @var $cfg iMSCP_Config_Handler_File */
/**
* Check login
*
* @param string $userLevel User level (admin|reseller|user)
* @param bool $preventExternalLogin If TRUE, external login is disallowed
*/
function check_login($userLevel = '', $preventExternalLogin = true)
{
do_session_timeout();
$auth = iMSCP_Authentication::getInstance();
if (!$auth->hasIdentity()) {
$auth->unsetIdentity();
// Ensure deletion of all entity data
if (is_xhr()) {
header('HTTP/1.0 403 Forbidden');
exit;
}
redirectTo('/index.php');
}
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$identity = $auth->getIdentity();
if ($cfg->MAINTENANCEMODE && $identity->admin_type != 'admin' && (!isset($_SESSION['logged_from_type']) || $_SESSION['logged_from_type'] != 'admin')) {
$auth->unsetIdentity();
redirectTo('/index.php');
}
// Check user level
if (!empty($userLevel) && ($userType = $identity->admin_type) != $userLevel) {
if ($userType != 'admin' && (!isset($_SESSION['logged_from']) || $_SESSION['logged_from'] != 'admin')) {
$loggedUser = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $identity->admin_name;
write_log('Warning! user |' . $loggedUser . '| requested |' . tohtml($_SERVER['REQUEST_URI']) . '| with REQUEST_METHOD |' . $_SERVER['REQUEST_METHOD'] . '|', E_USER_WARNING);
}
redirectTo('/index.php');
}
// prevent external login / check for referer
if ($preventExternalLogin && !empty($_SERVER['HTTP_REFERER'])) {
// Extracting hostname from referer URL
// Note2: We remove any braket in referer (ipv6 issue)
$refererHostname = str_replace(array('[', ']'), '', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST));
// The URL does contains the host element ?
if (!is_null($refererHostname)) {
// Note1: We don't care about the scheme, we only want make parse_url() happy
// Note2: We remove any braket in hostname (ipv6 issue)
$http_host = str_replace(array('[', ']'), '', parse_url("http://{$_SERVER['HTTP_HOST']}", PHP_URL_HOST));
// The referer doesn't match the panel hostname ?
if (!in_array($refererHostname, array($http_host, $_SERVER['SERVER_NAME']))) {
set_page_message(tr('Request from foreign host was blocked.'), 'info');
# Quick fix for #96 (will be rewritten ASAP)
isset($_SERVER['REDIRECT_URL']) ?: ($_SERVER['REDIRECT_URL'] = '');
if (!(substr($_SERVER['SCRIPT_FILENAME'], (int) -strlen($_SERVER['REDIRECT_URL']), strlen($_SERVER['REDIRECT_URL'])) == $_SERVER['REDIRECT_URL'])) {
redirectToUiLevel();
}
}
}
}
// If all goes fine update session and lastaccess
$_SESSION['user_login_time'] = time();
exec_query('UPDATE login SET lastaccess = ? WHERE session_id = ?', array($_SESSION['user_login_time'], session_id()));
}
/**
* Show 404 error page
*
* @return void
*/
function showNotFoundErrorPage()
{
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$filePath = $cfg->GUI_ROOT_DIR . '/public/errordocs/404.html';
header("Status: 404 Not Found");
$response = '';
if (isset($_SERVER['HTTP_ACCEPT'])) {
if ((strpos($_SERVER['HTTP_ACCEPT'], 'text/html') !== false || strpos($_SERVER['HTTP_ACCEPT'], 'application/xhtml') !== false) && !is_xhr()) {
$response = file_get_contents($filePath);
} elseif (strpos($_SERVER['HTTP_ACCEPT'], 'application/json') !== false) {
header("Content-type: application/json");
$response = json_encode(array('code' => 404, 'message' => 'Not Found'));
} elseif (strpos($_SERVER['HTTP_ACCEPT'], 'application/xmls') !== false) {
header("Content-type: text/xml;charset=utf-8");
$response = '<?xml version="1.0" encoding="utf-8"?>';
$response = $response . '<response><code>404</code>';
$response = $response . '<message>Not Found</message></response>';
} elseif (!is_xhr()) {
include $filePath;
}
} elseif (!is_xhr()) {
$response = file_get_contents($filePath);
}
if ($response != '') {
echo $response;
}
exit;
}
<?php
if (!is_xhr(true) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
echo 'Please don\'t access this page directly.';
exit;
}
$slug = $matches[2];
if (empty($slug) || !is_readable('articles/' . $slug . '.md')) {
echo 'Article not found.';
exit;
}
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['text'])) {
echo 'Please specify all required forms.';
exit;
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
echo 'Invalid email address.';
exit;
}
if (!empty($_POST['website'])) {
$website = $_POST['website'];
if (!filter_var($website, FILTER_VALIDATE_URL)) {
echo 'Invalid website.';
exit;
}
} else {
$website = '';
}
if (is_readable('articles/comments/' . $slug . '.json')) {
$comments = file_get_contents('articles/comments/' . $slug . '.json');
$comments = json_decode($comments);
