function reset_author_pass($name) { $email = safe_field('email', 'txp_users', "name = '" . doSlash($name) . "'"); $new_pass = generate_password(PASSWORD_LENGTH); $hash = doSlash(txp_hash_password($new_pass)); $rs = safe_update('txp_users', "pass = '******'", "name = '" . doSlash($name) . "'"); if ($rs) { if (send_new_password($new_pass, $email, $name)) { return gTxt('password_sent_to') . ' ' . $email; } else { return gTxt('could_not_mail') . ' ' . $email; } } else { return gTxt('could_not_update_author') . ' ' . txpspecialchars($name); } }
function createTxp() { $GLOBALS['textarray'] = setup_load_lang($_SESSION['lang']); $_SESSION['name'] = ps('name'); $_SESSION['realname'] = ps('RealName'); $_SESSION['pass'] = ps('pass'); $_SESSION['email'] = ps('email'); $_SESSION['theme'] = ps('theme'); if ($_SESSION['name'] == '') { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('name_required') . '</span>') . n . setup_back_button(__FUNCTION__) . n . '</div>' . n . '</div>'; exit; } if (!$_SESSION['pass']) { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('pass_required') . '</span>') . n . setup_back_button(__FUNCTION__) . n . '</div>' . n . '</div>'; exit; } if (!is_valid_email($_SESSION['email'])) { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('email_required') . '</span>') . n . setup_back_button(__FUNCTION__) . n . '</div>' . n . '</div>'; exit; } global $txpcfg; if (!isset($txpcfg['db'])) { if (!is_readable(txpath . '/config.php')) { $problems[] = graf('<span class="error">' . setup_gTxt('config_php_not_found', array('{file}' => txpspecialchars(txpath . '/config.php')), 'raw') . '</span>'); } else { @(include txpath . '/config.php'); } } if (!isset($txpcfg) || $txpcfg['db'] != $_SESSION['ddb'] || $txpcfg['table_prefix'] != $_SESSION['dprefix']) { $problems[] = graf('<span class="error">' . setup_gTxt('config_php_does_not_match_input', 'raw') . '</span>'); echo txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . join(n, $problems) . n . setup_config_contents() . n . '</div>' . n . '</div>'; exit; } $ddb = $txpcfg['db']; $duser = $txpcfg['user']; $dpass = $txpcfg['pass']; $dhost = $txpcfg['host']; $dclient_flags = isset($txpcfg['client_flags']) ? $txpcfg['client_flags'] : 0; $dprefix = $txpcfg['table_prefix']; $dbcharset = $txpcfg['dbcharset']; $siteurl = str_replace("http://", '', $_SESSION['siteurl']); $siteurl = str_replace(' ', '%20', rtrim($siteurl, "/")); $urlpath = preg_replace('#^[^/]+#', '', $siteurl); define("PFX", trim($dprefix)); define('TXP_INSTALL', 1); include_once txpath . '/lib/txplib_update.php'; include txpath . '/setup/txpsql.php'; $nonce = md5(uniqid(rand(), true)); $hash = doSlash(txp_hash_password($_SESSION['pass'])); mysql_query("INSERT INTO `" . PFX . "txp_users` VALUES\n\t\t\t(1,\n\t\t\t'" . doSlash($_SESSION['name']) . "',\n\t\t\t'{$hash}',\n\t\t\t'" . doSlash($_SESSION['realname']) . "',\n\t\t\t'" . doSlash($_SESSION['email']) . "',\n\t\t\t1,\n\t\t\tnow(),\n\t\t\t'{$nonce}')"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . doSlash($siteurl) . "' where `name`='siteurl'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . LANG . "' where `name`='language'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . getlocale(LANG) . "' where `name`='locale'"); mysql_query("update `" . PFX . "textpattern` set Body = replace(Body, 'siteurl', '" . doSlash($urlpath) . "'), Body_html = replace(Body_html, 'siteurl', '" . doSlash($urlpath) . "') WHERE ID = 1"); // cf. update/_to_4.2.0.php. // TODO: Position might need altering when prefs panel layout is altered $theme = $_SESSION['theme'] ? $_SESSION['theme'] : 'classic'; mysql_query("insert `" . PFX . "txp_prefs` set prefs_id = 1, name = 'theme_name', val = '" . doSlash($theme) . "', type = '1', event = 'admin', html = 'themename', position = '160'"); echo fbCreate(); }
function doImportMTDB($mt_dblogin, $mt_db, $mt_dbpass, $mt_dbhost, $blog_id, $insert_into_section, $insert_with_status, $default_comment_invite) { global $txpcfg; //Keep some response on some part $results = array(); //Avoid left joins $authors_map = array(); $categories_map = array(); // let's go - Dean says ;-). $mtlink = mysql_connect($mt_dbhost, $mt_dblogin, $mt_dbpass, true); if (!$mtlink) { return 'mt database values don’t work. Please replace them and try again'; } mysql_select_db($mt_db, $mtlink); $results[] = 'connected to mt database. Importing Data'; sleep(2); $a = mysql_query("\n\t\t\tselect\n\t\t\tauthor_id as user_id,\n\t\t\tauthor_nickname as name,\n\t\t\tauthor_name as RealName,\n\t\t\tauthor_email as email,\n\t\t\tauthor_password as pass\n\t\t\tfrom mt_author\n\t\t", $mtlink); while ($b = mysql_fetch_assoc($a)) { $authors[] = $b; } $a = mysql_query("\n\t\t\tselect\n\t\t\tmt_entry.entry_id as ID,\n\t\t\tmt_entry.entry_text as Body,\n\t\t\tmt_entry.entry_text_more as Body2,\n\t\t\tmt_entry.entry_title as Title,\n\t\t\tmt_entry.entry_excerpt as Excerpt,\n\t\t\tmt_entry.entry_keywords as Keywords,\n\t\t\tmt_entry.entry_created_on as Posted,\n\t\t\tmt_entry.entry_modified_on as LastMod,\n\t\t\tmt_entry.entry_author_id as AuthorID\n\t\t\tfrom mt_entry\n\t\t\twhere entry_blog_id = '{$blog_id}'\n\t\t", $mtlink); $results[] = mysql_error(); while ($b = mysql_fetch_assoc($a)) { $cat = mysql_query("select placement_category_id as category_id from mt_placement where placement_entry_id='{$b['ID']}'"); while ($cat_id = mysql_fetch_row($cat)) { $categories[] = $cat_id[0]; } if (!empty($categories[0])) { $b['Category1'] = $categories[0]; } if (!empty($categories[1])) { $b['Category2'] = $categories[1]; } unset($categories); //Trap comments for each article $comments = array(); $q = "\n\t\t\t\tselect\n\t\t\t\tmt_comment.comment_id as discussid,\n\t\t\t\tmt_comment.comment_ip as ip,\n\t\t\t\tmt_comment.comment_author as name,\n\t\t\t\tmt_comment.comment_email as email,\n\t\t\t\tmt_comment.comment_url as web,\n\t\t\t\tmt_comment.comment_text as message,\n\t\t\t\tmt_comment.comment_created_on as posted\n\t\t\t\tfrom mt_comment where comment_blog_id = '{$blog_id}' AND comment_entry_id='{$b['ID']}'\n\t\t\t"; $c = mysql_query($q, $mtlink); while ($d = mysql_fetch_assoc($c)) { $comments[] = $d; } //Attach comments to article $b['comments'] = $comments; unset($comments); //Article finished $articles[] = $b; } $a = mysql_query("\n\t\t\tselect category_id,category_label from mt_category where category_blog_id='{$blog_id}'\n\t\t", $mtlink); while ($b = mysql_fetch_assoc($a)) { $categories_map[$b['category_id']] = $b['category_label']; } mysql_close($mtlink); //Yes, we have to make a new connection //otherwise doArray complains $DB = new DB(); include txpath . '/lib/classTextile.php'; $textile = new Textile(); if (!empty($authors)) { foreach ($authors as $author) { extract($author); $name = empty($name) ? $RealName : $name; $authors_map[$user_id] = $name; $authorid = safe_field('user_id', 'txp_users', "name = '" . doSlash($name) . "'"); if (!$authorid) { //Add new authors $q = safe_insert("txp_users", "\n\t\t\t\t\t\tname = '" . doSlash($RealName) . "',\n\t\t\t\t\t\temail = '" . doSlash($email) . "',\n\t\t\t\t\t\tpass = '******',\n\t\t\t\t\t\tRealName = '" . doSlash($RealName) . "',\n\t\t\t\t\t\tprivs='1'"); if ($q) { $results[] = 'inserted ' . $RealName . ' into txp_users'; } else { $results[] = mysql_error(); } } } } if (!empty($categories_map)) { foreach ($categories_map as $category) { $category = doSlash($category); $rs = safe_row('id', 'txp_category', "name='{$category}' and type='article'"); if (!$rs) { $q = safe_insert("txp_category", "name='{$category}',type='article',parent='root'"); if ($q) { $results[] = 'inserted ' . stripslashes($category) . ' into txp_category'; } else { $results[] = mysql_error(); } } } } if (!empty($articles)) { foreach ($articles as $article) { extract($article); $Body .= trim($Body2) ? "\n\n" . $Body2 : ''; $Body_html = $textile->textileThis($Body); $Excerpt_html = $textile->textileThis($Excerpt); $Title = $textile->textileThis($Title, 1); $Category1 = !empty($Category1) ? doSlash($Category1) : ''; $AuthorID = !empty($authors_map[$AuthorID]) ? doSlash($authors_map[$AuthorID]) : ''; $insertID = safe_insert("textpattern", "\n\t\t\t\t\tID \t = '{$ID}',\n\t\t\t\t\tPosted = '{$Posted}',\n\t\t\t\t\tLastMod = '{$LastMod}',\n\t\t\t\t\tTitle = '" . doSlash($Title) . "',\n\t\t\t\t\tBody = '" . doSlash($Body) . "',\n\t\t\t\t\tExcerpt\t\t = '" . doSlash($Excerpt) . "',\n\t\t\t\t\tExcerpt_html = '" . doSlash($Excerpt_html) . "',\n\t\t\t\t\tKeywords\t = '" . doSlash($Keywords) . "',\n\t\t\t\t\tBody_html = '" . doSlash($Body_html) . "',\n\t\t\t\t\tAuthorID = '{$AuthorID}',\n\t\t\t\t\tCategory1 = '{$Category1}',\n\t\t\t\t\tAnnotateInvite = '" . doSlash($default_comment_invite) . "',\n\t\t\t\t\tSection = '" . doSlash($insert_into_section) . "',\n\t\t\t\t\tuid = '" . md5(uniqid(rand(), true)) . "',\n\t\t\t\t\tfeed_time = '" . substr($Posted, 0, 10) . "',\n\t\t\t\t\tStatus = '{$insert_with_status}'\n\t\t\t\t"); if ($insertID) { $results[] = 'inserted MT entry ' . strong($Title) . ' into Textpattern as article ' . strong($insertID) . ''; //Do coment for article if (!empty($comments) && is_array($comments)) { foreach ($comments as $comment) { extract($comment); $message = nl2br($message); $commentID = safe_insert("txp_discuss", "\n\t\t\t\t\t\t\t\tdiscussid = {$discussid},\n\t\t\t\t\t\t\t\tparentid = {$insertID},\n\t\t\t\t\t\t\t\tname = '" . doSlash($name) . "',\n\t\t\t\t\t\t\t\temail = '" . doSlash($email) . "',\n\t\t\t\t\t\t\t\tweb = '" . doSlash($web) . "',\n\t\t\t\t\t\t\t\tmessage = '" . doSlash($message) . "',\n\t\t\t\t\t\t\t\tip = '{$ip}',\n\t\t\t\t\t\t\t\tposted = '{$posted}',\n\t\t\t\t\t\t\t\tvisible = 1"); if ($commentID) { $results[] = 'inserted MT comment ' . $commentID . ' for article ' . $insertID . ' into txp_discuss'; } else { $results[] = mysql_error(); } } } } else { $results[] = mysql_error(); } } } return join('<br />', $results); }
} $create_sql[] = "CREATE TABLE `" . PFX . "txp_plugin` (\n name VARCHAR(64) NOT NULL DEFAULT '',\n status INT NOT NULL DEFAULT '1',\n author VARCHAR(128) NOT NULL DEFAULT '',\n author_uri VARCHAR(128) NOT NULL DEFAULT '',\n version VARCHAR(255) NOT NULL DEFAULT '1.0',\n description TEXT NOT NULL,\n help TEXT NOT NULL,\n code MEDIUMTEXT NOT NULL,\n code_restore MEDIUMTEXT NOT NULL,\n code_md5 VARCHAR(32) NOT NULL DEFAULT '',\n type INT NOT NULL DEFAULT '0',\n load_order TINYINT UNSIGNED NOT NULL DEFAULT '5',\n flags SMALLINT UNSIGNED NOT NULL DEFAULT '0',\n\n UNIQUE name (name),\n INDEX status_type_idx (status, type)\n) {$tabletype} "; $create_sql[] = "CREATE TABLE `" . PFX . "txp_prefs` (\n prefs_id INT NOT NULL DEFAULT '1',\n name VARCHAR(255) NOT NULL DEFAULT '',\n val TEXT NOT NULL,\n type SMALLINT UNSIGNED NOT NULL DEFAULT '2',\n event VARCHAR(255) NOT NULL DEFAULT 'publish',\n html VARCHAR(255) NOT NULL DEFAULT 'text_input',\n position SMALLINT UNSIGNED NOT NULL DEFAULT '0',\n user_name VARCHAR(64) NOT NULL DEFAULT '',\n\n UNIQUE prefs_idx (prefs_id, name(185), user_name),\n INDEX name (name(250)),\n INDEX user_name (user_name)\n) {$tabletype} "; $blog_uid = md5(uniqid(rand(), true)); $gmtoffset = sprintf("%+d", gmmktime(0, 0, 0) - mktime(0, 0, 0)); $prefs = array('admin' => array(array(0, 20, 'text_input', 'img_dir', 'images'), array(0, 40, 'text_input', 'file_base_path', dirname(txpath) . DS . 'files'), array(0, 60, 'text_input', 'file_max_upload_size', '2000000'), array(0, 80, 'text_input', 'tempdir', find_temp_dir()), array(0, 100, 'text_input', 'plugin_cache_dir', ''), array(0, 110, 'text_input', 'smtp_from', ''), array(0, 115, 'text_input', 'publisher_email', ''), array(0, 120, 'yesnoradio', 'override_emailcharset', '0'), array(0, 130, 'yesnoradio', 'enable_xmlrpc_server', '0'), array(0, 150, 'default_event', 'default_event', 'article'), array(0, 160, 'themename', 'theme_name', $theme)), 'category' => array(array(2, 0, 'yesnoradio', 'show_article_category_count', '1')), 'comments' => array(array(0, 20, 'yesnoradio', 'comments_on_default', '0'), array(0, 40, 'text_input', 'comments_default_invite', $setup_comment_invite), array(0, 60, 'yesnoradio', 'comments_moderate', '1'), array(0, 80, 'weeks', 'comments_disabled_after', '42'), array(0, 100, 'yesnoradio', 'comments_auto_append', '0'), array(0, 120, 'commentmode', 'comments_mode', '0'), array(0, 140, 'dateformats', 'comments_dateformat', '%b %d, %I:%M %p'), array(0, 160, 'commentsendmail', 'comments_sendmail', '0'), array(0, 180, 'yesnoradio', 'comments_are_ol', '1'), array(0, 200, 'yesnoradio', 'comment_means_site_updated', '1'), array(0, 220, 'yesnoradio', 'comments_require_name', '1'), array(0, 240, 'yesnoradio', 'comments_require_email', '1'), array(0, 260, 'yesnoradio', 'never_display_email', '1'), array(0, 280, 'yesnoradio', 'comment_nofollow', '1'), array(0, 300, 'yesnoradio', 'comments_disallow_images', '0'), array(0, 320, 'yesnoradio', 'comments_use_fat_textile', '0'), array(0, 340, 'text_input', 'spam_blacklists', '')), 'custom' => array(array(0, 1, 'custom_set', 'custom_1_set', 'custom1'), array(0, 2, 'custom_set', 'custom_2_set', 'custom2'), array(0, 3, 'custom_set', 'custom_3_set', ''), array(0, 4, 'custom_set', 'custom_4_set', ''), array(0, 5, 'custom_set', 'custom_5_set', ''), array(0, 6, 'custom_set', 'custom_6_set', ''), array(0, 7, 'custom_set', 'custom_7_set', ''), array(0, 8, 'custom_set', 'custom_8_set', ''), array(0, 9, 'custom_set', 'custom_9_set', ''), array(0, 10, 'custom_set', 'custom_10_set', '')), 'feeds' => array(array(0, 20, 'yesnoradio', 'syndicate_body_or_excerpt', '1'), array(0, 40, 'text_input', 'rss_how_many', '5'), array(0, 60, 'yesnoradio', 'show_comment_count_in_feed', '1'), array(0, 80, 'yesnoradio', 'include_email_atom', '1'), array(0, 100, 'yesnoradio', 'use_mail_on_feeds_id', '0')), 'publish' => array(array(0, 20, 'yesnoradio', 'title_no_widow', '0'), array(0, 40, 'yesnoradio', 'articles_use_excerpts', '1'), array(0, 60, 'yesnoradio', 'allow_form_override', '1'), array(0, 80, 'yesnoradio', 'attach_titles_to_permalinks', '1'), array(0, 100, 'yesnoradio', 'permalink_title_format', '1'), array(0, 120, 'yesnoradio', 'send_lastmod', '1'), array(0, 130, 'yesnoradio', 'publish_expired_articles', '0'), array(0, 140, 'yesnoradio', 'lastmod_keepalive', '0'), array(0, 160, 'yesnoradio', 'ping_weblogsdotcom', '0'), array(0, 200, 'pref_text', 'use_textile', '1'), array(0, 220, 'yesnoradio', 'use_dns', '0'), array(0, 260, 'yesnoradio', 'use_plugins', '1'), array(0, 280, 'yesnoradio', 'admin_side_plugins', '1'), array(0, 300, 'yesnoradio', 'allow_page_php_scripting', '1'), array(0, 320, 'yesnoradio', 'allow_article_php_scripting', '1'), array(0, 340, 'text_input', 'max_url_len', '1000'), array(2, 0, 'text_input', 'blog_mail_uid', $_SESSION['email']), array(2, 0, 'text_input', 'blog_time_uid', '2005'), array(2, 0, 'text_input', 'blog_uid', $blog_uid), array(2, 0, 'text_input', 'dbupdatetime', '0'), array(2, 0, 'languages', 'language', LANG), array(2, 0, 'text_input', 'lastmod', '2005-07-23 16:24:10'), array(2, 0, 'text_input', 'locale', getlocale(LANG)), array(2, 0, 'text_input', 'path_from_root', '/'), array(2, 0, 'text_input', 'path_to_site', dirname(txpath)), array(2, 0, 'text_input', 'prefs_id', '1'), array(2, 0, 'text_input', 'searchable_article_fields', 'Title, Body'), array(2, 0, 'text_input', 'textile_updated', '1'), array(2, 0, 'text_input', 'timeoffset', '0'), array(2, 0, 'text_input', 'timezone_key', ''), array(2, 0, 'text_input', 'url_mode', '1'), array(2, 0, 'text_input', 'use_categories', '1'), array(2, 0, 'text_input', 'use_sections', '1'), array(2, 0, 'text_input', 'version', '4.5.7')), 'section' => array(array(2, 0, 'text_input', 'default_section', 'articles')), 'site' => array(array(0, 20, 'text_input', 'sitename', gTxt('my_site')), array(0, 40, 'text_input', 'siteurl', $siteurl), array(0, 60, 'text_input', 'site_slogan', gTxt('my_slogan')), array(0, 80, 'prod_levels', 'production_status', 'testing'), array(0, 100, 'gmtoffset_select', 'gmtoffset', $gmtoffset), array(0, 115, 'yesnoradio', 'auto_dst', '0'), array(0, 120, 'is_dst', 'is_dst', '0'), array(0, 140, 'dateformats', 'dateformat', 'since'), array(0, 160, 'dateformats', 'archive_dateformat', '%b %d, %I:%M %p'), array(0, 180, 'permlinkmodes', 'permlink_mode', $permlink_mode), array(0, 190, 'doctypes', 'doctype', 'html5'), array(0, 220, 'logging', 'logging', 'none'), array(0, 230, 'text_input', 'expire_logs_after', '7'), array(0, 240, 'yesnoradio', 'use_comments', '1'))); foreach ($prefs as $event => $event_prefs) { foreach ($event_prefs as $p) { $create_sql[] = "INSERT INTO `" . PFX . "txp_prefs` (event, type, position, html, name, val) " . "VALUES ('" . $event . "', " . $p[0] . ", " . $p[1] . ", '" . $p[2] . "', '" . $p[3] . "', '" . doSlash($p[4]) . "')"; } } $create_sql[] = "CREATE TABLE `" . PFX . "txp_section` (\n name VARCHAR(255) NOT NULL DEFAULT '',\n page VARCHAR(255) NOT NULL DEFAULT '',\n css VARCHAR(255) NOT NULL DEFAULT '',\n description VARCHAR(255) NOT NULL DEFAULT '',\n in_rss INT NOT NULL DEFAULT '1',\n on_frontpage INT NOT NULL DEFAULT '1',\n searchable INT NOT NULL DEFAULT '1',\n title VARCHAR(255) NOT NULL DEFAULT '',\n\n PRIMARY KEY (name(250))\n) {$tabletype} "; $create_sql[] = "INSERT INTO `" . PFX . "txp_section` VALUES ('articles', 'archive', 'default', 1, 1, 1, 1, 'Articles')"; $create_sql[] = "INSERT INTO `" . PFX . "txp_section` VALUES ('default', 'default', 'default', 0, 1, 1, 1, 'Default')"; $create_sql[] = "CREATE TABLE `" . PFX . "txp_users` (\n user_id INT NOT NULL AUTO_INCREMENT,\n name VARCHAR(64) NOT NULL DEFAULT '',\n pass VARCHAR(128) NOT NULL,\n RealName VARCHAR(255) NOT NULL DEFAULT '',\n email VARCHAR(254) NOT NULL DEFAULT '',\n privs TINYINT NOT NULL DEFAULT '1',\n last_access DATETIME NULL DEFAULT NULL,\n nonce VARCHAR(64) NOT NULL DEFAULT '',\n\n PRIMARY KEY (user_id),\n UNIQUE name (name)\n) {$tabletype} "; $create_sql[] = "INSERT INTO `" . PFX . "txp_users` VALUES (\n 1,\n '" . doSlash($_SESSION['name']) . "',\n '" . doSlash(txp_hash_password($_SESSION['pass'])) . "',\n '" . doSlash($_SESSION['realname']) . "',\n '" . doSlash($_SESSION['email']) . "',\n 1,\n NOW(),\n '" . md5(uniqid(rand(), true)) . "')"; $create_sql[] = "CREATE TABLE `" . PFX . "txp_token` (\n id INT NOT NULL AUTO_INCREMENT,\n reference_id INT NOT NULL DEFAULT 0,\n type VARCHAR(255) NOT NULL DEFAULT '',\n selector VARCHAR(12) NOT NULL DEFAULT '',\n token VARCHAR(255) NOT NULL DEFAULT '',\n expires DATETIME NULL DEFAULT NULL,\n\n PRIMARY KEY (id)\n) {$tabletype} "; $GLOBALS['txp_install_successful'] = true; $GLOBALS['txp_err_count'] = 0; $GLOBALS['txp_err_html'] = ''; foreach ($create_sql as $query) { $result = mysqli_query($link, $query); if (!$result) { $GLOBALS['txp_err_count']++; $GLOBALS['txp_err_html'] .= '<li>' . n . '<b>' . htmlspecialchars(mysqli_error($link)) . '</b><br />' . n . '<pre>' . htmlspecialchars($query) . '</pre>' . n . '</li>' . n; $GLOBALS['txp_install_successful'] = false; } } require_once txpath . '/lib/IXRClass.php'; $client = new IXR_Client('http://rpc.textpattern.com'); if (!$client->query('tups.getLanguage', $blog_uid, LANG)) {
function admin_multi_edit() { global $txp_user; require_privs('admin.edit'); $selected = ps('selected'); $method = ps('edit_method'); $changed = array(); if (!$selected or !is_array($selected)) { return author_list(); } $names = safe_column('name', 'txp_users', "name IN ('" . join("','", doSlash($selected)) . "') AND name != '" . doSlash($txp_user) . "'"); if (!$names) { return author_list(); } switch ($method) { case 'delete': $assign_assets = ps('assign_assets'); if ($assign_assets === '') { $msg = array('must_reassign_assets', E_ERROR); } elseif (in_array($assign_assets, $names)) { $msg = array('cannot_assign_assets_to_deletee', E_ERROR); } elseif (safe_delete('txp_users', "name IN ('" . join("','", doSlash($names)) . "')")) { $changed = $names; $assign_assets = doSlash($assign_assets); $names = join("','", doSlash($names)); // delete private prefs safe_delete('txp_prefs', "user_name IN ('{$names}')"); // assign dangling assets to their new owner $reassign = array('textpattern' => 'AuthorID', 'txp_file' => 'author', 'txp_image' => 'author', 'txp_link' => 'author'); foreach ($reassign as $table => $col) { safe_update($table, "{$col}='{$assign_assets}'", "{$col} IN ('{$names}')"); } callback_event('authors_deleted', '', 0, $changed); $msg = 'author_deleted'; } break; case 'changeprivilege': global $levels; $privilege = ps('privs'); if (!isset($levels[$privilege])) { return author_list(); } if (safe_update('txp_users', 'privs = ' . intval($privilege), "name IN ('" . join("','", doSlash($names)) . "')")) { $changed = $names; $msg = 'author_updated'; } break; case 'resetpassword': $failed = array(); foreach ($names as $name) { $passwd = generate_password(PASSWORD_LENGTH); $hash = doSlash(txp_hash_password($passwd)); if (safe_update('txp_users', "pass = '******'", "name = '" . doSlash($name) . "'")) { $email = safe_field('email', 'txp_users', "name = '" . doSlash($name) . "'"); if (send_new_password($passwd, $email, $name)) { $changed[] = $name; $msg = 'author_updated'; } else { return author_list(array(gTxt('could_not_mail') . ' ' . txpspecialchars($name), E_ERROR)); } } } break; } if ($changed) { return author_list(gTxt($msg, array('{name}' => txpspecialchars(join(', ', $changed))))); } author_list($msg); }
function createTxp() { $GLOBALS['textarray'] = setup_load_lang(ps('lang')); if (ps('name') == '') { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('name_required') . '</span>') . n . setup_back_button() . n . '</div>' . n . '</div>'; exit; } if (!ps('pass')) { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('pass_required') . '</span>') . n . setup_back_button() . n . '</div>' . n . '</div>'; exit; } if (!is_valid_email(ps('email'))) { echo n . '<div id="setup_container" class="txp-container">' . txp_setup_progress_meter(3) . n . '<div class="txp-setup">' . n . graf('<span class="error">' . setup_gTxt('email_required') . '</span>') . n . setup_back_button() . n . '</div>' . n . '</div>'; exit; } global $txpcfg; if (!isset($txpcfg['db'])) { require txpath . '/config.php'; } $ddb = $txpcfg['db']; $duser = $txpcfg['user']; $dpass = $txpcfg['pass']; $dhost = $txpcfg['host']; $dclient_flags = isset($txpcfg['client_flags']) ? $txpcfg['client_flags'] : 0; $dprefix = $txpcfg['table_prefix']; $dbcharset = $txpcfg['dbcharset']; $siteurl = str_replace("http://", '', ps('siteurl')); $siteurl = rtrim($siteurl, "/"); $urlpath = preg_replace('#^[^/]+#', '', $siteurl); define("PFX", trim($dprefix)); define('TXP_INSTALL', 1); include_once txpath . '/lib/txplib_update.php'; include txpath . '/setup/txpsql.php'; // This has to come after txpsql.php, because otherwise we can't call mysql_real_escape_string extract(doSlash(psa(array('name', 'pass', 'RealName', 'email', 'theme')))); $nonce = md5(uniqid(rand(), true)); $hash = doSlash(txp_hash_password($pass)); mysql_query("INSERT INTO `" . PFX . "txp_users` VALUES\n\t\t\t(1,'{$name}','{$hash}','{$RealName}','{$email}',1,now(),'{$nonce}')"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . doSlash($siteurl) . "' where `name`='siteurl'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . LANG . "' where `name`='language'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . getlocale(LANG) . "' where `name`='locale'"); mysql_query("update `" . PFX . "textpattern` set Body = replace(Body, 'siteurl', '" . doSlash($urlpath) . "'), Body_html = replace(Body_html, 'siteurl', '" . doSlash($urlpath) . "') WHERE ID = 1"); // cf. update/_to_4.2.0.php. // TODO: Position might need altering when prefs panel layout is altered $theme = $theme ? $theme : 'classic'; mysql_query("insert `" . PFX . "txp_prefs` set prefs_id = 1, name = 'theme_name', val = '" . doSlash($theme) . "', type = '1', event = 'admin', html = 'themename', position = '160'"); echo fbCreate(); }
function createTxp() { $GLOBALS['textarray'] = setup_load_lang(ps('lang')); if (!is_valid_email(ps('email'))) { exit(graf(gTxt('email_required'))); } global $txpcfg; if (!isset($txpcfg['db'])) { require txpath . '/config.php'; } $ddb = $txpcfg['db']; $duser = $txpcfg['user']; $dpass = $txpcfg['pass']; $dhost = $txpcfg['host']; $dclient_flags = isset($txpcfg['client_flags']) ? $txpcfg['client_flags'] : 0; $dprefix = $txpcfg['table_prefix']; $dbcharset = $txpcfg['dbcharset']; $siteurl = str_replace("http://", '', ps('siteurl')); $siteurl = rtrim($siteurl, "/"); $urlpath = preg_replace('#^[^/]+#', '', $siteurl); define("PFX", trim($dprefix)); define('TXP_INSTALL', 1); include_once txpath . '/lib/txplib_update.php'; include txpath . '/setup/txpsql.php'; // This has to come after txpsql.php, because otherwise we can't call mysql_real_escape_string extract(doSlash(psa(array('name', 'pass', 'RealName', 'email')))); $nonce = md5(uniqid(rand(), true)); $hash = doSlash(txp_hash_password($pass)); mysql_query("INSERT INTO `" . PFX . "txp_users` VALUES\n\t\t\t(1,'{$name}','{$hash}','{$RealName}','{$email}',1,now(),'{$nonce}')"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . doSlash($siteurl) . "' where `name`='siteurl'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . LANG . "' where `name`='language'"); mysql_query("update `" . PFX . "txp_prefs` set val = '" . getlocale(LANG) . "' where `name`='locale'"); mysql_query("update `" . PFX . "textpattern` set Body = replace(Body, 'siteurl', '" . doSlash($urlpath) . "'), Body_html = replace(Body_html, 'siteurl', '" . doSlash($urlpath) . "') WHERE ID = 1"); echo fbCreate(); }