break; case 'recent': $max_num = 2; $step_key = 'recent_step'; $order_key = 'ranking_new_order'; break; } $step_requests = array($step_key => array('i', true, true)); $step_vals = xoonips_admin_get_requests('post', $step_requests); if ($sort_id >= $max_num || $sort_id < 0 || !isset($step_vals[$step_key][$sort_id])) { redirect_header($xoonips_admin['mypage_url'], 3, _AM_XOONIPS_MSG_ILLACCESS); exit; } $sort_step = $step_vals[$step_key][$sort_id]; $config_keys = array($order_key => 's'); $config_values = xoonips_admin_get_configs($config_keys, 'n'); $current_orders = array_map('intval', explode(',', $config_values[$order_key])); // adjust sort_step if ($sort_updown == 'up') { if ($current_orders[$sort_id] - $sort_step < 0) { $sort_step = $current_orders[$sort_id]; } $sort_diff = -$sort_step; } else { if ($current_orders[$sort_id] + $sort_step >= $max_num) { $sort_step = $max_num - $current_orders[$sort_id] - 1; } $sort_diff = $sort_step; } $new_orders = array(); if ($sort_updown == 'up') {
function get_requirements($uid) { $requirements = array('uname', 'email', 'umode', 'uorder', 'rank', 'notify_method', 'notify_mode', 'user_mailok', 'private_item_number_limit', 'private_index_number_limit', 'private_item_storage_limit'); if ($uid == 0) { array_push($requirements, 'pass'); array_push($requirements, 'pass2'); } $keys = array('account_realname_optional' => 'name', 'account_address_optional' => 'address', 'account_division_optional' => 'division', 'account_tel_optional' => 'tel', 'account_company_name_optional' => 'company_name', 'account_country_optional' => 'country', 'account_zipcode_optional' => 'zipcode', 'account_fax_optional' => 'fax'); $config_keys = array(); foreach (array_keys($keys) as $key) { $config_keys[$key] = 's'; } $config_vals = xoonips_admin_get_configs($config_keys, 's'); foreach ($keys as $key => $name) { if ($config_vals[$key] == 'off') { $requirements[] = $name; } } return $requirements; }
function xoonips_admin_system_check_xoonips(&$category) { $module_handler =& xoops_gethandler('module'); $module =& $module_handler->getByDirname('xoonips'); $is_windows = strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'; // version $name = 'XooNIps version'; $res = new XooNIpsAdminSystemCheckResult($name); $version = sprintf('%3.2f', $module->getVar('version', 's') / 100.0); $res->setResult(_XASC_STATUS_OK, $version, _AM_XOONIPS_SYSTEM_CHECK_LABEL_OK); $category->registerResult($res); unset($res); // file upload dir $keys = array('upload_dir' => 's'); $vals = xoonips_admin_get_configs($keys, 'n'); $upload_dir = $vals['upload_dir']; $name = 'File upload directory'; $res = new XooNIpsAdminSystemCheckResult($name); $ans['status'] = _XASC_STATUS_OK; $ans['label'] = $upload_dir; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_OK; $ans['message'] = ''; $ans['etype'] = _XASC_ERRORTYPE_XOONIPS; $ans['error'] = _XASC_STATUS_OK; if (trim($upload_dir) == '') { $ans['status'] = _XASC_STATUS_FAIL; $ans['label'] = '(no value)'; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'You have to set the file upload directory'; $ans['error'] = _XASC_STATUS_FAIL; } // -- check absolute directory if ($ans['error'] == _XASC_STATUS_OK) { if ($is_windows) { // trim drive letter $upload_dir = preg_replace('/^[a-zA-Z]:/', '', $upload_dir); // use '/' file separator $upload_dir = str_replace('\\', '/', $upload_dir); } if ($upload_dir[0] != '/') { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'File upload directory must be absolute path'; $ans['error'] = _XASC_STATUS_FAIL; } } // -- check temporary directory if ($ans['error'] == _XASC_STATUS_OK) { if (preg_match('/^(\\/var\\/tmp|\\/tmp)(\\/.*)?$/', $upload_dir)) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'File upload directory should not locate under temporary directory'; $ans['error'] = _XASC_STATUS_FAIL; } } // -- check XOOPS_ROOT_PATH if ($ans['error'] == _XASC_STATUS_OK) { $pos = strpos($upload_dir, XOOPS_ROOT_PATH); if ($pos === 0) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'File upload directory should not locate under XOOPS_ROOT_PATH'; $ans['error'] = _XASC_STATUS_FAIL; } } // -- check directory if ($ans['error'] == _XASC_STATUS_OK) { if (!is_dir($upload_dir)) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'File upload directory not found'; $ans['error'] = _XASC_STATUS_FAIL; } } // -- check permission if ($ans['error'] == _XASC_STATUS_OK) { if (!is_writable($upload_dir) || !is_readable($upload_dir) || !$is_windows && !is_executable($upload_dir)) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'File upload directory has invalid permission'; $ans['error'] = _XASC_STATUS_FAIL; } } $res->setResult($ans['status'], $ans['label'], $ans['result']); if (!empty($ans['message'])) { $res->setMessage($ans['message']); } if ($ans['error'] != _XASC_STATUS_OK) { $category->setError($ans['etype'], $ans['error']); } $category->registerResult($res); unset($res); // magic file path $keys = array('magic_file_path' => 's'); $vals = xoonips_admin_get_configs($keys, 'n'); $magic_file_path = $vals['magic_file_path']; $name = 'Magic file path'; $res = new XooNIpsAdminSystemCheckResult($name); $ans['status'] = _XASC_STATUS_OK; $ans['label'] = $magic_file_path == '' ? '(empty)' : $magic_file_path; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_OK; $ans['message'] = ''; $ans['etype'] = _XASC_ERRORTYPE_XOONIPS; $ans['error'] = _XASC_STATUS_OK; if (!extension_loaded('fileinfo')) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'PHP extension PECL Fileinfo not loaded'; $ans['etype'] = _XASC_ERRORTYPE_PHP; $ans['error'] = _XASC_STATUS_FAIL; } else { if ($magic_file_path == '') { $finfo = @finfo_open(FILEINFO_MIME); } else { $finfo = @finfo_open(FILEINFO_MIME, $magic_file_path); } if (!$finfo) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'Invalid magic file path'; $ans['error'] = _XASC_STATUS_FAIL; } else { $val = @finfo_file($finfo, __DIR__ . '/index.html'); $val = preg_replace(array('/;.*$/', '/ +.*$/'), array('', ''), $val); if (!in_array($val, array('text/html', 'text/plain'))) { $ans['status'] = _XASC_STATUS_FAIL; $ans['result'] = _AM_XOONIPS_SYSTEM_CHECK_LABEL_FAIL; $ans['message'] = 'Broken magic database'; $ans['error'] = _XASC_STATUS_FAIL; } finfo_close($finfo); } } $res->setResult($ans['status'], $ans['label'], $ans['result']); if (!empty($ans['message'])) { $res->setMessage($ans['message']); } if ($ans['error'] != _XASC_STATUS_OK) { $category->setError($ans['etype'], $ans['error']); } $category->registerResult($res); unset($res); // TODO: proxy }
$ticket_area = 'xoonips_admin_system_basic'; if (!$xoopsGTicket->check(true, $ticket_area, false)) { redirect_header($xoonips_admin['mypage_url'], 3, $xoopsGTicket->getErrors()); exit; } // get requests $post_keys = array('moderator_gid' => array('i', false, true), 'upload_dir' => array('s', false, true), 'magic_file_path' => array('s', false, true)); $post_vals = xoonips_admin_get_requests('post', $post_keys); // set config keys $config_keys = array(); foreach ($post_keys as $key => $attributes) { list($data_type, $is_array, $required) = $attributes; $config_keys[$key] = $data_type; } // get old configs $config_vals = xoonips_admin_get_configs($config_keys, 'e'); function update_block_permissions($old_gid, $new_gid) { // get handlers $gperm_handler =& xoops_gethandler('groupperm'); $module_handler =& xoops_gethandler('module'); $module =& $module_handler->getByDirname('xoonips'); $mid = $module->getVar('mid'); $block_objs =& XoopsBlock::getByModule($mid); foreach ($block_objs as $block_obj) { // find moderator menu block if ($block_obj->getVar('show_func') == 'b_xoonips_moderator_show') { $bid = $block_obj->getVar('bid'); // if old_gid don't have module admin right, // delete the right to access from old_gid. if (!$gperm_handler->checkRight('module_admin', $mid, $old_gid)) {
function pickup_user($uid) { // get user certification mode $config_keys = array('certify_user' => 's'); $config_values = xoonips_admin_get_configs($config_keys, 'n'); $is_certified = $config_values['certify_user'] == 'on' ? false : true; // pickup $xm_handler =& xoonips_gethandler('xoonips', 'member'); return $xm_handler->pickupXoopsUser($uid, $is_certified); }