function get_all_blogs() { global $DBInfo; $blogs = array(); $cache = new Cache_Text('blog', array('hash' => '')); $cache->_caches($blogs); return $blogs; }
function updateBlogList($formatter) { global $DBInfo; $cache = new Cache_Text('blog', array('hash' => '')); $changecache = new Cache_Text('blogchanges', array('hash' => '')); $rule = "@/(\\d*)" . $DBInfo->pageToKeyname('.' . $formatter->page->name) . '$@'; $files = array(); $changecache->_caches($files); foreach ($files as $file) { if (preg_match($rule, $file, $match)) { print $fname; #unlink($fname); } } $body = $formatter->page->get_raw_body(); $lines = explode("\n", $body); $date = 0; $entries = array(); $log = ''; $logs = ''; $key = $DBInfo->pageToKeyname('.' . $formatter->page->name); foreach ($lines as $line) { if (preg_match("/^##norss/i", $line)) { #XXX $changecache->_del($key); return; } if (preg_match("/^(?:{{{)?#!blog\\s+(.*)\\s+(\\d{4}-\\d{2}-\\d{2}T[^ ]+)\\s*(.*)?\$/", $line, $match)) { list($author, $datestamp, $title) = array($match[1], $match[2], $match[3]); $datestamp[10] = ' '; $time = strtotime($datestamp . ' GMT'); $stamp = date('Ymd', $time); if (empty($date)) { $date = $stamp; } if ($stamp != $date) { $log = join("\n", $entries) . "\n"; $logs .= $log; $changecache->update($date . $key, $log); $entries = array(); $date = $stamp; } $entries[] = $date . "\t" . $time . "\t" . $author . "\t" . $datestamp . "\t" . $title; } } $log = join("\n", $entries) . "\n"; if ($stamp) { $changecache->update($stamp . $key, $log); } $logs .= $log; $cache->update($DBInfo->pageToKeyname($formatter->page->name), $logs); return; }
function macro_BlogArchives($formatter, $value, $options = array()) { global $DBInfo; $cache = new Cache_Text('blogchanges', array('hash' => '')); preg_match("/^(?(?=')'([^']+)'|\"([^\"]+)\")?(\\s*,?.*)\$/", $value, $match); if ($match[1] or $match[2]) { $date_fmt = $match[1] ? $match[1] : $match[2]; } else { $date_fmt = 'Y-m'; } $opts = explode(',', $match[3]); $opts = array_map('trim', $opts); if (in_array('list', $opts)) { $bra = '<li>'; $ket = '</li>'; } else { $bra = ''; $ket = "<br/>\n"; } $year = date('Y'); // show only recent two years $rule = "/^(({$year}|" . ($year - 1) . ")\\d{2})\\d{2}/"; $archives = array(); $files = array(); $cache->_caches($files); foreach ($files as $file) { if (preg_match($rule, $file, $match)) { $archives[] = $match[1]; } } $archives = array_unique($archives); rsort($archives); $out = ''; foreach ($archives as $archive) { $year = substr($archive, 0, 4); $month = substr($archive, 4); $datetext = date($date_fmt, mktime(0, 0, 0, $month, 1, $year)); $out .= $bra . $formatter->link_to('?action=blogchanges&date=' . $archive, $datetext) . $ket; } if ($bra) { return '<ul>' . $out . '</ul>'; } return $out; }
function calendar_get_dates($formatter, $date = '', $page = '') { global $DBInfo; $cache = new Cache_Text('blogchanges', array('hash' => '')); if (!$page) { $page = '.*'; } else { $page = $DBInfo->pageToKeyname('.' . $page); } if (!$date) { $date = date('Ym'); } $rule = "/^{$date}(\\d{2})" . $page . "\$/"; $archives = array(); $files = array(); $cache->_caches($files); foreach ($files as $file) { if (preg_match($rule, $file, $match)) { $archives[intval($match[1])] = 1; } } # return array_unique($archives); return $archives; }
$dest = $info[0]; if (!isset($redirects[$dest])) { $redirects[$dest] = array(); } $redirects[$dest][] = $redirect; } } } if ($debug) { var_dump($redirects); } // check redirect invert indices echo "\r", 'Check invert redirect indices', "\n"; $rds = new Cache_Text('redirects'); $files = array(); $rds->_caches($files, array('prefix' => 1)); echo "\r", ' * invert redirect indices = ', count($files), "\n"; $update_redirects = true; $j = 0; foreach ($files as $f) { echo "\r" . $progress[$j % 4]; $j++; // low level _fetch(), _remove() $info = $rds->_fetch($f, 0, $ret); $id = $retval['id']; if (!$found_old && !isset($redirects[$id])) { // already removed $rds->_remove($f); $update_redirects = false; echo "\r", 'remove deleted redirect: ', $id, "\n"; }
function get_temporary_blacklist($all = false) { $dec_octet = '(?:25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]\\d|[0-9])'; $IPv4Address = "{$dec_octet}\\.{$dec_octet}\\.{$dec_octet}\\.{$dec_octet}"; $retval = array(); $ret = array('retval' => &$retval); $infos = array(); if ($all) { $caches = array('abusefilter', 'ipblock'); } else { $caches = array('ipblock'); } foreach ($caches as $cache) { // ip block cache $ac = new Cache_Text($cache); $files = array(); $ac->_caches($files, array('prefix' => 1)); foreach ($files as $f) { // low level _fetch(), _remove() $info = $ac->_fetch($f, 0, $ret); if ($info === false) { $ac->_remove($f); continue; } // ignore some old cache format if (!isset($info['id'])) { continue; } // ignore internal purpose IP if ($info['id'] == '127.0.0.1') { continue; } if ($cache == 'abusefilter' && !preg_match("@^{$IPv4Address}(?:/\\d+)?\$@", $info['id'])) { continue; } $infos[$info['id']] = $info; } } $blocklist = array_keys($infos); $blocked = make_ip_ranges($blocklist); return $blocked; }
function macro_UserInfo($formatter, $value, $options = array()) { global $DBInfo; if ($options['id'] == 'Anonymous' && !empty($options['q']) && empty($DBInfo->use_anonymous_editcount)) { return sprintf(_("You are not allowed to use the \"%s\" macro."), "UserInfo"); } $offset = $off = !empty($options['offset']) ? $options['offset'] : 0; $limit = !empty($options['limit']) ? $options['limit'] : 100; // page $pg = !empty($options['p']) ? $options['p'] : 1; $q = !empty($options['q']) ? trim($options['q']) : ''; $uid = !empty($options['uid']) ? $options['uid'] : ''; $type = !empty($options['type']) ? trim($options['type']) : 'wait'; $act = !empty($options['act']) ? trim($options['act']) : ''; $comment = !empty($options['comment']) ? trim($options['comment']) : ''; if (empty($uid) and !empty($q)) { $uids = (array) $q; } else { $uids = $uid; } if (empty($q) and !empty($uid) and sizeof($uid) == 1) { $q = $uid; } if ($limit > 100) { $limit = 100; } if ($pg > 1) { $off += ($pg - 1) * $limit; } $params = array('offset' => $off, 'limit' => $limit); $retval = array(); $params['retval'] =& $retval; $udb =& $DBInfo->udb; $user =& $DBInfo->user; $members = $DBInfo->members; $ismember = $user->is_member; // set default query string if (!$ismember and empty($q)) { $q = $user->id; if ($q == 'Anonymous') { $q = $_SERVER['REMOTE_ADDR']; } } if (!empty($q) and empty($options['type'])) { $type = 'all'; } $act = strtolower($act); $type = strtolower($type); $strs = array('all' => _("Total %d users found."), 'wait' => _("Total %d Permanently Suspended users found."), 'del' => _("Total %d Deleted users found.")); if (!in_array($type, array('wait', 'del', 'monitor'))) { $type = 'all'; } if (!empty($q)) { $params['q'] = $q; } if (!empty($type)) { $params['type'] = $type; } if (empty($act) and !empty($q)) { if ($udb->_exists($q)) { $type = 'all'; } else { if ($udb->_exists($q, true)) { $params['type'] = $type = 'wait'; } } } if (!empty($q) || $type != 'monitor') { $users = $udb->getUserList($params); $sz = sizeof($users); // not found anonymous IP address if ($sz == 0 and preg_match('@^(\\d{1,3}\\.){3}\\d{1,3}$@', $q)) { $users = array(); $users[$q] = time(); $sz = 1; } } // HACK to make simple message board if (!empty($comment) and empty($q) and $type == 'monitor') { $q = '127.0.0.1'; $sz = 1; $users[$q] = time(); } if ($type != 'monitor') { $title = $strs[$type]; $title = sprintf($title, $retval['count']); } else { $title = _("Contributors Monitor"); } $userinfo = ''; $anchor = ''; $extra = ''; $cur = time(); $min_ttl = !empty($DBInfo->user_suspend_time_default) ? intval($DBInfo->user_suspend_time_default) : 60 * 30; $allowed = $DBInfo->security_class == 'acl' && $DBInfo->security->is_allowed($options['action'], $options); if (!$allowed) { $allowed = in_array($user->id, $DBInfo->owners); } if ($allowed && $type == 'monitor' && $ismember) { $suspend_btn = _("Temporary Suspend User"); $formhead = "<form method='POST' action=''>"; $formtail = ''; if ($DBInfo->security->is_protected('userinfo', $options)) { $formtail = _("Password") . ": <input type='password' name='passwd' /> "; } $formtail .= "<input type='hidden' name='action' value='userinfo' />"; $formtail .= "<input type='hidden' name='type' value='{$type}' />"; $formtail .= "<input type='hidden' name='act' value='pause' />"; $formtail .= _("Summary") . " : <input type='text' size='80' name='comment' />"; $formtail .= "<span class='button'><input class='button' type='submit' name='suspend' value='{$suspend_btn}' /></span> "; $formtail .= "</form>"; // abusefilter cache $ac = new Cache_Text('abusefilter'); // prepare to return $ret = array(); $retval = array(); $ret['retval'] =& $retval; if (!empty($uids) && in_array($act, array('inc', 'dec', 'reset', 'suspend', 'block', 'pause', 'clear'))) { if ($act == 'reset') { // clear abusefilter cache $msgid = _("%s: Reset editting information."); } else { if ($act == 'inc') { // increse TTL $msgid = _("%s: Increse monitoring time period."); } else { if ($act == 'dec') { // reduce TTL $msgid = _("%s: Decrese monitoring time period."); } else { if ($act == 'pause') { // pause more $msgid = _("%s: Temporary pause 30 minutes."); } else { if ($act == 'block') { // block $msgid = _("%s: Temporary Block IP address."); } else { // clear $msgid = _("%s: Clear Suspended state"); } } } } } $change = array(); foreach ($uids as $q) { // fetch monitor information $info = $ac->fetch($q, 0, $ret); $ttl = 0; if ($info === false) { $suspended = false; if ($udb->_exists($q, true)) { $suspended = true; } $uinfo = $udb->getInfo($q, $suspended); $new_info = array('create' => 0, 'delete' => 0, 'revert' => 0, 'save' => 0, 'edit' => 0, 'add_lines' => 0, 'del_lines' => 0, 'add_chars' => 0, 'del_chars' => 0); $new_info['id'] = $q; if (isset($uinfo['remote'])) { $new_info['ip'] = $uinfo['remote']; } $ttl = $min_ttl; } else { $new_info = $info; $ttl = $retval['ttl'] - (time() - $retval['mtime']); $new_info['id'] = $q; } if ($act == 'reset') { // reset edit information $new_info = array_merge($new_info, array('create' => 0, 'delete' => 0, 'revert' => 0, 'save' => 0, 'edit' => 0)); $new_info['suspended'] = false; } else { if ($act == 'clear') { // clear suspended state $new_info['suspended'] = false; $new_info['comment'] = ''; } else { if ($act == 'inc' || $act == 'dec') { if ($ttl < 60 * 30) { $inc = 60 * 30; } else { if ($ttl < 60 * 60) { $inc = 60 * 60; } else { if ($ttl < 60 * 60 * 6) { $inc = 60 * 60 * 6; } else { if ($ttl < 60 * 60 * 12) { $inc = 60 * 60 * 12; } else { if ($ttl < 60 * 60 * 24) { $inc = 60 * 60 * 24; } else { if ($ttl < 60 * 60 * 24 * 7) { $inc = 60 * 60 * 24 * 7; } else { if ($ttl < 60 * 60 * 24 * 14) { $inc = 60 * 60 * 24 * 14; } else { if ($ttl < 60 * 60 * 24 * 30) { $inc = 60 * 60 * 24 * 30; } else { if ($ttl < 60 * 60 * 24 * 30 * 2) { $inc = 60 * 60 * 24 * 30 * 2; } else { $inc = 60 * 60 * 24 * 30 * 6; } } } } } } } } } $inc = max($min_ttl, $inc); $ttl += $act == 'inc' ? $inc : -intval($inc / 2); if ($ttl < 60 * 10) { $ttl = 60 * 10; } else { if ($ttl > 60 * 60 * 24 * 364) { $ttl = 60 * 60 * 24 * 364; } } } else { if ($act == 'pause' || $act == 'block') { $ttl += $min_ttl; // pause and add minimum suspend time (default: 60*30) $new_info['suspended'] = true; if (!empty($comment)) { // add comment $comments = array(); if (!empty($new_info['comment'])) { $comments = explode("\n", $new_info['comment']); } $comments[] = date('Y-m-d H:i', time()) . "\t" . $user->id . "\t" . $comment; if ($q == '127.0.0.1' and sizeof($comments) > 10) { array_shift($comments); } else { if (sizeof($comments) > 5) { array_shift($comments); } } $new_info['comment'] = implode("\n", $comments); } } } } } $ac->update($q, $new_info, $ttl); $change[] = $q; } // make title $title = sprintf($msgid, implode(',', $change)); } $files = array(); $ac->_caches($files, array('prefix' => 1)); $list = '<table class="wiki editinfo">'; $list .= '<tr><th>' . _("ID") . '</th></th><th>' . _("IP") . '</th><th>' . _("Last updated") . '</th>' . '<th>' . _("State") . '</th>' . '<th colspan="2">' . _("TTL") . '</th><th>' . _("Edits") . '</th><th>' . _("actions") . '</th></tr>'; foreach ($files as $f) { // low level _fetch(), _remove() $info = $ac->_fetch($f, 0, $ret); if ($info === false) { $ac->_remove($f); continue; } if (!isset($info['id'])) { continue; } $ttl = $retval['ttl'] - (time() - $retval['mtime']); $tmp = $ttl; $d = intval($tmp / 60 / 60 / 24); $tmp -= $d * 60 * 60 * 24; $h = intval($tmp / 60 / 60); $tmp -= $h * 60 * 60; $m = intval($tmp / 60); $tmp -= $m * 60; $s = $tmp % 60; $ttl_time = ''; if (!empty($d)) { $ttl_time = $d . ' ' . _("days") . ' '; } $ttl_time .= sprintf("%02d:%02d:%02d", $h, $m, $s); $check = array('create' => 'C', 'edit' => 'E', 'save' => 'S', 'delete' => 'X', 'revert' => 'R', 'revoke' => 'V'); $edit = array('add_lines' => 'L+', 'add_chars' => 'C+', 'del_lines' => 'L-', 'del_chars' => 'C-'); $class = array('add_lines' => 'diff-added', 'add_chars' => 'diff-added', 'del_lines' => 'diff-removed', 'del_chars' => 'diff-removed'); $edits = array(); foreach ($check as $c => $k) { if (!empty($info[$c])) { $edits[] = '<span class="' . $c . '"><span>' . $k . '</span>' . '<span class="num">' . $info[$c] . '</span></span>'; } } $out = implode(',', $edits); $edits = array(); foreach ($edit as $c => $k) { if (!empty($info[$c])) { $edits[] = '<span class="' . $class[$c] . '">' . $k . '' . $info[$c] . '</span>'; } } $out .= '<br />' . implode('', $edits); $tag = ''; $permanently_suspended = $udb->_exists($info['id'], true); if ($permanently_suspended) { $tag = '<span style="color:magenta">P</span>'; } $anchor = 'a-' . substr(md5($info['id']), 0, 7); $list .= '<tr><td>'; $list .= '<a name="' . $anchor . '"></a><input type="checkbox" name="uid[]" value="' . $info['id'] . '" />'; $list .= '<a href="?action=userinfo&type=all&q=' . $info['id'] . '"><span>' . $info['id'] . '</span></a></td>'; if (isset($info['ip']) and $info['id'] != $info['ip']) { $list .= '<td>' . $info['ip'] . '</td>'; } else { $list .= '<td> </td>'; } $list .= '<td>' . date('Y-m-d H:i:s', $retval['mtime']) . '</td>'; $list .= '<th>' . $tag . ($info['suspended'] ? "<span style='color:red'>S</span>" : '') . '</th>'; $list .= '<th>' . $ttl_time . '</th>'; $list .= '<td><a href="?action=userinfo&type=monitor' . '&act=inc&q=' . $info['id'] . '"><span>▲</span></a><br />'; $list .= '<a href="?action=userinfo&type=monitor' . '&act=dec&q=' . $info['id'] . '"><span>▼</span></a>'; $list .= '</td>'; $list .= '<td><span class="editinfo">' . $out . '</span></td>'; $list .= '<td>'; $list .= '<a class="button-small" href="?action=userinfo&type=monitor' . '&act=pause&q=' . $info['id'] . '"><span>' . _("Suspend") . '</span></a> '; $list .= '<a class="button-small" href="?action=userinfo&type=monitor' . '&act=reset&q=' . $info['id'] . '"><span>' . _("Reset") . '</span></a> '; $list .= '<a class="button-small" href="?action=userinfo&type=monitor' . '&act=clear&q=' . $info['id'] . '"><span>' . _("Clear") . '</span></a> '; $list .= '<a class="button-small" href="?action=userinfo&type=monitor' . '&act=block&q=' . $info['ip'] . '"><span>' . _("Block IP") . '</span></a> '; $list .= '</td>'; $list .= '</tr>'; if (!empty($info['comment'])) { $comments = explode("\n", $info['comment']); $comment = '<ul>'; foreach ($comments as $c) { list($date, $by, $log) = explode("\t", $c); $comment .= '<li>[' . $date . '] ' . $log . ' --' . $by . '</li>' . "\n"; } $comment .= '</ul>'; $list .= '<tr><td> </td><td colspan="7"><div class="msgboard">' . $comment . '</div></td></tr>'; } } $list .= '</table>'; $extra = '<ul>'; $extra .= '<li>' . '<strong style="color:magenta">P</strong>' . ':' . _("Permanently Suspended") . '</li>'; $extra .= '<li>' . '<strong style="color:red">S</strong>' . ':' . _("Temporary Suspended") . '</li>'; $extra .= '</ul>'; } else { if ($sz == 1 && $allowed) { // abusefilter cache $ac = new Cache_Text('abusefilter'); $actions = array(); if (!empty($DBInfo->userinfo_actions) and is_array($DBInfo->userinfo_actions)) { $actions = $DBInfo->userinfo_actions; } $keys = array_keys($users); $hide_infos = array('bookmark', 'password', 'scrapped_pages', 'quicklinks', 'ticket', 'tz_offset'); $inf = $udb->getInfo($keys[0], $type != 'all'); unset($inf['eticket']); // hide eticket if ($ismember) { $allowed_infos = array_keys($inf); } else { $allowed_infos = array('nick', 'home', 'edit_count', 'edit_add_lines', 'edit_add_chars', 'edit_del_lines', 'edit_del_chars', 'strike_total', 'strikeout_total'); } $addr = !empty($inf['remote']) ? $inf['remote'] : ''; unset($inf['remote']); $anchor = '#a-' . substr(md5($keys[0]), 0, 7); $id_form = ''; $ip_form = ''; if (!empty($actions)) { $url = qualifiedUrl($formatter->link_url($formatter->page->urlname)); $action_form = ' <form style="display:inline;margin:0" method="get" action="' . $url . '">'; $action_form .= '<select name="action" onchange="if (this.selectedIndex != 0) this.form.submit();">'; $action_form .= '<option value="">----</option>'; foreach ($actions as $a) { $action_form .= '<option value="' . $a . '">' . _($a) . "</option>\n"; } $id_form = $action_form . '<input type="hidden" name="q" value="' . _html_escape($keys[0]) . '">' . "</select></form>\n"; $ip_form = $action_form . '<input type="hidden" name="q" value="' . $addr . '">' . "</select></form>\n"; } $list = '<table class="info">'; $list .= '<tr><th>' . _("ID") . '/' . _("IP") . '</th></th><td>' . $keys[0] . $id_form . '</td></tr>'; if (!empty($addr) and $keys[0] != $addr && !in_array($keys[0], $members)) { $list .= '<tr><th>' . _("IP") . '</th></th><td>' . $addr . $ip_form . '</td></tr>'; } if (!empty($DBInfo->use_avatar) && !empty($addr) && !empty($DBInfo->use_uniq_avatar)) { $avatar_type = 'identicon'; if (is_string($DBInfo->use_avatar)) { $avatar_type = $DBInfo->use_avatar; } $avatarlink = qualifiedUrl($formatter->link_url('', '?action=' . $avatar_type . '&seed=')); $uniq_avatar = $DBInfo->use_uniq_avatar; if ($ismember) { $uniq_avatar = 'Y'; } // change avatar after year :> $key = $addr . $uniq_avatar; if (!$ismember) { $key .= $q; } // not a member: show different avatar for login user $crypted = md5($key); $mylnk = preg_replace('/seed=/', 'seed=' . $crypted, $avatarlink); // for user defined avatar $mylnk .= '&user='******'<tr><th>' . _("Avatar") . '</th></th><td><img src="' . $mylnk . '" /></td></tr>'; } foreach ($allowed_infos as $k) { if (!in_array($k, $hide_infos) and !empty($inf[$k])) { $list .= '<tr><th>' . $k . '</th><td>' . $inf[$k] . '</td></tr>'; } } $info = $ac->fetch($keys[0]); if ($info !== false && isset($info['suspended']) and $info['suspended'] == 'true') { $list .= '<tr><th>' . _("Status") . '</th><th style="color:red">' . _("Temporary Suspended") . '</th></tr>'; } $list .= '</table>'; $userinfo = $list; $list = ''; if ($type == 'all') { $btn = _("Delete User"); } else { if ($type == 'del' or $type == 'wait') { $btn = _("Activate User"); } } $suspend_btn = _("Permanently Suspend User"); if (!$ismember && $q == $user->id) { $pause_btn = _("Temporary Suspend Me!"); } else { if ($ismember) { $pause_btn = _("Temporary Suspend User"); } } $comment_btn = _("Comment"); $formhead = "<form method='POST' action=''>"; $formtail = ''; if ($DBInfo->security->is_protected('userinfo', $options)) { $formtail = _("Password") . ": <input type='password' name='passwd' /> "; } $formtail .= "<input type='hidden' name='action' value='userinfo' />"; $formtail .= "<input type='hidden' name='type' value='{$type}' />"; $formtail .= "<input type='hidden' name='uid' value='{$keys['0']}' />"; // comments $mb = new Cache_Text('msgboard'); if (($info = $mb->fetch($q, 0, $ret)) !== false) { if (!empty($info['comment'])) { $comments = explode("\n", $info['comment']); $comment = '<ul>'; foreach ($comments as $c) { list($date, $by, $log) = explode("\t", $c); $comment .= '<li>[' . $date . '] ' . $log . ' --' . $by . '</li>' . "\n"; } $comment .= '</ul>'; $formtail .= '<div class="msgboard">' . $comment . '</div>'; } } // send comment $formtail .= "<div>" . _("Message") . ": <input type='text' name='comment' size='80' /> </div>"; if (($ismember or $q == $user->id) && $type == 'all') { $formtail .= "<span class='button'><input class='button' type='submit' name='pause' value='{$pause_btn}' /></span> "; } if ($ismember && $type != 'wait') { $formtail .= "<span class='button'><input class='button' type='submit' name='suspend' value='{$suspend_btn}' /></span> "; } if ($ismember) { $formtail .= "<span class='button'><input class='button' type='submit' value='{$btn}' /></span> "; } $formtail .= "<span class='button'><input class='button' type='submit' name='comment_btn' value='{$comment_btn}' /></span> "; $formtail .= "</form>"; // do not show form for non members //if (!$ismember) // $formtail = $formhead = ''; } else { if ($allowed && $ismember) { $names = array_keys($users); $pages = intval($retval['count'] / $limit); $query = '?action=userinfo'; if ($limit != 100) { $query .= '&limit=' . $limit; } if (!empty($offset)) { $query .= '&offset=' . $offset; } // paginate $pnut = ''; if ($pages > 0) { $pnut = get_pagelist($formatter, $pages, $query . '&p=', $pg); } for ($i = 0; $i < $limit && $i < $sz; $i++) { $u = $names[$i]; $mtime = $users[$u]; $test = $cur - $mtime; if ($test > 60 * 60 * 24 * 365 * 2) { $color = '#c0c0c0'; } else { if ($test > 60 * 60 * 24 * 365) { $color = 'blue'; } else { if ($test > 60 * 60 * 24 * 30 * 6) { $color = 'green'; } else { if ($test > 60 * 60 * 24 * 30) { $color = '#ff00ff'; } else { $color = '#ff0000'; } } } } $date = date("Y-m-d H:i:s", $mtime); $list .= '<li><input type="checkbox" name="uid[]" value="' . $u . '"/>' . '<a href="?action=userinfo&type=' . $type . '&q=' . $u . '">' . $u . "</a> (<span style='color:" . $color . "'>" . $date . "</span>)</li>\n"; } $list = "<ul>\n" . $list . "</ul>\n"; $formhead = "<form method='POST' action=''>"; $formtail = ''; if ($type == 'all') { $btn = _("Delete Users"); } else { if ($type == 'del' or $type == 'wait') { $btn = _("Activate Users"); } } if ($type != 'wait') { $btn2 = _("Permanently Suspend Users"); } if ($DBInfo->security->is_protected('userinfo', $options)) { $formtail = _("Password") . ": <input type='password' name='passwd' /> "; } $formtail .= "<input type='hidden' name='action' value='userinfo' />" . "<input type='hidden' name='type' value='{$type}' />" . "<span class='button'><input class='button' type='submit' value='{$btn}' /></span> "; if ($type != 'wait') { $formtail .= "<span class='button'><input class='button' type='submit' name='suspend' value='{$btn2}' /></span> "; } $formtail .= "</form>"; $select = "<select name='type'>\n"; foreach (array('ALL' => 'all', 'WAIT' => 'wait', 'DELETED' => 'del') as $k => $v) { if ($type == $v) { $checked = ' selected="selected"'; } else { $checked = ''; } $select .= "<option value='{$v}'{$checked}>{$k}</option>"; } $select .= "</select>"; $formtail .= "<form method='GET'>" . $select . "<input type='hidden' name='action' value='userinfo' />" . "<input type='text' name='q' value='' placeholder='Search' />"; $formtail .= "</form>"; $formtail .= $pnut; } else { if (!empty($DBInfo->use_userinfo)) { foreach ($users as $u => $v) { $list .= '<li>' . $u . "</li>\n"; } } else { $list .= '<li>' . _("User infomation is restricted by wikimaster") . "</li>\n"; } $list = '<ul>' . "\n" . $list . '</ul>' . "\n"; } } } if ($allowed && $ismember) { if ($type != 'monitor') { $extra .= '<a href="?action=userinfo&type=monitor' . $anchor . '" class="button"><span>' . _("Contributors Monitor") . "</span></a>"; } else { $extra .= '<a href="?action=userinfo" class="button"><span>' . _("Permanently Suspended Users") . "</span></a> " . '<a href="?action=userinfo&type=monitor" class="button"><span>' . _("Refresh") . "</span></a>"; } } return "<h2>" . $title . "</h2>\n" . $userinfo . $formhead . $list . $formtail . $extra; }
function do_aclinfo($formatter, $options) { global $DBInfo; if ($DBInfo->security_class == 'acl') { $ret = $DBInfo->security->get_acl('aclinfo', $options); if (is_array($ret)) { list($allowed, $denied, $protected) = $ret; } } else { $options['msg'] = _("ACL is not enabled on this Wiki"); do_invalid($formatter, $options); return; } $u = $DBInfo->user; if (isset($options['get']) && $options['get'] > 0) { if (!in_array($u->id, $DBInfo->owners)) { $options['get'] = 1; } header('Content-Type: text/plain'); if ($options['get'] == 1) { $ac = new Cache_Text('aux_acl'); } else { $ac = new Cache_Text('acl'); } $files = array(); $ac->_caches($files, array('prefix' => 1)); // prepare to return $ret = array(); $retval = array(); $ret['retval'] =& $retval; $acls = array(); $cur = time(); foreach ($files as $f) { // low level _fetch(), _remove() $info = $ac->_fetch($f, 0, $ret); if ($info === false) { $ac->_remove($f); continue; } $ttl = ''; if (!empty($retval['ttl'])) { $ttl = $retval['ttl'] - ($cur - $retval['mtime']); $ttl = "\t" . $ttl; } foreach ($info as $g => $types) { foreach ($types as $type => $v) { if (!is_array($v)) { continue; } if (!isset($acls[$g])) { $acls[$g] = array(); } $acls[$g][$retval['id']] = $g . "\t" . $type . "\t" . implode(',', $v) . $ttl; } } } foreach ($acls as $g => $acl) { ksort($acl); foreach ($acl as $id => $entry) { echo $id, "\t", $entry, "\n"; } } return; } $formatter->send_header('', $options); $options['.title'] = sprintf(_("ACL Information of '%s'."), _html_escape($options['page'])); if ($u->is_member) { if (method_exists($DBInfo->security, 'get_page_acl')) { $groups = array('@ALL', '@User'); // FIXME foreach ($DBInfo->security->group as $group) { preg_match('/^(@[^\\s]+)\\s/', $group, $m); if (isset($m[1])) { $groups[] = $m[1]; } } if (!empty($u->groups)) { $groups = array_merge($groups, $u->groups); $groups = array_unique($groups); } // editable actions $actions = array('savepage', 'deletepage', 'info', 'diff', 'recall', 'revert'); if (!empty($DBInfo->aclinfo_actions)) { $actions = $DBInfo->aclinfo_actions; } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST) && !empty($options['remove'])) { // remove ACL entry $msgs = array(); $page = $options['value']; if (!empty($page)) { $tmp = array_keys($options['remove']); $group = $tmp[0]; if (in_array($group, $groups)) { $acl = array($group => null); $DBInfo->security->add_page_acl($page, $acl); } } } else { if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST)) { $msgs = array(); $page = !empty($options['value']) ? $options['value'] : $formatter->page->name; $group = $options['group']; $type = $options['type']; $acts = (array) $options['act']; $ttl = (int) $options['ttl']; // Simple ACL mode. if (isset($options['control'])) { if (empty($group)) { $group = array(); } $options['.call'] = 1; $cur = macro_AclInfo($formatter, '', $options); $changed_groups = array_flip($group); // only owners can change member's permissions if (!in_array($u->id, $DBInfo->owners)) { unset($cur['@Member']); unset($changed_groups['@Member']); } foreach ($cur as $g => $v) { if (isset($changed_groups[$g])) { if ($v) { // already enabled. no need to allow again unset($changed_groups[$g]); } else { $changed_groups[$g] = 'allow'; } } else { // denied if ($v) { $changed_groups[$g] = 'deny'; } } } } if (!empty($changed_groups)) { $selected_groups = array(); foreach ($changed_groups as $g => $v) { if ($g == '@Member') { if (!empty($DBInfo->aclinfo_member_group)) { $g = $DBInfo->aclinfo_member_group; } else { continue; } // only owners can change permissions if (in_array($u->id, $DBInfo->owners)) { $selected_groups[$g] = $v; } } else { if ($g == 'Anonymous') { $selected_groups['@Guest'] = $v; } else { if ($g == '@ALL') { $selected_groups[$g] = $v; } else { if (in_array($g, $groups)) { if (in_array($g, $u->groups)) { $selected_groups[$g] = $v; } } } } } } $post_data = array(); foreach ($selected_groups as $g => $v) { $d = array(); $d['group'] = $g; $d['type'] = $v; $d['act'] = $actions; // default actions $d['ttl'] = in_array($u->id, $DBInfo->owners) ? 0 : 3600; // default TTL $post_data[] = $d; } } else { $post_data = array(); $d = array(); $d['group'] = $group; $d['type'] = $type; $d['act'] = $acts; $d['ttl'] = $ttl; $post_data[] = $d; } foreach ($post_data as $d) { $group = $d['group']; $type = $d['type']; $acts = $d['act']; $ttl = $d['ttl']; // check if (!in_array($group, $groups)) { $msgs[] = _("Invalid ACL group name"); } if (empty($type)) { $type = 'deny'; } if (!in_array($u->id, $DBInfo->owners)) { if (!in_array($type, array('deny', 'allow'))) { $type = 'deny'; } if (!in_array($group, array('@ALL', '@Guest', '@User'))) { $group = null; } } if (!in_array($type, array('deny', 'allow'))) { $msgs[] = _("Invalid ACL type"); } if (empty($group)) { $msgs[] = _("Empty ACL group"); } $acts = array_map('strtolower', $acts); $acl_actions = array_map('strtolower', $actions); // check actions $tmp = array(); foreach ($acts as $act) { if (in_array($act, $acl_actions)) { $tmp[] = $act; } } $acts = $tmp; if (!empty($msgs)) { break; } else { if (!empty($page) && !empty($group) && !empty($type) && !empty($acts)) { if ($ttl <= 365) { $ttl = $ttl * 60 * 60 * 24; } $param = array('ttl' => $ttl); $acl = array($group => array($type => $acts, 'ttl' => $ttl, 'mtime' => time(), '.editor' => $u->id)); $DBInfo->security->add_page_acl($page, $acl, $param); } else { $options['title'] = _("Fail to add ACL"); } } } if (!empty($msgs)) { $all_msg = implode(', ', $msgs); if ($options['title']) { $options['title'] .= ': ' . $all_msg; } else { $options['title'] = $all_msg; } } else { $options['title'] = _("ACL entries added!"); } } } $formatter->send_title('', '', $options); $retval = array(); $opts = array('retval' => &$retval); $acl = $DBInfo->security->get_page_acl($options['page'], $opts); if ($acl !== false) { $form_header = $form_footer = ''; $form_th = ''; if (isset($retval['ttl'])) { $form_header = '<form method="POST"><input type="hidden" name="action" value="aclinfo" />'; $form_header .= '<input type="hidden" name="value" value="' . _html_escape($options['page']) . '">'; $form_footer = '</form>'; $form_th = '<th>' . _("Control") . '</th><th>' . _("Last-modified By") . '</th>'; } echo $form_header; echo '<table class="wiki"><tr><th style="white-space:nowrap">', _("ACL Group"), "</th><th>", _("Type"), "</th><th>", _("Actions"), "</th>", $form_th, "</tr>\n"; foreach ($acl as $group => $entry) { $editor = $entry['.editor']; $ttl_time = ''; if (!empty($entry['ttl'])) { $ttl = $entry['ttl']; $mtime = $entry['mtime']; $ttl = $ttl - (time() - $mtime); $tmp = $ttl; $d = intval($tmp / 60 / 60 / 24); $tmp -= $d * 60 * 60 * 24; $h = intval($tmp / 60 / 60); $tmp -= $h * 60 * 60; $m = intval($tmp / 60); $tmp -= $m * 60; $s = $tmp % 60; $ttl_time = ''; if (!empty($d)) { $ttl_time = $d . ' ' . _("days") . ' '; } else { $ttl_time = sprintf("%02d:%02d:%02d", $h, $m, $s); } } else { if (isset($entry['ttl'])) { $ttl_time = '<span></span>'; } } foreach ($entry as $type => $v) { if (!is_array($v)) { continue; } echo "<tr><th>", $group, "</th>"; echo '<th>', $type, '</th><td>', implode(', ', $v), '</td>'; if (!empty($form_th)) { if (!empty($ttl_time)) { echo '<td>', $ttl_time, ' <input type="submit" name="remove[' . $group . ']" value="Delete" /></td>'; } else { echo '<td></td>'; } echo '<td>' . sprintf(_("%s"), $editor) . '</td>'; } echo "</tr>\n"; } } echo '</table>', "\n"; echo $form_footer; } $group_select = '<select name="group"><option>-- ' . _("Group") . ' --</option>'; foreach ($groups as $g) { $selected = $g == '@ALL' ? ' selected="selected"' : ''; $group_select .= '<option value="' . $g . '"' . $selected . '>' . $g . '</option>'; } $group_select .= '</select>' . "\n"; $ttls = array(1800 => '30 minutes', 3600 => '1 hour', 7200 => '2 hours', 10800 => '3 hours', 21600 => '6 hours', 43200 => '12 hours', 1 => '1 day', 2 => '2 days', 7 => '7 days', 30 => '1 month', 365 => '1 year'); $ttl_select = '<select name="ttl"><option>-- ' . _("TTL") . ' --</option>'; foreach ($ttls as $time => $str) { $ttl_select .= '<option value="' . $time . '">' . $str . '</option>'; } $ttl_select .= '</select>' . "\n"; $type_select = '<select name="type"><option>-- ' . _("Type") . ' --</option>'; $type_select .= '<option value="allow">allow</option>'; $type_select .= '<option value="deny" selected="selected">deny</option>'; $type_select .= '</select>'; // $type_select = '<input type="hidden" name="type" value="deny" />deny'; $action_list = ''; foreach ($actions as $act) { $action_list .= '<input type="checkbox" name="act[]" value="' . $act . '" checked="checked" />' . $act . ' '; } $form = '<form method="POST">'; $form .= '<input type="hidden" name="action" value="aclinfo" />'; $form .= '<input type="hidden" name="value" value="' . _html_escape($options['page']) . '" />'; $form .= $group_select; $form .= $type_select; $form .= $action_list; $form .= $ttl_select; $form .= '<input type="submit" value="Add ACL" />'; $form .= '</form>'; echo $form; } } else { $formatter->send_title('', '', $options); } $test = false; if ($test && $u->is_member) { $params = array('page' => $options['page'], 'id' => 'Anonymous'); $ret = $DBInfo->security->get_acl('aclinfo', $params); if (is_array($ret)) { list($allowed, $denied, $protected) = $ret; $title = '<h2>' . _("ACL Information of an Anonymous user.") . '</h2>'; show_acl_table($title, $allowed, $denied, $protected); } } else { $title = '<h2>' . _("ACL Information.") . '</h2>'; show_acl_table($title, $allowed, $denied, $protected); } $formatter->send_footer('', $options); return; }