$db = new database(); if (!$db->connect_db($dbhost, $dbuser, $dbpass)) { die('Database connection problem.'); } if (!$db->select_db($dbname)) { die('Database connection problem.'); } date_default_timezone_set(Config::GetSetting("defaultTimezone")); // Error Handling (our error handler requires a DB connection set_error_handler(array(new Debug(), "ErrorHandler")); // Define an auto-load function spl_autoload_register(function ($class) { Kit::ClassLoader($class); }); // Define the VERSION Config::Version(); // Deal with HTTPS/STS config if (Kit::isSSL()) { Kit::IssueStsHeaderIfNecessary(); } else { if (Config::GetSetting('FORCE_HTTPS', 0) == 1) { $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header("Location: {$redirect}"); exit; } } // What is the production mode of the server? if (Config::GetSetting('SERVER_MODE') == 'Test') { ini_set('display_errors', 1); } // Debugging?
public function Step8() { PDOConnect::init(); // Define the VERSION Config::Version(); Theme::Set('form_action', 'index.php?q=login'); Theme::Set('about_url', 'index.php?p=index&q=About'); Theme::Set('source_url', Theme::SourceLink()); // Message (either from the URL or the session) Theme::Set('login_message', sprintf(__("%s was successfully installed. Please log-in with the user details you chose earlier."), Theme::GetConfig('app_name'))); Theme::Render('login_page'); // Install files Media::installAllModuleFiles(); // Delete install if (!unlink('install.php')) { throw new Exception(__("Unable to delete install.php. Please ensure the webserver has permission to unlink this file and retry")); } exit; }
/** * Returns the Xibo Server version information * @return <type> */ public function Version() { $version = Config::Version(); Debug::LogEntry('audit', 'Called Version'); $xmlDoc = new DOMDocument(); $xmlElement = $xmlDoc->createElement('version'); foreach ($version as $key => $value) { $xmlElement->setAttribute($key, $value); } return $this->Respond($xmlElement); }
/** * PHONE_HOME if required */ private function PhoneHome() { if (Config::GetSetting('PHONE_HOME') == 'On') { // Find out when we last PHONED_HOME :D // If it's been > 28 days since last PHONE_HOME then if (Config::GetSetting('PHONE_HOME_DATE') < time() - 60 * 60 * 24 * 28) { try { $dbh = PDOConnect::init(); // Retrieve number of displays $sth = $dbh->prepare('SELECT COUNT(*) AS Cnt FROM `display` WHERE `licensed` = 1'); $sth->execute(); $PHONE_HOME_CLIENTS = $sth->fetchColumn(); // Retrieve version number $PHONE_HOME_VERSION = Config::Version('app_ver'); $PHONE_HOME_URL = Config::GetSetting('PHONE_HOME_URL') . "?id=" . urlencode(Config::GetSetting('PHONE_HOME_KEY')) . "&version=" . urlencode($PHONE_HOME_VERSION) . "&numClients=" . urlencode($PHONE_HOME_CLIENTS); if ($this->isAuditing == 1) { Debug::LogEntry("audit", "PHONE_HOME_URL " . $PHONE_HOME_URL, "xmds", "RequiredFiles"); } // Set PHONE_HOME_TIME to NOW. $sth = $dbh->prepare('UPDATE `setting` SET `value` = :time WHERE `setting`.`setting` = :setting LIMIT 1'); $sth->execute(array('time' => time(), 'setting' => 'PHONE_HOME_DATE')); @file_get_contents($PHONE_HOME_URL); if ($this->isAuditing == 1) { Debug::Audit("PHONE_HOME [OUT]", $this->displayId); } } catch (Exception $e) { Debug::Error($e->getMessage(), $this->displayId); return false; } } } }
/** * Upgrade a Layout between schema versions * @param int $layoutId * @param int $resolutionId * @param int $scaleContent * @return bool */ public function upgrade($layoutId, $resolutionId, $scaleContent) { // Get the Layout XML $this->SetDomXml($layoutId); // Get the Schema Versions $layoutVersion = (int) $this->DomXml->documentElement->getAttribute('schemaVersion'); $width = (int) $this->DomXml->documentElement->getAttribute('width'); $height = (int) $this->DomXml->documentElement->getAttribute('height'); $color = $this->DomXml->documentElement->getAttribute('bgcolor'); $version = Config::Version('XlfVersion'); // Get some more info about the layout try { $dbh = PDOConnect::init(); $sth = $dbh->prepare('SELECT backgroundImageId FROM `layout` WHERE layoutId = :layoutId'); $sth->execute(array('layoutId' => $layoutId)); // Look up the bg image from the media id given if (!($row = $sth->fetch())) { $this->ThrowError(__('Unable to get the Layout information')); } } catch (Exception $e) { Debug::LogEntry('error', $e->getMessage()); if (!$this->IsError()) { $this->SetError(1, __('Unknown Error')); } return false; } Debug::Audit('Updating layoutId: ' . $layoutId . ' from version: ' . $layoutVersion . ' to: ' . $version); // Upgrade $this->delayFinalise = true; // Set the background $this->SetBackground($layoutId, $resolutionId, $color, $row['backgroundImageId']); // Get the Layout XML again (now that we have set the background) $this->SetDomXml($layoutId); // Get the Width and Height back out $updatedWidth = (int) $this->DomXml->documentElement->getAttribute('width'); $updatedHeight = (int) $this->DomXml->documentElement->getAttribute('height'); // Work out the ratio $ratio = min($updatedWidth / $width, $updatedHeight / $height); // Get all the regions. foreach ($this->GetRegionList($layoutId) as $region) { // New region object each time, because the region stores the layout xml $regionObject = new Region(); $regionObject->delayFinalise = $this->delayFinalise; // Work out a new width and height $newWidth = $region['width'] * $ratio; $newHeight = $region['height'] * $ratio; $newTop = $region['top'] * $ratio; $newLeft = $region['left'] * $ratio; $regionObject->EditRegion($layoutId, $region['regionid'], $newWidth, $newHeight, $newTop, $newLeft, $region['name']); if ($scaleContent == 1) { Debug::Audit('Updating the scale of media in regionId ' . $region['regionid']); // Also update the width, height and font-size on each media item foreach ($regionObject->GetMediaNodeList($layoutId, $region['regionid']) as $mediaNode) { // Run some regular expressions over each, to adjust the values by the ratio we have calculated. // widths $mediaId = $mediaNode->getAttribute('id'); $lkId = $mediaNode->getAttribute('lkid'); $mediaType = $mediaNode->getAttribute('type'); // Create a media module to handle all the complex stuff $tmpModule = ModuleFactory::load($mediaType, $layoutId, $region['regionid'], $mediaId, $lkId); // Get the XML $mediaXml = $tmpModule->asXml(); // Replace widths $mediaXml = preg_replace_callback('/width:(.*?)/', function ($matches) use($ratio) { return "width:" . $matches[1] * $ratio; }, $mediaXml); // Replace heights $mediaXml = preg_replace_callback('/height:(.*?)/', function ($matches) use($ratio) { return "height:" . $matches[1] * $ratio; }, $mediaXml); // Replace fonts $mediaXml = preg_replace_callback('/font-size:(.*?)px;/', function ($matches) use($ratio) { return "font-size:" . $matches[1] * $ratio . "px;"; }, $mediaXml); // Save this new XML $tmpModule->SetMediaXml($mediaXml); } } } $this->delayFinalise = false; $this->SetValid($layoutId); return true; }
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with Xibo. If not, see <http://www.gnu.org/licenses/>. */ DEFINE('XIBO', true); include_once "lib/xmds.inc.php"; $method = Kit::GetParam('method', _REQUEST, _WORD, ''); $service = Kit::GetParam('service', _REQUEST, _WORD, 'rest'); $response = Kit::GetParam('response', _REQUEST, _WORD, 'xml'); $version = Kit::GetParam('v', _REQUEST, _INT, 3); $serviceResponse = new XiboServiceResponse(); // Version Request? if (isset($_GET['what'])) { die(Config::Version('XmdsVersion')); } // Is the WSDL being requested. if (isset($_GET['wsdl']) || isset($_GET['WSDL'])) { $serviceResponse->WSDL($version); } // Is the XRDS being requested if (isset($_GET['xrds'])) { $serviceResponse->XRDS(); } if (defined('XMDS')) { $service = 'soap'; } // We need a theme new Theme(new User()); // Check to see if we are going to consume a service (if we came from xmds.php then we will always use the SOAP service)
public function EditBackground($layoutid, $bg_color, $bg_image, $width, $height, $resolutionId, $zindex = NULL) { //Load the XML for this layout $xml = new DOMDocument("1.0"); $xml->loadXML($this->GetLayoutXml($layoutid)); //Alter the background properties $xml->documentElement->setAttribute("background", $bg_image); $xml->documentElement->setAttribute("bgcolor", $bg_color); $xml->documentElement->setAttribute('width', $width); $xml->documentElement->setAttribute('height', $height); $xml->documentElement->setAttribute('resolutionid', $resolutionId); $xml->documentElement->setAttribute("schemaVersion", Config::Version('XlfVersion')); if ($zindex != NULL && $zindex != 0) { $xml->documentElement->setAttribute('zindex', $zindex); } else { $xml->documentElement->removeAttribute('zindex'); } // Convert back to XML if (!$this->SetLayoutXml($layoutid, $xml->saveXML())) { return false; } // Update layout status $layout = new Layout($this->db); $layout->delayFinalise = $this->delayFinalise; $layout->SetValid($layoutid); // Its swapped return true; }
/** * Login a user * @return * @param $username Object * @param $password Object */ function login($username, $password) { $db =& $this->db; Kit::ClassLoader('userdata'); if (Config::Version('DBVersion') < 62) { // We can't do CSPRNG because the field doesn't exist, so we need to do standard user login // This can ONLY happen during an upgrade. $dbh = PDOConnect::init(); $sth = $dbh->prepare('SELECT UserID, UserName, UserPassword, UserTypeID FROM `user` WHERE UserName = :userName'); $sth->execute(array('userName' => $username)); $rows = $sth->fetchAll(); if (count($rows) != 1) { setMessage(__('Username or Password incorrect')); return false; } $userInfo = $rows[0]; // Check the password using a MD5 if ($userInfo['UserPassword'] != md5($password)) { setMessage(__('Username or Password incorrect')); return false; } } else { // Get the SALT for this username if (!($userInfo = $db->GetSingleRow(sprintf("SELECT UserID, UserName, UserPassword, UserTypeID, CSPRNG FROM `user` WHERE UserName = '******'", $db->escape_string($username))))) { setMessage(__('Username or Password incorrect')); return false; } // User Data Object to check the password $userData = new Userdata($db); // Is SALT empty if ($userInfo['CSPRNG'] == 0) { // Check the password using a MD5 if ($userInfo['UserPassword'] != md5($password)) { setMessage(__('Username or Password incorrect')); return false; } // Now that we are validated, generate a new SALT and set the users password. $userData->ChangePassword(Kit::ValidateParam($userInfo['UserID'], _INT), null, $password, $password, true); } else { // Check the users password using the random SALTED password if ($userData->validate_password($password, $userInfo['UserPassword']) === false) { setMessage(__('Username or Password incorrect')); return false; } } } // there is a result so we store the userID in the session variable $_SESSION['userid'] = Kit::ValidateParam($userInfo['UserID'], _INT); $_SESSION['username'] = Kit::ValidateParam($userInfo['UserName'], _USERNAME); $_SESSION['usertype'] = Kit::ValidateParam($userInfo['UserTypeID'], _INT); // Set the User Object $this->usertypeid = $_SESSION['usertype']; $this->userid = $_SESSION['userid']; // update the db // write out to the db that the logged in user has accessed the page $SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d", $_SESSION['userid']); $db->query($SQL) or trigger_error(__('Can not write last accessed info.'), E_USER_ERROR); // Switch Session ID's global $session; $session->setIsExpired(0); $session->RegenerateSessionID(session_id()); return true; }
/** * Checks that the calling service is talking the correct version * @return * @param $version Object */ private function CheckVersion($version) { $db =& $this->db; // Look up the Service XMDS version from the Version table $serverVersion = Config::Version('XmdsVersion'); if ($version != $serverVersion) { Debug::LogEntry('audit', sprintf('A Client with an incorrect version connected. Client Version: [%s] Server Version [%s]', $version, $serverVersion)); return false; } return true; }
public function Step2() { Kit::ClassLoader('install'); // Work out what is involved in this upgrade $_SESSION['upgradeFrom'] = Config::Version('DBVersion'); if ($_SESSION['upgradeFrom'] < 1) { $_SESSION['upgradeFrom'] = 1; } // Get a list of .sql and .php files for the upgrade $sql_files = Install::ls('*.sql', 'install/database', false, array('return_files')); $php_files = Install::ls('*.php', 'install/database', false, array('return_files')); // Sort by natural filename (eg 10 is bigger than 2) natcasesort($sql_files); natcasesort($php_files); $_SESSION['phpFiles'] = $php_files; $_SESSION['sqlFiles'] = $sql_files; $max_sql = Kit::ValidateParam(substr(end($sql_files), 0, -4), _INT); $max_php = Kit::ValidateParam(substr(end($php_files), 0, -4), _INT); $_SESSION['upgradeTo'] = max($max_sql, $max_php); if (!$_SESSION['upgradeTo']) { throw new Exception(__('Unable to calculate the upgradeTo value. Check for non-numeric SQL and PHP files in the "install / database" directory.')); } if ($_SESSION['upgradeTo'] < $_SESSION['upgradeFrom']) { $_SESSION['upgradeTo'] = $_SESSION['upgradeFrom']; } // Form to collect some information. $formFields = array(); $formButtons = array(); // Put up an error message if one has been set (and then unset it) if ($this->errorMessage != '') { Theme::Set('message', $this->errorMessage); Theme::Set('prepend', Theme::RenderReturn('message_box')); $this->errorMessage == ''; } $formFields[] = FormManager::AddHidden('step', 3); $formFields[] = FormManager::AddHidden('upgradeFrom', $_SESSION['upgradeFrom']); $formFields[] = FormManager::AddHidden('upgradeTo', $_SESSION['upgradeTo']); $formFields[] = FormManager::AddHidden('includes', true); $formFields[] = FormManager::AddMessage(sprintf(__('Upgrading from database version %d to %d'), $_SESSION['upgradeFrom'], $_SESSION['upgradeTo'])); // Loop for $i between upgradeFrom + 1 and upgradeTo. // If a php file exists for that upgrade, make an instance of it and call Questions so we can // Ask the user for input. for ($i = $_SESSION['upgradeFrom'] + 1; $i <= $_SESSION['upgradeTo']; $i++) { if (file_exists('install/database/' . $i . '.php')) { include_once 'install/database/' . $i . '.php'; $stepName = 'Step' . $i; // Check that a class called Step$i exists if (class_exists($stepName)) { $_SESSION['Step' . $i] = new $stepName($this->db); // Call Questions on the object and send the resulting hash to createQuestions routine $questionFields = $this->createQuestions($i, $_SESSION['Step' . $i]->Questions()); $formFields = array_merge($formFields, $questionFields); } else { $formFields[] = FormManager::AddMessage(sprintf(__('Warning: We included %s.php, but it did not include a class of appropriate name.'), $i)); } } } $formFields[] = FormManager::AddCheckbox('doBackup', 'I agree I have a valid database backup and can restore it should the upgrade process fail', 0, __('It is important to take a database backup before running the upgrade wizard. A backup is essential for recovering your CMS should there be a problem with the upgrade.'), 'b'); // Return a rendered form Theme::Set('form_action', 'index.php?p=upgrade'); Theme::Set('form_fields', $formFields); Theme::Set('form_buttons', array(FormManager::AddButton(__('Next')))); return Theme::RenderReturn('form_render'); }
/** * Gets the XML for the specified template id * @param <type> $templateId */ private function GetTemplateXml($templateId, $userId) { try { $dbh = PDOConnect::init(); if ($templateId == 0) { // make some default XML $xmlDoc = new DOMDocument("1.0"); $layoutNode = $xmlDoc->createElement("layout"); $layoutNode->setAttribute("width", 800); $layoutNode->setAttribute("height", 450); $layoutNode->setAttribute("bgcolor", "#000000"); $layoutNode->setAttribute("schemaVersion", Config::Version('XlfVersion')); $xmlDoc->appendChild($layoutNode); $xml = $xmlDoc->saveXML(); } else { // Get the template XML $sth = $dbh->prepare('SELECT xml FROM template WHERE templateID = :templateid'); $sth->execute(array('templateid' => $templateId)); if (!($row = $sth->fetch())) { $this->ThrowError(__('Unknown template')); } $xmlDoc = new DOMDocument("1.0"); $xmlDoc->loadXML($row['xml']); $regionNodeList = $xmlDoc->getElementsByTagName('region'); //get the regions foreach ($regionNodeList as $region) { $region->setAttribute('userId', $userId); } $xml = $xmlDoc->saveXML(); } return $xml; } catch (Exception $e) { Debug::LogEntry('error', $e->getMessage()); if (!$this->IsError()) { $this->SetError(1, __('Unknown Error')); } return false; } }
<?php } else { ?> <form action="upgrade.php" method="POST"> <div class="loginbutton"><button type="submit"><?php echo __("Next"); ?> ></button></div> </form> <?php } } } elseif ($_SESSION['step'] == 2) { # Calculate the upgrade checkAuth(); $_SESSION['upgradeFrom'] = Config::Version('DBVersion'); if ($_SESSION['upgradeFrom'] < 1) { $_SESSION['upgradeFrom'] = 1; } // Get a list of .sql and .php files for the upgrade $sql_files = ls('*.sql', 'install/database', false, array('return_files')); $php_files = ls('*.php', 'install/database', false, array('return_files')); // Sort by natural filename (eg 10 is bigger than 2) natcasesort($sql_files); natcasesort($php_files); $_SESSION['phpFiles'] = $php_files; $_SESSION['sqlFiles'] = $sql_files; $max_sql = Kit::ValidateParam(substr(end($sql_files), 0, -4), _INT); $max_php = Kit::ValidateParam(substr(end($php_files), 0, -4), _INT); $_SESSION['upgradeTo'] = max($max_sql, $max_php); if (!$_SESSION['upgradeTo']) {