Example #1
0
$db = new database();
if (!$db->connect_db($dbhost, $dbuser, $dbpass)) {
    die('Database connection problem.');
}
if (!$db->select_db($dbname)) {
    die('Database connection problem.');
}
date_default_timezone_set(Config::GetSetting("defaultTimezone"));
// Error Handling (our error handler requires a DB connection
set_error_handler(array(new Debug(), "ErrorHandler"));
// Define an auto-load function
spl_autoload_register(function ($class) {
    Kit::ClassLoader($class);
});
// Define the VERSION
Config::Version();
// Deal with HTTPS/STS config
if (Kit::isSSL()) {
    Kit::IssueStsHeaderIfNecessary();
} else {
    if (Config::GetSetting('FORCE_HTTPS', 0) == 1) {
        $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
        header("Location: {$redirect}");
        exit;
    }
}
// What is the production mode of the server?
if (Config::GetSetting('SERVER_MODE') == 'Test') {
    ini_set('display_errors', 1);
}
// Debugging?
Example #2
0
 public function Step8()
 {
     PDOConnect::init();
     // Define the VERSION
     Config::Version();
     Theme::Set('form_action', 'index.php?q=login');
     Theme::Set('about_url', 'index.php?p=index&q=About');
     Theme::Set('source_url', Theme::SourceLink());
     // Message (either from the URL or the session)
     Theme::Set('login_message', sprintf(__("%s was successfully installed. Please log-in with the user details you chose earlier."), Theme::GetConfig('app_name')));
     Theme::Render('login_page');
     // Install files
     Media::installAllModuleFiles();
     // Delete install
     if (!unlink('install.php')) {
         throw new Exception(__("Unable to delete install.php. Please ensure the webserver has permission to unlink this file and retry"));
     }
     exit;
 }
Example #3
0
 /**
  * Returns the Xibo Server version information
  * @return <type>
  */
 public function Version()
 {
     $version = Config::Version();
     Debug::LogEntry('audit', 'Called Version');
     $xmlDoc = new DOMDocument();
     $xmlElement = $xmlDoc->createElement('version');
     foreach ($version as $key => $value) {
         $xmlElement->setAttribute($key, $value);
     }
     return $this->Respond($xmlElement);
 }
Example #4
0
 /**
  * PHONE_HOME if required
  */
 private function PhoneHome()
 {
     if (Config::GetSetting('PHONE_HOME') == 'On') {
         // Find out when we last PHONED_HOME :D
         // If it's been > 28 days since last PHONE_HOME then
         if (Config::GetSetting('PHONE_HOME_DATE') < time() - 60 * 60 * 24 * 28) {
             try {
                 $dbh = PDOConnect::init();
                 // Retrieve number of displays
                 $sth = $dbh->prepare('SELECT COUNT(*) AS Cnt FROM `display` WHERE `licensed` = 1');
                 $sth->execute();
                 $PHONE_HOME_CLIENTS = $sth->fetchColumn();
                 // Retrieve version number
                 $PHONE_HOME_VERSION = Config::Version('app_ver');
                 $PHONE_HOME_URL = Config::GetSetting('PHONE_HOME_URL') . "?id=" . urlencode(Config::GetSetting('PHONE_HOME_KEY')) . "&version=" . urlencode($PHONE_HOME_VERSION) . "&numClients=" . urlencode($PHONE_HOME_CLIENTS);
                 if ($this->isAuditing == 1) {
                     Debug::LogEntry("audit", "PHONE_HOME_URL " . $PHONE_HOME_URL, "xmds", "RequiredFiles");
                 }
                 // Set PHONE_HOME_TIME to NOW.
                 $sth = $dbh->prepare('UPDATE `setting` SET `value` = :time WHERE `setting`.`setting` = :setting LIMIT 1');
                 $sth->execute(array('time' => time(), 'setting' => 'PHONE_HOME_DATE'));
                 @file_get_contents($PHONE_HOME_URL);
                 if ($this->isAuditing == 1) {
                     Debug::Audit("PHONE_HOME [OUT]", $this->displayId);
                 }
             } catch (Exception $e) {
                 Debug::Error($e->getMessage(), $this->displayId);
                 return false;
             }
         }
     }
 }
Example #5
0
 /**
  * Upgrade a Layout between schema versions
  * @param int $layoutId
  * @param int $resolutionId
  * @param int $scaleContent
  * @return bool
  */
 public function upgrade($layoutId, $resolutionId, $scaleContent)
 {
     // Get the Layout XML
     $this->SetDomXml($layoutId);
     // Get the Schema Versions
     $layoutVersion = (int) $this->DomXml->documentElement->getAttribute('schemaVersion');
     $width = (int) $this->DomXml->documentElement->getAttribute('width');
     $height = (int) $this->DomXml->documentElement->getAttribute('height');
     $color = $this->DomXml->documentElement->getAttribute('bgcolor');
     $version = Config::Version('XlfVersion');
     // Get some more info about the layout
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT backgroundImageId FROM `layout` WHERE layoutId = :layoutId');
         $sth->execute(array('layoutId' => $layoutId));
         // Look up the bg image from the media id given
         if (!($row = $sth->fetch())) {
             $this->ThrowError(__('Unable to get the Layout information'));
         }
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
     Debug::Audit('Updating layoutId: ' . $layoutId . ' from version: ' . $layoutVersion . ' to: ' . $version);
     // Upgrade
     $this->delayFinalise = true;
     // Set the background
     $this->SetBackground($layoutId, $resolutionId, $color, $row['backgroundImageId']);
     // Get the Layout XML again (now that we have set the background)
     $this->SetDomXml($layoutId);
     // Get the Width and Height back out
     $updatedWidth = (int) $this->DomXml->documentElement->getAttribute('width');
     $updatedHeight = (int) $this->DomXml->documentElement->getAttribute('height');
     // Work out the ratio
     $ratio = min($updatedWidth / $width, $updatedHeight / $height);
     // Get all the regions.
     foreach ($this->GetRegionList($layoutId) as $region) {
         // New region object each time, because the region stores the layout xml
         $regionObject = new Region();
         $regionObject->delayFinalise = $this->delayFinalise;
         // Work out a new width and height
         $newWidth = $region['width'] * $ratio;
         $newHeight = $region['height'] * $ratio;
         $newTop = $region['top'] * $ratio;
         $newLeft = $region['left'] * $ratio;
         $regionObject->EditRegion($layoutId, $region['regionid'], $newWidth, $newHeight, $newTop, $newLeft, $region['name']);
         if ($scaleContent == 1) {
             Debug::Audit('Updating the scale of media in regionId ' . $region['regionid']);
             // Also update the width, height and font-size on each media item
             foreach ($regionObject->GetMediaNodeList($layoutId, $region['regionid']) as $mediaNode) {
                 // Run some regular expressions over each, to adjust the values by the ratio we have calculated.
                 // widths
                 $mediaId = $mediaNode->getAttribute('id');
                 $lkId = $mediaNode->getAttribute('lkid');
                 $mediaType = $mediaNode->getAttribute('type');
                 // Create a media module to handle all the complex stuff
                 $tmpModule = ModuleFactory::load($mediaType, $layoutId, $region['regionid'], $mediaId, $lkId);
                 // Get the XML
                 $mediaXml = $tmpModule->asXml();
                 // Replace widths
                 $mediaXml = preg_replace_callback('/width:(.*?)/', function ($matches) use($ratio) {
                     return "width:" . $matches[1] * $ratio;
                 }, $mediaXml);
                 // Replace heights
                 $mediaXml = preg_replace_callback('/height:(.*?)/', function ($matches) use($ratio) {
                     return "height:" . $matches[1] * $ratio;
                 }, $mediaXml);
                 // Replace fonts
                 $mediaXml = preg_replace_callback('/font-size:(.*?)px;/', function ($matches) use($ratio) {
                     return "font-size:" . $matches[1] * $ratio . "px;";
                 }, $mediaXml);
                 // Save this new XML
                 $tmpModule->SetMediaXml($mediaXml);
             }
         }
     }
     $this->delayFinalise = false;
     $this->SetValid($layoutId);
     return true;
 }
Example #6
0
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with Xibo.  If not, see <http://www.gnu.org/licenses/>.
 */
DEFINE('XIBO', true);
include_once "lib/xmds.inc.php";
$method = Kit::GetParam('method', _REQUEST, _WORD, '');
$service = Kit::GetParam('service', _REQUEST, _WORD, 'rest');
$response = Kit::GetParam('response', _REQUEST, _WORD, 'xml');
$version = Kit::GetParam('v', _REQUEST, _INT, 3);
$serviceResponse = new XiboServiceResponse();
// Version Request?
if (isset($_GET['what'])) {
    die(Config::Version('XmdsVersion'));
}
// Is the WSDL being requested.
if (isset($_GET['wsdl']) || isset($_GET['WSDL'])) {
    $serviceResponse->WSDL($version);
}
// Is the XRDS being requested
if (isset($_GET['xrds'])) {
    $serviceResponse->XRDS();
}
if (defined('XMDS')) {
    $service = 'soap';
}
// We need a theme
new Theme(new User());
// Check to see if we are going to consume a service (if we came from xmds.php then we will always use the SOAP service)
Example #7
0
 public function EditBackground($layoutid, $bg_color, $bg_image, $width, $height, $resolutionId, $zindex = NULL)
 {
     //Load the XML for this layout
     $xml = new DOMDocument("1.0");
     $xml->loadXML($this->GetLayoutXml($layoutid));
     //Alter the background properties
     $xml->documentElement->setAttribute("background", $bg_image);
     $xml->documentElement->setAttribute("bgcolor", $bg_color);
     $xml->documentElement->setAttribute('width', $width);
     $xml->documentElement->setAttribute('height', $height);
     $xml->documentElement->setAttribute('resolutionid', $resolutionId);
     $xml->documentElement->setAttribute("schemaVersion", Config::Version('XlfVersion'));
     if ($zindex != NULL && $zindex != 0) {
         $xml->documentElement->setAttribute('zindex', $zindex);
     } else {
         $xml->documentElement->removeAttribute('zindex');
     }
     // Convert back to XML
     if (!$this->SetLayoutXml($layoutid, $xml->saveXML())) {
         return false;
     }
     // Update layout status
     $layout = new Layout($this->db);
     $layout->delayFinalise = $this->delayFinalise;
     $layout->SetValid($layoutid);
     // Its swapped
     return true;
 }
Example #8
0
 /**
  * Login a user
  * @return 
  * @param $username Object
  * @param $password Object
  */
 function login($username, $password)
 {
     $db =& $this->db;
     Kit::ClassLoader('userdata');
     if (Config::Version('DBVersion') < 62) {
         // We can't do CSPRNG because the field doesn't exist, so we need to do standard user login
         // This can ONLY happen during an upgrade.
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT UserID, UserName, UserPassword, UserTypeID FROM `user` WHERE UserName = :userName');
         $sth->execute(array('userName' => $username));
         $rows = $sth->fetchAll();
         if (count($rows) != 1) {
             setMessage(__('Username or Password incorrect'));
             return false;
         }
         $userInfo = $rows[0];
         // Check the password using a MD5
         if ($userInfo['UserPassword'] != md5($password)) {
             setMessage(__('Username or Password incorrect'));
             return false;
         }
     } else {
         // Get the SALT for this username
         if (!($userInfo = $db->GetSingleRow(sprintf("SELECT UserID, UserName, UserPassword, UserTypeID, CSPRNG FROM `user` WHERE UserName = '******'", $db->escape_string($username))))) {
             setMessage(__('Username or Password incorrect'));
             return false;
         }
         // User Data Object to check the password
         $userData = new Userdata($db);
         // Is SALT empty
         if ($userInfo['CSPRNG'] == 0) {
             // Check the password using a MD5
             if ($userInfo['UserPassword'] != md5($password)) {
                 setMessage(__('Username or Password incorrect'));
                 return false;
             }
             // Now that we are validated, generate a new SALT and set the users password.
             $userData->ChangePassword(Kit::ValidateParam($userInfo['UserID'], _INT), null, $password, $password, true);
         } else {
             // Check the users password using the random SALTED password
             if ($userData->validate_password($password, $userInfo['UserPassword']) === false) {
                 setMessage(__('Username or Password incorrect'));
                 return false;
             }
         }
     }
     // there is a result so we store the userID in the session variable
     $_SESSION['userid'] = Kit::ValidateParam($userInfo['UserID'], _INT);
     $_SESSION['username'] = Kit::ValidateParam($userInfo['UserName'], _USERNAME);
     $_SESSION['usertype'] = Kit::ValidateParam($userInfo['UserTypeID'], _INT);
     // Set the User Object
     $this->usertypeid = $_SESSION['usertype'];
     $this->userid = $_SESSION['userid'];
     // update the db
     // write out to the db that the logged in user has accessed the page
     $SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d", $_SESSION['userid']);
     $db->query($SQL) or trigger_error(__('Can not write last accessed info.'), E_USER_ERROR);
     // Switch Session ID's
     global $session;
     $session->setIsExpired(0);
     $session->RegenerateSessionID(session_id());
     return true;
 }
Example #9
0
 /**
  * Checks that the calling service is talking the correct version
  * @return
  * @param $version Object
  */
 private function CheckVersion($version)
 {
     $db =& $this->db;
     // Look up the Service XMDS version from the Version table
     $serverVersion = Config::Version('XmdsVersion');
     if ($version != $serverVersion) {
         Debug::LogEntry('audit', sprintf('A Client with an incorrect version connected. Client Version: [%s] Server Version [%s]', $version, $serverVersion));
         return false;
     }
     return true;
 }
Example #10
0
 public function Step2()
 {
     Kit::ClassLoader('install');
     // Work out what is involved in this upgrade
     $_SESSION['upgradeFrom'] = Config::Version('DBVersion');
     if ($_SESSION['upgradeFrom'] < 1) {
         $_SESSION['upgradeFrom'] = 1;
     }
     // Get a list of .sql and .php files for the upgrade
     $sql_files = Install::ls('*.sql', 'install/database', false, array('return_files'));
     $php_files = Install::ls('*.php', 'install/database', false, array('return_files'));
     // Sort by natural filename (eg 10 is bigger than 2)
     natcasesort($sql_files);
     natcasesort($php_files);
     $_SESSION['phpFiles'] = $php_files;
     $_SESSION['sqlFiles'] = $sql_files;
     $max_sql = Kit::ValidateParam(substr(end($sql_files), 0, -4), _INT);
     $max_php = Kit::ValidateParam(substr(end($php_files), 0, -4), _INT);
     $_SESSION['upgradeTo'] = max($max_sql, $max_php);
     if (!$_SESSION['upgradeTo']) {
         throw new Exception(__('Unable to calculate the upgradeTo value. Check for non-numeric SQL and PHP files in the "install / database" directory.'));
     }
     if ($_SESSION['upgradeTo'] < $_SESSION['upgradeFrom']) {
         $_SESSION['upgradeTo'] = $_SESSION['upgradeFrom'];
     }
     // Form to collect some information.
     $formFields = array();
     $formButtons = array();
     // Put up an error message if one has been set (and then unset it)
     if ($this->errorMessage != '') {
         Theme::Set('message', $this->errorMessage);
         Theme::Set('prepend', Theme::RenderReturn('message_box'));
         $this->errorMessage == '';
     }
     $formFields[] = FormManager::AddHidden('step', 3);
     $formFields[] = FormManager::AddHidden('upgradeFrom', $_SESSION['upgradeFrom']);
     $formFields[] = FormManager::AddHidden('upgradeTo', $_SESSION['upgradeTo']);
     $formFields[] = FormManager::AddHidden('includes', true);
     $formFields[] = FormManager::AddMessage(sprintf(__('Upgrading from database version %d to %d'), $_SESSION['upgradeFrom'], $_SESSION['upgradeTo']));
     // Loop for $i between upgradeFrom + 1 and upgradeTo.
     // If a php file exists for that upgrade, make an instance of it and call Questions so we can
     // Ask the user for input.
     for ($i = $_SESSION['upgradeFrom'] + 1; $i <= $_SESSION['upgradeTo']; $i++) {
         if (file_exists('install/database/' . $i . '.php')) {
             include_once 'install/database/' . $i . '.php';
             $stepName = 'Step' . $i;
             // Check that a class called Step$i exists
             if (class_exists($stepName)) {
                 $_SESSION['Step' . $i] = new $stepName($this->db);
                 // Call Questions on the object and send the resulting hash to createQuestions routine
                 $questionFields = $this->createQuestions($i, $_SESSION['Step' . $i]->Questions());
                 $formFields = array_merge($formFields, $questionFields);
             } else {
                 $formFields[] = FormManager::AddMessage(sprintf(__('Warning: We included %s.php, but it did not include a class of appropriate name.'), $i));
             }
         }
     }
     $formFields[] = FormManager::AddCheckbox('doBackup', 'I agree I have a valid database backup and can restore it should the upgrade process fail', 0, __('It is important to take a database backup before running the upgrade wizard. A backup is essential for recovering your CMS should there be a problem with the upgrade.'), 'b');
     // Return a rendered form
     Theme::Set('form_action', 'index.php?p=upgrade');
     Theme::Set('form_fields', $formFields);
     Theme::Set('form_buttons', array(FormManager::AddButton(__('Next'))));
     return Theme::RenderReturn('form_render');
 }
Example #11
0
 /**
  * Gets the XML for the specified template id
  * @param <type> $templateId
  */
 private function GetTemplateXml($templateId, $userId)
 {
     try {
         $dbh = PDOConnect::init();
         if ($templateId == 0) {
             // make some default XML
             $xmlDoc = new DOMDocument("1.0");
             $layoutNode = $xmlDoc->createElement("layout");
             $layoutNode->setAttribute("width", 800);
             $layoutNode->setAttribute("height", 450);
             $layoutNode->setAttribute("bgcolor", "#000000");
             $layoutNode->setAttribute("schemaVersion", Config::Version('XlfVersion'));
             $xmlDoc->appendChild($layoutNode);
             $xml = $xmlDoc->saveXML();
         } else {
             // Get the template XML
             $sth = $dbh->prepare('SELECT xml FROM template WHERE templateID = :templateid');
             $sth->execute(array('templateid' => $templateId));
             if (!($row = $sth->fetch())) {
                 $this->ThrowError(__('Unknown template'));
             }
             $xmlDoc = new DOMDocument("1.0");
             $xmlDoc->loadXML($row['xml']);
             $regionNodeList = $xmlDoc->getElementsByTagName('region');
             //get the regions
             foreach ($regionNodeList as $region) {
                 $region->setAttribute('userId', $userId);
             }
             $xml = $xmlDoc->saveXML();
         }
         return $xml;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
Example #12
0
    <?php 
        } else {
            ?>
      <form action="upgrade.php" method="POST">
        <div class="loginbutton"><button type="submit"><?php 
            echo __("Next");
            ?>
 ></button></div>
      </form>
    <?php 
        }
    }
} elseif ($_SESSION['step'] == 2) {
    # Calculate the upgrade
    checkAuth();
    $_SESSION['upgradeFrom'] = Config::Version('DBVersion');
    if ($_SESSION['upgradeFrom'] < 1) {
        $_SESSION['upgradeFrom'] = 1;
    }
    // Get a list of .sql and .php files for the upgrade
    $sql_files = ls('*.sql', 'install/database', false, array('return_files'));
    $php_files = ls('*.php', 'install/database', false, array('return_files'));
    // Sort by natural filename (eg 10 is bigger than 2)
    natcasesort($sql_files);
    natcasesort($php_files);
    $_SESSION['phpFiles'] = $php_files;
    $_SESSION['sqlFiles'] = $sql_files;
    $max_sql = Kit::ValidateParam(substr(end($sql_files), 0, -4), _INT);
    $max_php = Kit::ValidateParam(substr(end($php_files), 0, -4), _INT);
    $_SESSION['upgradeTo'] = max($max_sql, $max_php);
    if (!$_SESSION['upgradeTo']) {