function main_page($in_dev_mode, $time_remaining = 0) { global $page; if ($in_dev_mode) { $page->output_alert("CloudFlare is currently in development mode. This will expire in " . gmdate("H:i:s", $time_remaining)); } $form = new Form('index.php?module=cloudflare-dev_mode&action=change', 'post'); $form_container = new FormContainer('Change development mode'); $form_container->output_row('Development Mode', "This will bypass CloudFlare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away.", $form->generate_on_off_radio('dev_mode', $in_dev_mode ? 1 : 0)); $form_container->end(); $buttons[] = $form->generate_submit_button('Submit'); $form->output_submit_wrapper($buttons); $form->end(); }
function restfulapi_admin_load() { global $mybb, $db, $page, $lang, $cache; if ($page->active_action == RESTFULAPI_URL) { $page->add_breadcrumb_item($lang->restfulapi_title); $page->output_header($lang->restfulapi_title); $result = $db->simple_select("apisettings"); $action = "config"; if (isset($mybb->input["action"]) && in_array($mybb->input["action"], array("manage-keys", "add-key"))) { $action = $mybb->input["action"]; } $navs = array("config" => array("link" => "index.php?module=config-" . RESTFULAPI_URL, "title" => $lang->restfulapi_config, "description" => $lang->restfulapi_config_description), "manage-keys" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys", "title" => $lang->restfulapi_manage_api_keys, "description" => $lang->restfulapi_manage_api_keys_description), "add-key" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "title" => $lang->restfulapi_add_api_key, "description" => $lang->restfulapi_add_api_key_description)); $page->output_nav_tabs($navs, $action); switch ($action) { case "manage-keys": if (isset($mybb->input["do"]) && in_array($mybb->input["do"], array("regenerate", "edit", "delete"))) { $do = $mybb->input["do"]; if ($do == "edit" && isset($mybb->input["key_id"]) && is_string($mybb->input["key_id"])) { $key_id = (int) $db->escape_string($mybb->input["key_id"]); $result = $db->simple_select("apikeys", "*", "id='{$key_id}'"); if ($result->num_rows != 1) { flash_message($lang->restfulapi_key_not_found, "error"); admin_redirect("index.php?module=config-restfulapi&action=manage-keys"); exit; } if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) { $update = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"]))); $db->update_query("apikeys", $update, "id='{$key_id}'"); $db->delete_query("apipermissions", "apikey='{$key_id}'"); if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) { $insert_allowed = array(); foreach ($mybb->input["apinames"] as $apiname) { $insert_allowed[] = array("apikey" => $key_id, "apiname" => $db->escape_string($apiname)); } $db->insert_query_multiple("apipermissions", $insert_allowed); } restfulapi_cache_rebuild(); flash_message($lang->restfulapi_key_edited_successfully, "success"); admin_redirect("index.php?module=config-restfulapi&action=manage-keys"); } else { $keyset = $result->fetch_array(); $form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys&do=edit&key_id={$key_id}", "post", "edit"); $form_container = new FormContainer($lang->restfulapi_edit_api_key); $form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', htmlspecialchars_uni($keyset["apicustomer"]), array('id' => 'apicustomer')), 'apicustomer'); $rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month); $form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', htmlspecialchars_uni($keyset["maxreq"]), array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, htmlspecialchars_uni($keyset["maxreqrate"]), array('id' => 'maxreqrate')), 'maxreq'); $form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', htmlspecialchars_uni($keyset["apicomment"]), array('id' => 'apicomment')), 'apicomment'); $apis = glob(RESTFULAPI_PATH . "api/*api.class.php"); $presentable_apis = array(); foreach ($apis as $key => $value) { $value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value)); $presentable_apis[$value] = $value; } $selected = array(); // reminder, $key_id has already been escaped! $result = $db->simple_select("apipermissions", "*", "apikey='{$key_id}'"); while ($apipermission = $db->fetch_array($result)) { $selected[] = $apipermission["apiname"]; } $form_container->output_row($lang->restfulapi_select_allowed_apis, $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, $selected, array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames'); $form_container->end(); $buttons[] = $form->generate_submit_button($lang->restfulapi_edit_api_key); $form->output_submit_wrapper($buttons); $form->end(); } } elseif ($do == "delete" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) { $key_id = $db->escape_string($mybb->input["key_id"]); if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) { $db->delete_query("apipermissions", "apikey='{$key_id}'"); $db->delete_query("apikeys", "id='{$key_id}'"); restfulapi_cache_rebuild(); flash_message($lang->restfulapi_key_deleted_successfully, "success"); } else { flash_message($lang->restfulapi_key_not_found, "error"); } admin_redirect("index.php?module=config-restfulapi&action=manage-keys"); } elseif ($do == "regenerate" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) { $key_id = $db->escape_string($mybb->input["key_id"]); if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) { $apikey = restfulapi_generate_key(); /* can't figure out a better way to generate a random yet never-generated-before API key than this one */ while ($db->simple_select("apikeys", "*", "apikey='{$apikey}'")->num_rows != 0) { $apikey = restfulapi_generate_key(); } $update = array("apikey" => $db->escape_string(htmlspecialchars_uni($apikey))); $db->update_query("apikeys", $update, "id='{$key_id}'"); restfulapi_cache_rebuild(); flash_message($lang->restfulapi_key_regenerated_successfully, "success"); } else { flash_message($lang->restfulapi_key_not_found, "error"); } admin_redirect("index.php?module=config-restfulapi&action=manage-keys"); } } else { $restfulapi_cache = $cache->read("restfulapi"); $apikeysets = $restfulapi_cache["keys"]; $table = new Table(); $table->construct_header($lang->restfulapi_customer, array("width" => "15%")); $table->construct_header($lang->restfulapi_api_key, array("class" => "align_center", "width" => "29%")); $table->construct_header($lang->restfulapi_comment, array("class" => "align_center", "width" => "30%")); $table->construct_header($lang->restfulapi_usage, array("class" => "align_center", "width" => "5%")); $table->construct_header($lang->restfulapi_controls, array("class" => "align_center", "width" => "21%", "colspan" => 3)); if (count($apikeysets) == 0) { $table->construct_cell($lang->sprintf($lang->restfulapi_no_api_key, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>'), array("class" => "first", "colspan" => 5)); $table->construct_row(); } else { // TODO : pagination maybe ? foreach ($apikeysets as $key => $keyset) { $table->construct_cell("<b>" . htmlspecialchars_uni($keyset['apicustomer']) . "</b>"); $table->construct_cell(htmlspecialchars_uni($keyset['apikey'])); $table->construct_cell(htmlspecialchars_uni($keyset['apicomment'])); $table->construct_cell(htmlspecialchars_uni($keyset['access']), array("class" => "align_center")); $table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=regenerate&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_regenerate_api_key_confirmation}')\">{$lang->restfulapi_regenerate_api_key}</a>", array("class" => "align_center", "width" => "9%")); $table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=edit&key_id={$keyset['id']}\">{$lang->restfulapi_edit}</a>", array("class" => "align_center", "width" => "6%")); $table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=delete&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_delete_confirm}')\">{$lang->restfulapi_delete}</a>", array("class" => "align_center", "width" => "6%")); $table->construct_row(); } } $table->output($lang->restfulapi_manage_api_keys); } break; case "add-key": if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) { $apikey = restfulapi_generate_key(); /* can't figure out a better way to generate a random yet never-generated-before API key than this one */ while ($db->simple_select("apikeys", "*", "apikey='{$db->escape_string($apikey)}'")->num_rows != 0) { $apikey = restfulapi_generate_key(); } $insert = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "access" => 0, "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])), "apikey" => $db->escape_string(htmlspecialchars_uni($apikey))); $apikeyid = $db->insert_query("apikeys", $insert); if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) { $insert_allowed = array(); foreach ($mybb->input["apinames"] as $apiname) { $insert_allowed[] = array("apikey" => $db->escape_string($apikeyid), "apiname" => $db->escape_string($apiname)); } $db->insert_query_multiple("apipermissions", $insert_allowed); } restfulapi_cache_rebuild(); flash_message($lang->sprintf($lang->restfulapi_generated_successfully, $apikey, $mybb->input["apicustomer"]), 'success'); admin_redirect("index.php?module=config-restfulapi&action=manage-keys"); } else { $form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "post", "add"); $form_container = new FormContainer($lang->restfulapi_add_api_key); $form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', '', array('id' => 'apicustomer')), 'apicustomer'); $rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month); $form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', '0', array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, "m", array('id' => 'maxreqrate')), 'maxreq'); $form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', '', array('id' => 'apicomment')), 'apicomment'); $apis = glob(RESTFULAPI_PATH . "api/*api.class.php"); $presentable_apis = array(); foreach ($apis as $key => $value) { $value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value)); $presentable_apis[$value] = $value; } $form_container->output_row($lang->restfulapi_select_allowed_apis . " <em>*</em>", $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, array_keys($presentable_apis), array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames'); $form_container->end(); $buttons[] = $form->generate_submit_button($lang->restfulapi_generate_api_key); $form->output_submit_wrapper($buttons); $form->end(); } break; default: $apilist = $cache->read("restfulapilist"); // routine to install newly detected APIs, and activate them if needed restfulapi_apilist_activate(); if ($mybb->request_method == "post") { // we delete all the previously-deactivated options $db->delete_query("apisettings", "apiaction='deactivate'"); $inserts = array(); foreach ($mybb->input as $key => $input) { if (substr($key, 0, 7) == "option_" && $input == "1") { // replace first occurrence of 'option_' with '' in case the option name is 'option_', so that 'option_option_' won't be all replaced into an empty string // yeah I know, probably would never happen but we never know $option = preg_replace('/option\\_/', '', $key, 1); restfulapi_api_activate($option); } elseif (substr($key, 0, 7) == "option_" && $input == "0") { $option = preg_replace('/option\\_/', '', $key, 1); restfulapi_api_deactivate($option); } } flash_message($lang->restfulapi_saved_config, "success"); admin_redirect("index.php?module=config-restfulapi"); } else { $result = $db->simple_select("apisettings", "*", "apiaction='deactivate'"); $deactivatedapis = array(); while ($apiarray = $db->fetch_array($result)) { $deactivatedapis[] = $apiarray["apivalue"]; } if (count($apilist) == 0) { echo '<div class="notice">' . $lang->sprintf($lang->restfulapi_no_api, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>') . '</div>'; } else { $form = new Form("index.php?module=config-" . RESTFULAPI_URL, "post", "config"); $form_container = new FormContainer($lang->restfulapi_config); $table = new Table(); foreach ($apilist as $api => $info_array) { require_once RESTFULAPI_PATH . "api/" . $api . "api.class.php"; $api = htmlspecialchars_uni($api); $apiclass = $api . "api"; $api_instance = new $apiclass(); $info_array = $api_instance->info(); $name = isset($info_array["name"]) && is_string($info_array["name"]) ? htmlspecialchars_uni($info_array["name"]) . " : " . $api : $api; $description = isset($info_array["description"]) && is_string($info_array["description"]) ? htmlspecialchars_uni($info_array["description"]) : $lang->restfulapi_config_on_off_description; $setting_code = $form->generate_on_off_radio("option_" . $api, in_array($api, $deactivatedapis) ? 0 : 1, true, array('id' => $api . '_yes'), array('id' => $api . '_no')); $form_container->output_row($name, $description, $setting_code, '', array(), array('id' => 'row_' . $api)); } $form_container->end(); $buttons[] = $form->generate_submit_button($lang->restfulapi_save_config); $form->output_submit_wrapper($buttons); $form->end(); } } break; } $page->output_footer(); } }
$options = ""; $type = explode("\n", $setting['type']); $type[0] = trim($type[0]); $element_name = "upsetting[{$setting['name']}]"; $element_id = "setting_{$setting['name']}"; if ($type[0] == "text" || $type[0] == "") { $setting_code = $form->generate_text_box($element_name, $setting['value'], array('id' => $element_id)); } else { if ($type[0] == "textarea") { $setting_code = $form->generate_text_area($element_name, $setting['value'], array('id' => $element_id)); } else { if ($type[0] == "yesno") { $setting_code = $form->generate_yes_no_radio($element_name, $setting['value'], true, array('id' => $element_id . '_yes', 'class' => $element_id), array('id' => $element_id . '_no', 'class' => $element_id)); } else { if ($type[0] == "onoff") { $setting_code = $form->generate_on_off_radio($element_name, $setting['value'], true, array('id' => $element_id . '_on', 'class' => $element_id), array('id' => $element_id . '_off', 'class' => $element_id)); } else { if ($type[0] == "cpstyle") { $dir = @opendir(MYBB_ROOT . $config['admin_dir'] . "/styles"); while ($folder = readdir($dir)) { if ($file != "." && $file != ".." && @file_exists(MYBB_ROOT . $config['admin_dir'] . "/styles/{$folder}/main.css")) { $folders[$folder] = ucfirst($folder); } } closedir($dir); ksort($folders); $setting_code = $form->generate_select_box($element_name, $folders, $setting['value'], array('id' => $element_id)); } else { if ($type[0] == "language") { $languages = $lang->get_languages(); $setting_code = $form->generate_select_box($element_name, $languages, $setting['value'], array('id' => $element_id));
foreach ($mybb->input['setting'] as $name => $value) { $row = array("value" => $db->escape_string($value)); $db->update_query('wiki_settings', $row, "name=\"" . $name . "\""); } flash_message($lang->wiki_settings_success, 'success'); admin_redirect('index.php?module=wiki-settings'); } $table = new Table(); $form = new Form('', 'post'); $table->construct_header($lang->wiki_setting_title); $table->construct_header($lang->wiki_setting_givevalue); $query = $db->write_query("SELECT * FROM `" . TABLE_PREFIX . "wiki_settings`"); while ($row = $db->fetch_array($query)) { $table->construct_cell($row['title']); $code = $row['optionscode']; if ($code == 'text') { $setting_code = $form->generate_text_box('setting[' . $row['name'] . ']', $row['value'], array('id' => $row['name'])); } elseif ($code == 'yesno') { $setting_code = $form->generate_yes_no_radio('setting[' . $row['name'] . ']', $row['value'], true, array('id' => $row['name'] . '_yes', 'class' => $row['name']), array('id' => $row['name'] . '_no', 'class' => $row['name'])); } elseif ($code == 'onoff') { $setting_code = $form->generate_on_off_radio('setting[' . $row['name'] . ']', $row['value'], true, array('id' => 'on', 'class' => $row['name']), array('id' => 'off', 'class' => $row['name'])); } elseif ($code == 'textarea') { $setting_code = $form->generate_text_area('setting[' . $row['name'] . ']', $row['value'], array('id' => $row['name'])); } $table->construct_cell($setting_code); $table->construct_row(); } $buttons[] = $form->generate_submit_button($lang->wiki_commit); $table->output($lang->wiki_settings_alt); $form->output_submit_wrapper($buttons); $page->output_footer();
if ($folder != "." && $folder != ".." && @file_exists(MYBB_ADMIN_DIR . "/styles/{$folder}/main.css")) { $folders[$folder] = ucfirst($folder); } } closedir($dir); ksort($folders); $setting_code = $form->generate_select_box("cpstyle", $folders, $admin_options['cpstyle']); $languages = array_merge(array('' => $lang->use_default), $lang->get_languages(1)); $language_code = $form->generate_select_box("cplanguage", $languages, $admin_options['cplanguage']); $table = new Table(); $table->construct_header($lang->global_preferences); $table->construct_cell("<strong>{$lang->acp_theme}</strong><br /><small>{$lang->select_acp_theme}</small><br /><br />{$setting_code}"); $table->construct_row(); $table->construct_cell("<strong>{$lang->acp_language}</strong><br /><small>{$lang->select_acp_language}</small><br /><br />{$language_code}"); $table->construct_row(); $table->construct_cell("<strong>{$lang->codemirror}</strong><br /><small>{$lang->use_codemirror_desc}</small><br /><br />" . $form->generate_on_off_radio('codepress', $admin_options['codepress'])); $table->construct_row(); // If 2FA is enabled we need to display a link to the recovery codes page if (!empty($admin_options['authsecret'])) { $lang->use_2fa_desc .= "<br />" . $lang->recovery_codes_desc . " " . $lang->recovery_codes_warning; } $table->construct_cell("<strong>{$lang->my2fa}</strong><br /><small>{$lang->use_2fa_desc}</small><br /><br />" . $form->generate_on_off_radio('2fa', (int) (!empty($admin_options['authsecret'])))); $table->construct_row(); if (!empty($admin_options['authsecret'])) { $qr = $auth->getQRCodeGoogleUrl($mybb->user['username'] . "@" . str_replace(" ", "", $mybb->settings['bbname']), $admin_options['authsecret']); $table->construct_cell("<strong>{$lang->my2fa_qr}</strong><br /><img src=\"{$qr}\""); $table->construct_row(); } $table->output($lang->preferences); $table->construct_header($lang->notes_not_shared); $table->construct_cell($form->generate_text_area("notes", $admin_options['notes'], array('style' => 'width: 99%; height: 300px;')));
$page->output_header($lang->preferences_and_personal_notes); $sub_tabs['preferences'] = array('title' => $lang->preferences_and_personal_notes, 'link' => "index.php?module=home-preferences", 'description' => $lang->prefs_and_personal_notes_description); $page->output_nav_tabs($sub_tabs, 'preferences'); $query = $db->simple_select("adminoptions", "notes, cpstyle, codepress", "uid='" . $mybb->user['uid'] . "'", array('limit' => 1)); $admin_options = $db->fetch_array($query); $form = new Form("index.php?module=home-preferences", "post"); $dir = @opendir(MYBB_ADMIN_DIR . "/styles"); while ($folder = readdir($dir)) { if ($folder != "." && $folder != ".." && @file_exists(MYBB_ADMIN_DIR . "/styles/{$folder}/main.css")) { $folders[$folder] = ucfirst($folder); } } closedir($dir); ksort($folders); $setting_code = $form->generate_select_box("cpstyle", $folders, $admin_options['cpstyle']); $table = new Table(); $table->construct_header($lang->global_preferences); $table->construct_cell("<strong>{$lang->acp_theme}</strong><br /><small>{$lang->select_acp_theme}</small><br /><br />{$setting_code}"); $table->construct_row(); $table->construct_cell("<strong>{$lang->codepress}</strong><br /><small>{$lang->use_codepress_desc}</small><br /><br />" . $form->generate_on_off_radio('codepress', $admin_options['codepress'])); $table->construct_row(); $table->output($lang->preferences); $table->construct_header($lang->notes_not_shared); $table->construct_cell($form->generate_text_area("notes", $admin_options['notes'], array('style' => 'width: 99%; height: 300px;'))); $table->construct_row(); $table->output($lang->personal_notes); $buttons[] = $form->generate_submit_button($lang->save_notes_and_prefs); $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); }