Example #1
1
File: delete.php Project: rair/yacs
    // permission denied
} elseif (!$permitted) {
    Safe::header('Status: 401 Unauthorized', TRUE, 401);
    Logger::error(i18n::s('You are not allowed to perform this operation.'));
    // deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
    // touch the related anchor before actual deletion, since the image has to be accessible at that time
    if (is_object($anchor)) {
        $anchor->touch('category:delete', $item['id']);
    }
    // attempt to delete
    if (Categories::delete($item['id'])) {
        // log item deletion
        $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title']));
        $description = Categories::get_permalink($item);
        Logger::remember('categories/delete.php: ' . $label, $description);
        // this can appear anywhere
        Cache::clear();
        // back to the anchor page or to the index page
        if (is_object($anchor)) {
            Safe::redirect($anchor->get_url());
        } else {
            Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'categories/');
        }
    }
    // deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
    Logger::error(i18n::s('The action has not been confirmed.'));
} else {
    // commands
    $menu = array();
Example #2
0
 /**
  * parse some news
  *
  * @param string raw data received
  * @return array a status code (TRUE is ok) and the parsing result
  */
 function decode($data)
 {
     global $context;
     // create a parser with proper character encoding
     $this->encoding = 'ISO-8859-1';
     if (preg_match('/^<\\?xml .+ encoding="utf-8".*\\?>/i', $data)) {
         $this->encoding = 'UTF-8';
     }
     $parser = xml_parser_create($this->encoding);
     // parser setup
     xml_set_object($parser, $this);
     xml_set_element_handler($parser, 'parse_start_element', 'parse_end_element');
     xml_set_character_data_handler($parser, 'parse_cdata');
     // case is meaningful
     xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, FALSE);
     // reset parsing data
     $this->current_entry = array();
     // entry currently being parsed
     $this->entries = array();
     // collection of parsed entries
     $this->feed = array();
     // hash of feed fields
     $this->textinput = array();
     $this->image = array();
     $this->elements_stack = array('atom_stream');
     $this->current_field = '';
     $this->current_name_space = false;
     // parse data
     if (!xml_parse($parser, $data)) {
         if ($context['with_debug'] == 'Y') {
             Logger::remember('services/atom_codec.php: invalid packet to decode', str_replace("\r\n", "\n", $data), 'debug');
         }
         return array(FALSE, 'Parsing error: ' . xml_error_string(xml_get_error_code($parser)) . ' at line ' . xml_get_current_line_number($parser));
     }
     xml_parser_free($parser);
     // return parsing result
     return array(TRUE, $this->entries);
 }
Example #3
0
 /**
  * parse a XML request according to the XML-RPC specification
  *
  * This script uses the standard XML parser included in the PHP library.
  * The objective of the decoding functions is to transform the XML tree into stemming PHP arrays.
  *
  * Following tags are used for cdata conversion
  * - &lt;base64&gt;
  * - &lt;boolean&gt;
  * - &lt;date&gt;
  * - &lt;double&gt;
  * - &lt;integer&gt;
  * - &lt;string&gt;
  *
  * Following tags are processed as leaves of the tree:
  * - &lt;/value&gt;
  * - &lt;/methodName&gt;
  *
  * Following tags are processed as nodes of the tree
  * - &lt;methodCall&gt;: push 'methodCall' (stems 'methodName' and 'params')
  * - &lt;/methodCall&gt;: pop 'methodCall'
  * - &lt;methodResponse&gt;: push 'methodResponse' (stem 'params' or 'fault')
  * - &lt;/methodResponse&gt;: pop 'methodResponse'
  * - &lt;fault&gt;: push 'fault' (stems 'faultCode' and 'faultString')
  * - &lt;/fault&gt;: pop 'fault'
  * - &lt;params&gt;: push 'params', then '-1' (list of anonymous stems)
  * - &lt;/params&gt;: pop index, then pop 'params'
  * - &lt;value&gt; under an index: increment index (works for &lt;params&gt; and for &lt;array&gt;)
  * - &lt;/name&gt;: push cdata (named stem)
  * - &lt;/member&gt;: pop cdata
  * - &lt;array&gt;: push '-1' (list of anonymous stems)
  * - &lt;/array&gt;: pop index
  *
  * @param string raw data received
  * @return array a status code (TRUE is ok) and the parsing result
  */
 function decode($data)
 {
     global $context;
     // create a parser
     $parser = xml_parser_create();
     xml_set_object($parser, $this);
     xml_set_element_handler($parser, 'parse_tag_open', 'parse_tag_close');
     xml_set_character_data_handler($parser, 'parse_cdata');
     // case is meaningful
     xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, FALSE);
     // parse data
     $this->result = array();
     $this->stack = array();
     if (!xml_parse($parser, $data)) {
         if ($context['with_debug'] == 'Y') {
             Logger::remember('services/xml_rpc_codec.php: invalid packet to decode', str_replace("\r\n", "\n", $data), 'debug');
         }
         return array(FALSE, 'Parsing error: ' . xml_error_string(xml_get_error_code($parser)) . ' at line ' . xml_get_current_line_number($parser));
     }
     xml_parser_free($parser);
     // return parsing result
     return array(TRUE, $this->result);
 }
Example #4
0
    $response['id'] = NULL;
} else {
    $response['id'] = $parameters['id'];
}
// do not reply if the sender has sent a notification, and if there is no error
if ($response['id'] == NULL && $response['error'] == NULL) {
    $response = '';
} else {
    // JSON-RPC 2.0 requires either some result, or an error, but not both
    if (isset($response['jsonrpc'])) {
        if ($response['error'] == NULL) {
            unset($response['error']);
        } else {
            unset($response['result']);
        }
    }
    // encode the response
    $response = Safe::json_encode($response);
    // save the response if debug mode
    if (isset($context['debug_rpc']) && $context['debug_rpc'] == 'Y') {
        Logger::remember('services/json_rpc.php: json_rpc response', $response, 'debug');
    }
}
// handle the output correctly
render_raw('application/json; charset=' . $context['charset']);
// actual transmission except on a HEAD request
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') {
    echo $response;
}
// the post-processing hook
finalize_page();
Example #5
0
File: delete.php Project: rair/yacs
    // access denied
} elseif (!$permitted) {
    Safe::header('Status: 401 Unauthorized', TRUE, 401);
    Logger::error(i18n::s('You are not allowed to perform this operation.'));
    // deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
    // touch the related anchor before actual deletion, since the image has to be accessible at that time
    if (is_object($anchor)) {
        $anchor->touch('section:delete', $item['id']);
    }
    // attempt to delete
    if (Sections::delete($item['id'])) {
        // log item deletion
        $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title']));
        $description = Sections::get_permalink($item);
        Logger::remember('sections/delete.php: ' . $label, $description);
        // this can appear anywhere
        Cache::clear();
        // back to the anchor page or to the index page
        if (is_object($overlay) && ($back_url = $overlay->get_url_after_deleting())) {
            Safe::redirect($back_url);
        } elseif (is_object($anchor)) {
            Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url());
        } else {
            Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'sections/');
        }
    }
    // deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
    Logger::error(i18n::s('The action has not been confirmed.'));
} else {
Example #6
0
File: scan.php Project: rair/yacs
             $content .= "\t\t" . 'case \'' . $id . '\':' . "\n" . $item . "\t\t\tbreak;\n\n";
         }
     }
     // end the serving function
     $content .= "\t\t}\n\n\t\t" . 'return $result;' . "\n";
     $content .= "\t" . '}' . "\n\n";
     // the tail section
     $content .= '}' . "\n" . '?>' . "\n";
     // compile all hooks into a single file
     if (!Safe::file_put_contents('parameters/hooks.include.php', $content)) {
         $context['text'] .= sprintf(i18n::s('Impossible to write to %s.'), 'parameters/hooks.include.php') . BR . "\n";
     } else {
         $context['text'] .= i18n::s('Hooks have been compiled in parameters/hooks.include.php') . BR . "\n";
         // remember the change
         $label = sprintf(i18n::c('%s has been updated'), 'parameters/hooks.include.php');
         Logger::remember('control/scan.php: ' . $label);
     }
     // list hooks using xml
     if (isset($xml)) {
         $xml = '<?xml version="1.0" ?>' . "\n" . '<hooks>' . "\n" . $xml . '</hooks>' . "\n";
         if (!Safe::file_put_contents('parameters/hooks.xml', $xml)) {
             $context['text'] .= sprintf(i18n::s('Impossible to write to %s.'), 'parameters/hooks.xml') . BR . "\n";
         } else {
             $context['text'] .= i18n::s('Hooks have been listed in parameters/hooks.xml') . BR . "\n";
         }
     }
 }
 // display the execution time
 $time = round(get_micro_time() - $context['start_time'], 2);
 $context['text'] .= '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>';
 // if the server has been switched off, update the database schema
Example #7
0
 /**
  * create a page out of a textual entity
  *
  * If a target is provided, it is extended with the text of this entity.
  * Else if the anchor is an article, a comment is created. Otherwise an article is created.
  *
  * @param array of entity attributes
  * @param string the textual entity to process
  * @param array poster attributes
  * @param string an optional anchor (e.g., 'article:123')
  * @param string reference of the object to be extended, if any
  * @return string reference to the created or updated object, or NULL
  */
 public static function submit_page($entity_headers, $text, $user, $anchor = NULL, $target = NULL)
 {
     global $context;
     // retrieve queue parameters
     list($server, $account, $password, $allowed, $match, $section, $options, $hooks, $prefix, $suffix) = $context['mail_queue'];
     // preserve breaks
     $text = preg_replace('/\\s*<(br|div|h|p)/is', "\n\n<\$1", $text);
     // suppress dangerous html tags
     $text = strip_tags($text, $context['users_allowed_tags']);
     // trim white spaces
     while (TRUE) {
         $text = trim($text, " \t\r\n");
         if (!strncmp($text, '<br>', 4)) {
             $text = substr($text, 4);
         } elseif (!strncmp($text, '<br/>', 5)) {
             $text = substr($text, 5);
         } elseif (!strncmp($text, '<br />', 6)) {
             $text = substr($text, 6);
         } else {
             break;
         }
     }
     // parse article content
     include_once $context['path_to_root'] . 'articles/article.php';
     $article = new Article();
     $entry_fields = array();
     $entry_fields = $article->parse($text, $entry_fields);
     // trim the header
     if ($prefix) {
         $tokens = explode($prefix, $entry_fields['description']);
         if (isset($tokens[1])) {
             $entry_fields['description'] = $tokens[1];
         } else {
             $entry_fields['description'] = $tokens[0];
         }
     }
     // trim the signature
     if ($suffix) {
         list($entry_fields['description'], $dropped) = explode($suffix, $entry_fields['description']);
     }
     // strip extra text
     $entry_fields['description'] = trim(preg_replace('/\\(See attached file: [^\\)]+?\\)/', '', $entry_fields['description']));
     // anchor this item to something
     $entry_fields['anchor'] = $anchor;
     // make a title
     if (!isset($entry_fields['title'])) {
         $entry_fields['title'] = $context['mail_subject'];
     }
     // message creation stamp
     $entry_fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', strtotime($context['mail_date']));
     if (!isset($entry_fields['create_name'])) {
         $entry_fields['create_name'] = $user['nick_name'];
     }
     if (!isset($entry_fields['create_id'])) {
         $entry_fields['create_id'] = $user['id'];
     }
     if (!isset($entry_fields['create_address'])) {
         $entry_fields['create_address'] = $user['email'];
     }
     // message edition stamp
     $entry_fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
     if (!isset($entry_fields['edit_name'])) {
         $entry_fields['edit_name'] = $user['nick_name'];
     }
     if (!isset($entry_fields['edit_id'])) {
         $entry_fields['edit_id'] = $user['id'];
     }
     if (!isset($entry_fields['edit_address'])) {
         $entry_fields['edit_address'] = $user['email'];
     }
     // we have to extend an existing article --this entity is mutable
     if ($target && !strncmp($target, 'article:', 8) && ($article = Articles::get(substr($target, 8), TRUE))) {
         // append the text to article description field
         $fields = array();
         $fields['id'] = $article['id'];
         $fields['description'] = $article['description'] . $entry_fields['description'];
         $fields['silent'] = TRUE;
         Articles::put_attributes($fields);
         return $target;
         // we have to extend an existing comment --this entity is mutable
     } elseif ($target && !strncmp($target, 'comment:', 8) && ($comment = Comments::get(substr($target, 8), TRUE))) {
         // append the text to comment description field
         $comment['description'] .= $entry_fields['description'];
         Comments::post($comment);
         return $target;
         // we have to comment an existing page
     } elseif (!strncmp($anchor, 'article:', 8)) {
         // insert comment in the database
         if (!($entry_fields['id'] = Comments::post($entry_fields))) {
             Logger::remember('agents/messages.php: ' . Logger::error_pop());
             return NULL;
         }
         // debug, if required to do so
         if ($context['debug_messages'] == 'Y') {
             Logger::remember('agents/messages.php: Messages::submit_page() as a comment', $entry_fields, 'debug');
         }
         // increment the post counter of the surfer
         Users::increment_posts($user['id']);
         // clear cache
         $parent = Anchors::get($entry_fields['anchor']);
         // touch the related anchor
         if (is_object($parent) && isset($entry_fields['id'])) {
             $parent->touch('comment:create', $entry_fields['id'], TRUE);
         }
         return 'comment:' . $entry_fields['id'];
         // create a new page
     } else {
         // publish automatically, if required to do so
         $section = Anchors::get($entry_fields['anchor']);
         if (isset($context['users_with_auto_publish']) && $context['users_with_auto_publish'] == 'Y' || preg_match('/\\bauto_publish\\b/i', $options) || is_object($section) && $section->has_option('auto_publish')) {
             $entry_fields['publish_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
             if (!isset($entry_fields['publish_name'])) {
                 $entry_fields['publish_name'] = $user['nick_name'];
             }
             if (!isset($entry_fields['publish_id'])) {
                 $entry_fields['publish_id'] = $user['id'];
             }
             if (!isset($entry_fields['publish_address'])) {
                 $entry_fields['publish_address'] = $user['email'];
             }
         }
         // ensure we are using ids instead of nicknames
         if (is_object($section)) {
             $entry_fields['anchor'] = $section->get_reference();
         }
         // save in the database
         if (!($entry_fields['id'] = Articles::post($entry_fields))) {
             Logger::remember('agents/messages.php: ' . Logger::error_pop());
             return NULL;
         }
         // debugging log
         if (isset($context['debug_messages']) && $context['debug_messages'] == 'Y') {
             $entry_fields['description'] = substr($entry_fields['description'], 0, 1024);
             Logger::remember('agents/messages.php: Messages::submit_page() as an article', $entry_fields, 'debug');
         }
         // increment the post counter of the surfer
         Users::increment_posts($user['id']);
         // do whatever is necessary on page creation
         if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
             Articles::finalize_publication($section, $entry_fields);
         } else {
             Articles::finalize_submission($section, $entry_fields);
         }
         // get the new item
         $article = Anchors::get($anchor);
         // if replies are allowed
         if (!preg_match('/\\bno_reply\\b/i', $options)) {
             // let the sender know about his post
             if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
                 $splash = i18n::s("The page received by e-mail has been successfully published. Please review it now to ensure that it reflects your mind.");
             } else {
                 $splash = i18n::s("The page received by e-mail has been posted. Don't forget to read it online. Then click on the Publish command to make it publicly available.");
             }
             $message = '<p>' . $splash . '</p>' . '<p><a href="' . $context['url_to_home'] . $context['url_to_root'] . $article->get_url() . '">' . $article->get_title() . '</a></p>' . '<div>' . $article->get_teaser('basic') . '</div>' . '<p>' . i18n::c('Thank you for your contribution') . '</p>';
             // enable threading
             $headers = Mailer::set_thread($section);
             // send a mail message
             Mailer::notify(NULL, $post_sender, 'Re: ' . $post_subject, $message, $headers);
         }
         // reference to the new page
         return 'article:' . $entry_fields['id'];
     }
     // job ends
     return NULL;
 }
Example #8
0
File: safe.php Project: rair/yacs
 /**
  * change the web response
  *
  * @param string a new or updated response attribute
  * @param boolean TRUE to replace, FALSE to append
  * @param int HTTP status code to return, if any
  *
  */
 public static function header($attribute, $replace = NULL, $status = NULL)
 {
     global $context;
     // CGI and FastCGI error parsing headers
     if (substr(php_sapi_name(), 0, 3) == 'cgi') {
         $attribute = str_replace('Status:', 'HTTP/1.0', $attribute);
     }
     // in case we are validating all scripts
     if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'HEAD') {
         return;
     }
     // too late
     if (headers_sent($file, $line)) {
         // help on development machine
         if ($context['with_debug'] == 'Y') {
             Logger::remember('shared/safe.php: Can not add HTTP header', 'Headers already sent in ' . $file . ' on line ' . $line, 'debug');
         }
         // don't call header(), this would raise an error
         return;
     }
     // function has been allowed
     if (is_callable('header')) {
         if ($status) {
             header($attribute, $replace, $status);
         } elseif (is_bool($replace)) {
             header($attribute, $replace);
         } else {
             header($attribute);
         }
     }
 }
Example #9
0
    if (isset($_REQUEST['twilio_authentication_token'])) {
        $content .= '$context[\'twilio_authentication_token\']=\'' . addcslashes($_REQUEST['twilio_authentication_token'], "\\'") . "';\n";
    }
    $content .= '?>' . "\n";
    // update the parameters file
    if (!Safe::file_put_contents('parameters/services.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/services.include.php'));
        // allow for a manual update
        $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/services.include.php') . "</p>\n";
        // job done
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/services.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/services.include.php');
        Logger::remember('services/configure.php: ' . $label);
    }
    // display updated parameters
    $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
    // follow-up commands
    $follow_up = i18n::s('Where do you want to go now?');
    $menu = array();
    $menu = array_merge($menu, array('services/' => i18n::s('Web services')));
    $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
    $menu = array_merge($menu, array('services/configure.php' => i18n::s('Configure again')));
    $follow_up .= Skin::build_list($menu, 'menu_bar');
    $context['text'] .= Skin::build_block($follow_up, 'bottom');
}
// render the skin
render_skin();
Example #10
0
File: chmod.php Project: rair/yacs
        $count++;
        // avoid timeouts
        if (!($count % 50)) {
            Safe::set_time_limit(30);
            SQL::ping();
        }
    }
    if ($count) {
        $context['text'] .= sprintf(i18n::s('%d files have been updated.'), $count) . "\n";
    }
    $context['text'] .= "</p>\n";
    // display the execution time
    $time = round(get_micro_time() - $context['start_time'], 2);
    $context['text'] .= '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>';
    // forward to the index page
    $menu = array('control/' => i18n::s('Control Panel'));
    $context['text'] .= Skin::build_list($menu, 'menu_bar');
    // remember the operation
    $label = sprintf(i18n::c('chmod %s has been applied to scripts'), $context['file_mask']);
    Logger::remember('control/chmod.php: ' . $label);
    // confirmation is required
} else {
    // the confirmation question
    $context['text'] .= '<b>' . sprintf(i18n::s('You are about to chmod(%d) all running scripts of this server. Are you sure?'), $context['file_mask']) . "</b>\n";
    // the menu for this page
    $context['text'] .= '<form method="post" action="' . $context['script_url'] . '"><p>' . Skin::build_submit_button(i18n::s('Yes, I do want to change permissions of running scripts')) . '<input type="hidden" name="action" value="confirm" />' . '</p></form>' . "\n";
    // this may take several minutes
    $context['text'] .= '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . "</p>\n";
}
// render the skin
render_skin();
Example #11
0
File: delete.php Project: rair/yacs
    $menu = array();
    $menu[] = Skin::build_link($anchor->get_url('files'), i18n::s('Done'), 'button');
    $menu[] = Skin::build_link(Files::get_url($item['id'], 'release'), i18n::s('Release reservation'), 'span');
    $context['text'] .= Skin::build_block(Skin::finalize_list($menu, 'menu_bar'), 'bottom');
    // deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
    // touch the related anchor before actual deletion, since the file has to be accessible at that time
    if (is_object($anchor)) {
        $anchor->touch('file:delete', $item['id']);
    }
    // if no error, back to the anchor or to the index page
    if (Files::delete($item['id'])) {
        // log item deletion
        $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title']));
        $description = Files::get_permalink($item);
        Logger::remember('files/delete.php: ' . $label, $description);
        Files::clear($item);
        if ($render_overlaid) {
            echo 'delete done';
            die;
        }
        if (is_object($anchor)) {
            Safe::redirect($anchor->get_url() . '#_attachments');
        } else {
            Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'files/');
        }
    }
    // deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
    Logger::error(i18n::s('The action has not been confirmed.'));
} else {
Example #12
0
File: ping.php Project: rair/yacs
            list($server_ping, $server_label) = $attributes;
            $milestone = get_micro_time();
            $result = @Call::invoke($server_ping, 'weblogUpdates.ping', array(strip_tags($context['site_name']), $context['url_to_home'] . $context['url_to_root']), 'XML-RPC');
            if ($result[0]) {
                $label = round(get_micro_time() - $milestone, 2) . ' sec.';
            } else {
                $label = @$result[1];
            }
            $context['text'] .= '<li>' . $server_label . ' (' . $label . ')</li>';
        }
        $context['text'] .= '</ul>';
        // no server to ping
    } else {
        $context['text'] .= '<p>' . i18n::s('No server has been created yet.') . '</p>';
    }
    // back to the index of servers
    $menu = array('servers/' => i18n::s('Servers'));
    $context['text'] .= Skin::build_list($menu, 'menu_bar');
    // remember this in log as well
    Logger::remember('servers/ping.php: The cloud has been pinged');
    // operation has to be confirmed
} else {
    // introductory text
    $context['text'] .= '<p>' . i18n::s('This script will ping (<code>weblogUpdates.ping</code>) every server configured to be part of our cloud. Normally, the publication script does this automatically. However, no ping occurs for pages submitted by XML-RPC or by e-mail. Therefore, you should launch this script at least once per month to ensure everybody knows about this site.') . '</p>';
    // the submit button
    $context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . '<input type="hidden" name="action" value="ping" />' . Skin::build_submit_button(i18n::s('Yes, I want to ping the cloud')) . '</p></form>';
    // set the focus on the backup button
    Page::insert_script('$("#go").focus();');
}
// render the skin
render_skin();
Example #13
0
/**
 * dynamically generate the page
 *
 * @see skins/index.php
 */
function send_body()
{
    global $context, $local;
    // $local is required to localize included scripts
    // include every script that has to be run once
    global $scripts, $scripts_count;
    if (@count($scripts)) {
        // the alphabetical order may be used to control script execution order
        sort($scripts);
        reset($scripts);
        // process each script one by one
        foreach ($scripts as $item) {
            // do not execute on first installation
            if (file_exists('../parameters/switch.on') || file_exists('../parameters/switch.off')) {
                // ensure we have a valid database resource
                if (!$context['connection']) {
                    break;
                }
                // remember this as an event
                Logger::remember('scripts/run_once.php: ' . sprintf(i18n::c('script %s has been executed'), $item));
                // where scripts actually are
                $actual_item = str_replace('//', '/', $context['path_to_root'] . 'scripts/run_once/' . $item);
                // include the script to execute it
                $scripts_count++;
                echo Skin::build_block($item, 'subtitle');
                include $actual_item;
                echo "\n";
            }
            // ensure enough overall execution time
            Safe::set_time_limit(30);
            // stamp the file to remember execution time
            Safe::touch($actual_item);
            // rename the script to avoid further execution
            Safe::unlink($actual_item . '.done');
            Safe::rename($actual_item, $actual_item . '.done');
        }
        // refresh javascript libraries
        Cache::purge('js');
    }
    // report on actual execution
    if ($scripts_count) {
        echo '<p>&nbsp;</p><p>' . sprintf(i18n::ns('%d script has been executed', '%d scripts have been executed', $scripts_count), $scripts_count) . "</p>\n";
    } else {
        echo '<p>' . i18n::s('No script has been executed') . "</p>\n";
    }
    // display the total execution time
    $time = round(get_micro_time() - $context['start_time'], 2);
    if ($time > 30) {
        echo '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>';
    }
    // if the server has been switched off, go back to the control panel
    if (file_exists('../parameters/switch.off')) {
        echo '<form method="get" action="' . $context['url_to_root'] . 'control/">' . "\n" . '<p class="assistant_bar">' . Skin::build_submit_button(i18n::s('Control Panel')) . '</p>' . "\n" . '</form>' . "\n";
        // else back to the control panel as well, but without a button
    } else {
        $menu = array('control/' => i18n::s('Control Panel'));
        echo Skin::build_list($menu, 'menu_bar');
    }
    // purge the cache, since it is likely that we have modified some data
    Cache::clear();
}
Example #14
0
    if (isset($_REQUEST['files_url'])) {
        $content .= '$context[\'files_url\']=\'' . addcslashes($_REQUEST['files_url'], "\\'") . "';\n";
    }
    $content .= '?>' . "\n";
    // update the parameters file
    if (!Safe::file_put_contents('parameters/files.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/files.include.php'));
        // allow for a manual update
        $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/files.include.php') . "</p>\n";
        // job done
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/files.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/files.include.php');
        Logger::remember('files/configure.php: ' . $label);
    }
    // display updated parameters
    $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
    // follow-up commands
    $follow_up = i18n::s('Where do you want to go now?');
    $menu = array();
    $menu = array_merge($menu, array('files/' => i18n::s('Files')));
    $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
    $menu = array_merge($menu, array('files/configure.php' => i18n::s('Configure again')));
    $follow_up .= Skin::build_list($menu, 'menu_bar');
    $context['text'] .= Skin::build_block($follow_up, 'bottom');
}
// render the skin
render_skin();
Example #15
0
File: call.php Project: rair/yacs
 /**
  * get a list of remote resources
  *
  * This function performs a REST call against a web services that provides a RSS-encoded response.
  *
  * Minimum example:
  * [php]
  * $result = Call::list_resources($url);
  * if(!$result[0])
  *	echo $result[1]; // error message
  * else
  *	... // use call result from $result[1]
  * [/php]
  *
  * @param string the url to use
  * @param array the parameters to transmit
  * @return an array of which the first value indicates call success or failure
  *
  * @see search.php
  */
 public static function list_resources($url, $parameters = NULL)
 {
     global $context;
     // encode the request
     $data = '';
     foreach ($parameters as $label => $value) {
         if ($data) {
             $data .= '&';
         }
         $data .= urlencode($label) . '=' . urlencode($value);
     }
     $headers = '';
     $headers .= 'Content-Type: application/x-www-form-urlencoded' . CRLF;
     $headers .= 'Content-Length: ' . strlen($data) . CRLF;
     // parse the target URL
     $items = @parse_url($url);
     // no host, assume it's us
     if (!($host = $items['host'])) {
         $host = $context['host_name'];
     }
     // no port, assume the standard
     if (!isset($items['port']) || !($port = $items['port'])) {
         $port = 80;
     }
     // outbound web is not authorized
     if (isset($context['without_outbound_http']) && $context['without_outbound_http'] == 'Y') {
         return array(FALSE, 'Outbound HTTP is not authorized.');
     }
     // connect to the server
     if (!($handle = Safe::fsockopen($host, $port, $errno, $errstr, 30))) {
         return array(FALSE, sprintf('Impossible to connect to %s.', $host . ':' . $port));
     }
     // ensure enough execution time
     Safe::set_time_limit(30);
     // build the path, including any query
     $path = $items['path'];
     if ($items['query']) {
         $path .= '?' . $items['query'];
     }
     // build an HTTP request
     $request = "POST " . $path . " HTTP/1.0" . CRLF . 'Host: ' . $host . CRLF . "Accept-Encoding: gzip" . CRLF . "User-Agent: YACS (www.yacs.fr)" . CRLF . "Connection: close" . CRLF . $headers . CRLF . $data;
     // save the request if debug mode
     if ($context['debug_call'] == 'Y') {
         Logger::remember('services/call.php: Call::list_resources() request', str_replace("\r\n", "\n", $request), 'debug');
     }
     // submit the request
     fputs($handle, $request);
     // get everything by Ethernet-sized chunks
     $response = '';
     while (!feof($handle) && strlen($response) < 5242880) {
         $response .= fread($handle, 1500);
     }
     fclose($handle);
     // ensure we have a valid HTTP status line
     if (preg_match('/^HTTP/', $response) && !preg_match('/^HTTP\\/[0-9\\.]+ 200 /', $response)) {
         $lines = explode("\n", $response, 2);
         return array(FALSE, 'Unexpected HTTP status "' . $lines[0] . '"');
     }
     // separate headers from body
     list($headers, $content) = explode(CRLF . CRLF, $response, 2);
     // uncompress payload if necessary
     if (preg_match('/Content-Encoding: \\s*gzip/i', $headers)) {
         $content = gzinflate(substr($content, 10));
     }
     // save the response if debug mode
     if ($context['debug_call'] == 'Y') {
         Logger::remember('services/call.php: Call::list_resources() response', str_replace("\r\n", "\n", $headers . "\n\n" . $content), 'debug');
     }
     // we understand only text responses
     if (!preg_match('/^Content-Type: text/m', $headers)) {
         return array(FALSE, 'Impossible to process not-textual response');
     }
     // passthrough if not xml
     if (!preg_match('/^Content-Type: text\\/xml/m', $headers)) {
         return $content;
     }
     // select a codec handler
     include_once $context['path_to_root'] . 'services/codec.php';
     include_once $context['path_to_root'] . 'services/rss_codec.php';
     $codec = new RSS_Codec();
     if (!is_object($codec)) {
         return array(FALSE, 'Impossible to load codec RSS_Codec');
     }
     // decode the result
     return $codec->import_response($content, $headers, $parameters);
 }
Example #16
0
    Safe::rename($context['path_to_root'] . 'parameters/scripts.include.php', $context['path_to_root'] . 'parameters/scripts.include.php.bak');
    // build the new configuration file
    $content = '<?php' . "\n" . '// This file has been created by the configuration script scripts/configure.php' . "\n" . '// on ' . gmdate("F j, Y, g:i a") . ' GMT, for ' . Surfer::get_name() . '. Please do not modify it manually.' . "\n" . '$context[\'home_at_root\']=\'' . addcslashes($_REQUEST['home_at_root'], "\\'") . "';\n" . '$context[\'reference_server\']=\'' . addcslashes($_REQUEST['reference_server'], "\\'") . "';\n" . '?>' . "\n";
    // update the parameters file
    if (!Safe::file_put_contents('parameters/scripts.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/scripts.include.php'));
        // allow for a manual update
        $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/scripts.include.php') . "</p>\n";
        // job done
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/scripts.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/scripts.include.php');
        Logger::remember('scripts/configure.php: ' . $label);
    }
    // display updated parameters
    $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
    // follow-up commands
    $follow_up = i18n::s('Where do you want to go now?');
    $menu = array();
    $menu = array_merge($menu, array('scripts/stage.php' => i18n::s('Stage updated scripts')));
    $menu = array_merge($menu, array('scripts/' => i18n::s('Server software')));
    $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
    $menu = array_merge($menu, array('scripts/configure.php' => i18n::s('Configure again')));
    $follow_up .= Skin::build_list($menu, 'menu_bar');
    $context['text'] .= Skin::build_block($follow_up, 'bottom');
}
// render the skin
render_skin();
Example #17
0
 if (!Safe::file_put_contents('parameters/root.include.php', $content)) {
     Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/root.include.php'));
     // allow for a manual update
     $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/root.include.php') . "</p>\n";
     // job done
 } else {
     $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/root.include.php') . "</p>\n";
     // first installation
     if (!file_exists('parameters/switch.on') && !file_exists('parameters/switch.off')) {
         $context['text'] .= '<p>' . i18n::s('Review provided information and go to the bottom of the page to move forward.') . "</a></p>\n";
     }
     // purge the cache
     Cache::clear();
     // remember the change
     $label = sprintf(i18n::c('%s has been updated'), 'parameters/root.include.php');
     Logger::remember('configure.php: ' . $label);
 }
 // display updated parameters
 $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
 // first installation
 if (!file_exists('parameters/switch.on') && !file_exists('parameters/switch.off')) {
     $context['text'] .= '<form method="get" action="control/" id="main_form">' . "\n" . '<p>' . Skin::build_submit_button(i18n::s('Switch the server on')) . '</p>' . "\n" . '</form>' . "\n";
     // ordinary follow-up commands
 } else {
     // what's next?
     $follow_up = i18n::s('Where do you want to go now?');
     // follow-up menu
     $menu = array();
     // front page
     $menu = array_merge($menu, array($context['url_to_root'] => i18n::s('Front page')));
     // control panel
Example #18
0
            $content .= '$context[\'mail_queues\'][\'' . $name . '\']=array(\'' . $server . '\', \'' . $account . '\', \'' . $password . '\', \'' . $allowed . '\', \'' . $match . '\', \'' . $section . '\', \'' . $options . '\', \'' . $hooks . '\', \'' . $prefix . '\', \'' . $suffix . "');\n";
        }
    }
    $content .= '?>' . "\n";
    // open the parameters file
    if (!Safe::file_put_contents('parameters/agents.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/agents.include.php'));
        // allow for a manual update
        $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/agents.include.php') . "</p>\n";
        // job done
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/agents.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/agents.include.php');
        Logger::remember('agents/configure.php: ' . $label);
    }
    // display updated parameters
    $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
    // follow-up commands
    $follow_up = i18n::s('Where do you want to go now?');
    $menu = array();
    $menu = array_merge($menu, array('agents/' => i18n::s('Background processing')));
    $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
    $menu = array_merge($menu, array('agents/configure.php' => i18n::s('Configure again')));
    $follow_up .= Skin::build_list($menu, 'menu_bar');
    $context['text'] .= Skin::build_block($follow_up, 'bottom');
}
// render the skin
render_skin();
Example #19
0
File: links.php Project: rair/yacs
 /**
  * attempt to use the trackback interface
  *
  * @param string some text, extracted from the target site, to extract the broker URL, if any
  * @param string the source address
  * @param string the target address from which the text has been extracted
  * @param string title of the source page
  * @param string excerpt of the source page
  * @param string blog name of the source page
  * @return TRUE if the target site has been pinged back, FALSE otherwise
  *
  * @link http://www.movabletype.org/docs/mttrackback.html TrackBack Technical Specification
  */
 public static function ping_as_trackback($text, $source, $target, $title = '', $excerpt = '', $blog_name = '')
 {
     global $context;
     // extract all rdf blocks
     preg_match_all('/<rdf:RDF(.*)<\\/rdf:RDF>/iUs', $text, $blocks);
     // nothing to do
     if (!@count($blocks[1])) {
         return FALSE;
     }
     // look for the broker
     $broker = array();
     foreach ($blocks[1] as $block) {
         // seek the trackback interface
         if (!preg_match('/(dc:identifier|about)="' . preg_quote($target, '/') . '/mi', $block)) {
             continue;
         }
         // extract the broker link
         if (preg_match('/trackback:ping="([^"]+)"/mi', $block, $broker)) {
             break;
         }
     }
     // trackback interface not supported at this page
     if (!isset($broker[1])) {
         return FALSE;
     }
     // parse the broker URL
     $items = @parse_url($broker[1]);
     // no host, assume it's us
     if (!($host = $items['host'])) {
         $host = $context['host_name'];
     }
     // no port, assume the standard
     if (!isset($items['port']) || !($port = $items['port'])) {
         $port = 80;
     }
     // outbound web is not authorized
     if (isset($context['without_outbound_http']) && $context['without_outbound_http'] == 'Y') {
         if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') {
             Logger::remember('links/links.php: Links::ping_as_trackback()', 'Outbound HTTP is not authorized.', 'debug');
         }
         return FALSE;
     }
     // connect to the server
     if (!($handle = Safe::fsockopen($host, $port, $errno, $errstr, 30))) {
         if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') {
             Logger::remember('links/links.php: Links::ping_as_trackback()', sprintf('Impossible to connect to %s.', $host . ':' . $port), 'debug');
         }
         return FALSE;
     }
     // ensure enough execution time
     Safe::set_time_limit(30);
     // build the path, including any query
     $path = $items['path'];
     if (isset($items['query']) && $items['query']) {
         $path .= '?' . $items['query'];
     }
     // encode the content
     $data = 'title=' . urlencode($title) . '&url=' . urlencode($source) . '&excerpt=' . urlencode($excerpt) . '&blog_name=' . urlencode($blog_name);
     $headers = 'Content-Type: application/x-www-form-urlencoded' . CRLF . 'Content-Length: ' . strlen($data) . CRLF;
     // actual trackback, through HTTP POST
     $request = "POST " . $path . " HTTP/1.0" . CRLF . 'Host: ' . $host . CRLF . "User-Agent: YACS (www.yacs.fr)" . CRLF . "Connection: close" . CRLF . $headers . CRLF . $data;
     // save the request if debug mode
     if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') {
         Logger::remember('links/links.php: Links::ping_as_trackback() request', str_replace("\r\n", "\n", $request), 'debug');
     }
     // submit the request
     fputs($handle, $request);
     // we are interested only in the very first bytes of the response
     $code = fread($handle, 15);
     fclose($handle);
     // save the response if debug mode
     if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') {
         Logger::remember('links/links.php: Links::ping_as_trackback() response', $code . '...', 'debug');
     }
     // check HTTP status
     if (!preg_match('/^HTTP\\/[0-9\\.]+ 200/', $code)) {
         return FALSE;
     }
     // successful trackback
     if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') {
         Logger::remember('links/links.php: Links::ping_as_trackback() success', $broker[1], 'debug');
     }
     return TRUE;
 }
Example #20
0
File: post.php Project: rair/yacs
                if ($user['id']) {
                    Users::increment_posts($user['id']);
                }
            }
        }
    }
    // an error has been encountered
    if (is_array($response)) {
        $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>' . $response['faultCode'] . '</error>' . "\n" . '<message>' . $response['faultString'] . '</message>' . "\n" . '</response>';
        // also sets an error at the HTTP level
        Safe::header('Status: 400 Bad Request', TRUE, 400);
        // everything's going fine
    } else {
        $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>0</error>' . "\n" . '</response>';
    }
    // save the response if debug mode
    if ($context['debug_comment'] == 'Y') {
        Logger::remember('comments/post.php: comments post response', $response, 'debug');
    }
    // send the response
    Safe::header('Content-Type: text/xml');
    Safe::header('Content-Length: ' . strlen($response));
    echo $response;
    return;
    // this is not a POST -- assume we have a human being
} else {
    // detail usage rule
    Logger::error(i18n::s('This script supports Comment API and Post-It updates through HTTP POST requests.'));
}
// render the skin
render_skin();
Example #21
0
 /**
  * dynamically generate the page
  *
  * @see skins/index.php
  */
 function send_body()
 {
     global $context;
     // populate tables for servers
     if (is_readable('../servers/populate.php')) {
         include_once '../servers/populate.php';
     }
     // splash
     echo '<h3>' . i18n::s('What do you want to do now?') . '</h3>';
     // follow-up commands
     $menu = array();
     $menu = array_merge($menu, array('servers/' => i18n::s('Servers')));
     $menu = array_merge($menu, array('help/populate.php' => i18n::s('Launch the Content Assistant again')));
     $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
     echo Skin::build_list($menu, 'menu_bar');
     // new content has been created
     Logger::remember('help/populate.php: content assistant has created new content');
 }
Example #22
0
 /**
  * create a new overlay from scratch
  *
  * This function creates an instance of the Overlay class based on the given type.
  * For the type '[code]foo[/code]', the script file '[code]overlays/foo.php[/code]' is loaded.
  *
  * Example:
  * [php]
  * // create a new overlay
  * $overlay = Overlay::bind('recipe');
  * [/php]
  *
  * The provided string may include parameters after the type.
  * These parameters, if any, are saved along overlay attributes.
  *
  * Example:
  * [php]
  * // this overlay will preserve past events
  * $overlay = Overlay::bind('day without_past_dates');
  * [/php]
  *
  * This function calls the member function initialize() to allow for additional
  * generic initialization steps, if required. Example: loading of an external configuration
  * file.
  *
  * @see articles/edit.php
  * @see overlays/day.php
  * @see sections/edit.php
  *
  * @param string overlay type
  * @return a brand new instance
  */
 public static final function bind($type)
 {
     global $context;
     // sanity check
     if (!$type || !trim($type)) {
         return NULL;
     }
     // stop hackers, if any
     $type = preg_replace(FORBIDDEN_IN_PATHS, '', strip_tags($type));
     // remove side spaces
     $type = trim($type);
     // localize overlays strings --not related to Overlay::bind() at all...
     i18n::bind('overlays');
     // extract parameters, if any
     $parameters = '';
     if (strlen($type) > 1 && ($separator = strpos($type, ' ', 1)) !== FALSE) {
         $parameters = substr($type, $separator + 1);
         $type = substr($type, 0, $separator);
     }
     // reject hooks
     if (preg_match('/hook$/i', $type)) {
         return NULL;
     }
     // load the overlay class file
     $file = $context['path_to_root'] . 'overlays/' . $type . '.php';
     if (is_readable($file)) {
         include_once $file;
     }
     // create the instance
     if (class_exists($type)) {
         $overlay = new $type();
         $overlay->attributes = array();
         $overlay->attributes['overlay_type'] = $type;
         $overlay->attributes['overlay_parameters'] = $parameters;
         // allow for internal initialization of the overlay
         $overlay->initialize();
         return $overlay;
     }
     // houston, we've got a problem -- Logger::error() is buggy here
     if ($context['with_debug'] == 'Y') {
         Logger::remember('overlays/overlay.php: overlay::bind() unknown overlay type', $type, 'debug');
     }
     return NULL;
 }
Example #23
0
File: ping.php Project: rair/yacs
                    $response = array('flerror' => 0, 'message' => 'Thanks for the ping');
                }
            }
            break;
        default:
            $response = array('faultCode' => 1, 'faultString' => 'Do not know how to process ' . $parameters['methodName']);
            Logger::remember('services/ping.php: ping unsupported methodName', $parameters, 'debug');
    }
}
// no response yet
if (!isset($response)) {
    $response = array('faultCode' => 1, 'faultString' => 'no response');
}
// build a XML snippet
$result = $codec->export_response($response);
$status = @$result[0];
$response = @$result[1];
// handle the output correctly
render_raw('text/xml; charset=' . $context['charset']);
// actual transmission except on a HEAD request
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') {
    echo $response;
}
// save the response if debug mode
if (isset($context['debug_ping']) && $context['debug_ping'] == 'Y') {
    Logger::remember('services/ping.php: ping response', $response, 'debug');
} elseif (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y' && $parameters['methodName'] == 'pingback.ping') {
    Logger::remember('services/ping.php: ping response', $response, 'debug');
}
// the post-processing hook
finalize_page();
Example #24
0
File: files.php Project: rair/yacs
 /**
  * scan a file for viruses
  *
  * This function connects to ClamAV daemon, if possible, to scan the referred file.
  *
  * @param string absolute path of the file to scan
  * @return string 'Y' if the file has been infected, '?' if clamav is not available, or 'N' if no virus has been found
  */
 public static function has_virus($file)
 {
     global $context;
     // file scanning must be configured
     if (!isset($context['clamav_check']) || $context['clamav_check'] === 'N') {
         return 'N';
     }
     // we can't connect to clamav daemon
     $server = 'localhost';
     if (!($handle = Safe::fsockopen($server, 3310, $errno, $errstr, 1))) {
         if ($context['with_debug'] == 'Y') {
             Logger::remember('files/files.php: Unable to connect to CLAMAV daemon', '', 'debug');
         }
         return '?';
     }
     // ensure enough execution time
     Safe::set_time_limit(30);
     // scan uploaded file
     $request = 'SCAN ' . $file;
     fputs($handle, $request . CRLF);
     if ($context['with_debug'] == 'Y') {
         Logger::remember('files/files.php: CLAMAV ->', $request, 'debug');
     }
     // expecting an OK
     if (($reply = fgets($handle)) === FALSE) {
         Logger::remember('files/files.php: No reply to SCAN command at ' . $server);
         fclose($handle);
         return '?';
     }
     if ($context['with_debug'] == 'Y') {
         Logger::remember('files/files.php: CLAMAV <-', $reply, 'debug');
     }
     // file has been infected!
     if (!stripos($reply, ': ok')) {
         Logger::remember('files/files.php: Infected upload by ' . Surfer::get_name());
         fclose($handle);
         return 'Y';
     }
     // everything is ok
     fclose($handle);
     return 'N';
 }
Example #25
0
File: ldap.php Project: rair/yacs
 /**
  * login
  *
  * The script checks provided name and password against remote server.
  *
  * This is done by transmitting the user name and the password
  * to the directory.
  *
  * @param string the nickname of the user
  * @param string the submitted password
  * @return TRUE on successful authentication, FALSE othewise
  */
 function login($name, $password)
 {
     global $context;
     // we need some parameters
     if (!isset($this->attributes['authenticator_parameters']) || !$this->attributes['authenticator_parameters']) {
         Logger::error(i18n::s('Please provide parameters to the authenticator.'));
         return FALSE;
     }
     // tokenize enclosed parameters
     $tokens = preg_split('/(")/', $this->attributes['authenticator_parameters'], -1, PREG_SPLIT_DELIM_CAPTURE);
     $outside = TRUE;
     $parameters = array();
     foreach ($tokens as $token) {
         // sanity check --PREG_SPLIT_NO_EMPTY does not work
         if (!trim($token)) {
             // catch "" arguments (used for example as an empty password)
             if (!$outside) {
                 $parameters[] = "";
             }
             continue;
         }
         // begin or end of a token
         if ($token == '"') {
             $outside = !$outside;
             continue;
         }
         // outside, each word is a token
         if ($outside) {
             $parameters = array_merge($parameters, explode(' ', trim($token)));
         } else {
             $parameters[] = trim($token);
         }
     }
     // ensure a minimum number of parameters
     if (count($parameters) < 1) {
         Logger::error(i18n::s('Provide at least server name to the LDAP authenticator.'));
         return FALSE;
     }
     // prepare network parameters
     $server = $parameters[0];
     if (strstr($server, ':')) {
         list($server, $port) = explode(':', $server, 2);
     } else {
         $port = 389;
     }
     // distinguished name used for bind
     $bind_dn = '';
     if (isset($parameters[1])) {
         $bind_dn = str_replace('%u', $name, $parameters[1]);
     }
     // password used for bind
     $bind_password = '';
     if (isset($parameters[2])) {
         $bind_password = str_replace('%p', $password, $parameters[2]);
     }
     // distinguished name used for search
     $search_dn = '';
     if (isset($parameters[3])) {
         $search_dn = $parameters[3];
     }
     // encode provided parameters to avoid LDAP injections
     $name = preg_replace('/([^a-zA-Z0-9\' ])/e', "chr(92).bin2hex('\$1')", $name);
     $password = preg_replace('/([^a-zA-Z0-9\' ])/e', "chr(92).bin2hex('\$1')", $password);
     // search expression
     $search_filter = '';
     if (isset($parameters[4])) {
         $search_filter = str_replace(array('%u', '%p'), array($name, $password), $parameters[4]);
     }
     // parse options
     $opt_deref = LDAP_DEREF_NEVER;
     $opt_protocol_version = 3;
     $opt_sizelimit = 0;
     $opt_timelimit = 0;
     $opt_ldap_search_func = "ldap_search";
     if (isset($parameters[5])) {
         $tokens = preg_split('/,/', $parameters[5], -1, PREG_SPLIT_NO_EMPTY);
         foreach ($tokens as $token) {
             $argerror = $valerror = 0;
             $argerror_s = $argerror_c = '';
             list($key, $val) = explode('=', $token, 2);
             if (!strcasecmp($key, "DEREF")) {
                 if (!strcasecmp($val, "never")) {
                     $opt_deref = LDAP_DEREF_NEVER;
                 } elseif (!strcasecmp($val, "always")) {
                     $opt_deref = LDAP_DEREF_ALWAYS;
                 } else {
                     $valerror = 1;
                 }
             } elseif (!strcasecmp($key, "PROTOCOL_VERSION")) {
                 if ($val == 2 || $val == 3) {
                     $opt_protocol_version = $val;
                 } else {
                     $valerror = 1;
                 }
             } elseif (!strcasecmp($key, "SCOPE")) {
                 if (!strcasecmp($val, "one")) {
                     $opt_ldap_search_func = "ldap_list";
                 } elseif (!strcasecmp($val, "sub")) {
                     $opt_ldap_search_func = "ldap_search";
                 } else {
                     $valerror = 1;
                 }
             } elseif (!strcasecmp($key, "SIZELIMIT")) {
                 if (ctype_digit($val)) {
                     $opt_sizelimit = $val;
                 } else {
                     $valerror = 1;
                 }
             } elseif (!strcasecmp($key, "TIMELIMIT")) {
                 if (ctype_digit($val)) {
                     $opt_timelimit = $val;
                 } else {
                     $valerror = 1;
                 }
             } else {
                 $argerror_s = sprintf(i18n::s("Unknown LDAP option %s."), $key);
                 $argerror_c = sprintf(i18n::c("Unknown LDAP option %s."), $key);
                 $argerror = 1;
             }
             // a wrong value must trigger an error message
             if ($valerror) {
                 $argerror_s = sprintf(i18n::s("LDAP %s: bad value '%s'."), $key, $val);
                 $argerror_c = sprintf(i18n::c("LDAP %s: bad value '%s'."), $key, $val);
                 $argerror = 1;
             }
             // print any error message raised while parsing the option
             if ($argerror) {
                 Logger::error($argerror_s);
                 if ($context['with_debug'] == 'Y') {
                     Logger::remember('users/authenticators/ldap.php: ' . $argerror_c, '', 'debug');
                 }
                 return FALSE;
             }
         }
     }
     // ensure we can move forward
     if (!is_callable('ldap_connect')) {
         Logger::error(i18n::s('Please activate the LDAP library.'));
         if ($context['with_debug'] == 'Y') {
             Logger::remember('users/authenticators/ldap.php: ' . i18n::c('Please activate the LDAP library.'), '', 'debug');
         }
         return FALSE;
     }
     // open network socket
     if (!($handle = @ldap_connect($server, $port))) {
         Logger::error(sprintf(i18n::s('Impossible to connect to %.'), $server));
         if ($context['with_debug'] == 'Y') {
             Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to connect to %.'), $server . ':' . $port), '', 'debug');
         }
         return FALSE;
     }
     // set desired options
     @ldap_set_option($handle, LDAP_OPT_PROTOCOL_VERSION, $opt_protocol_version);
     @ldap_set_option($handle, LDAP_OPT_DEREF, $opt_deref);
     @ldap_set_option($handle, LDAP_OPT_SIZELIMIT, $opt_sizelimit);
     @ldap_set_option($handle, LDAP_OPT_TIMELIMIT, $opt_timelimit);
     // bind to directory, namely or anonymously
     if ($bind_dn && @ldap_bind($handle, $bind_dn, $bind_password)) {
     } elseif (!$bind_dn && @ldap_bind($handle)) {
     } else {
         Logger::error(sprintf(i18n::s('Impossible to bind to LDAP server %s.'), $server) . BR . ldap_errno($handle) . ': ' . ldap_error($handle));
         if ($context['with_debug'] == 'Y') {
             Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to bind to LDAP server %s.'), $server . ' ' . $bind_dn . ' ' . $bind_password), ldap_errno($handle) . ': ' . ldap_error($handle), 'debug');
         }
         ldap_close($handle);
         return FALSE;
     }
     // stop on successful bind
     if (!trim($search_filter)) {
         ldap_close($handle);
         return TRUE;
     }
     // search the directory
     if (!($result = @call_user_func($opt_ldap_search_func, $handle, $search_dn, $search_filter, array('cn')))) {
         Logger::error(sprintf(i18n::s('Impossible to search in LDAP server %s.'), $server) . BR . ldap_errno($handle) . ': ' . ldap_error($handle));
         if ($context['with_debug'] == 'Y') {
             Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to search in LDAP server %s.'), $server), ldap_errno($handle) . ': ' . ldap_error($handle), 'debug');
         }
         ldap_close($handle);
         return FALSE;
     }
     // successful match
     if (@ldap_first_entry($handle, $result) !== FALSE) {
         ldap_free_result($result);
         ldap_close($handle);
         return TRUE;
     }
     // authentication has failed
     if ($context['with_debug'] == 'Y') {
         Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('No match for %s.'), $search_filter), '', 'debug');
     }
     ldap_free_result($result);
     ldap_close($handle);
     return FALSE;
 }
Example #26
0
File: new.php Project: rair/yacs
     $fields['nick_name'] = 'groups';
     $fields['articles_layout'] = 'none';
     $fields['articles_templates'] = 'information_template, question_template, chat_template, event_template, wiki_template';
     $fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
     $fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
     $fields['index_map'] = 'N';
     // not mentioned at the home page
     $fields['locked'] = 'Y';
     // no direct contributions
     $fields['options'] = 'no_contextual_menu';
     $fields['rank'] = 40000;
     // at the end of the list
     $fields['sections_layout'] = 'directory';
     $fields['title'] = i18n::c('Groups');
     if (!($fields['id'] = Sections::post($fields, FALSE))) {
         Logger::remember('sections/new.php: Impossible to add a section.');
         return;
     }
     // retrieve the new section
     $anchor = Sections::get('groups');
 }
 // we are creating a blog
 if (isset($_REQUEST['space_type']) && $_REQUEST['space_type'] == 'blog') {
     $_REQUEST['articles_layout'] = 'daily';
     $_REQUEST['articles_templates'] = 'simple_template';
     $_REQUEST['content_options'] = 'with_extra_profile with_neighbours';
     $_REQUEST['options'] = 'with_extra_profile';
     $_REQUEST['locked'] = 'Y';
     // only editors can contribute
     // we are creating a project
 } elseif (isset($_REQUEST['space_type']) && $_REQUEST['space_type'] == 'project') {
Example #27
0
File: switch.php Project: rair/yacs
 $content .= '?>' . "\n";
 // save switch parameters, if any
 if (!Safe::file_put_contents('parameters/switch.include.php', $content)) {
     // not enough rights to write the file
     Logger::error(sprintf(i18n::s('Impossible to write to %s.'), 'parameters/switch.include.php.'));
     // allow for a manual update
     $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/switch.include.php') . "</p>\n";
     // display updated parameters
     $context['text'] .= Skin::build_box(i18n::s('Configuration'), Safe::highlight_string($content), 'folded');
 }
 // rename the switch file
 if (Safe::rename($context['path_to_root'] . 'parameters/switch.on', $context['path_to_root'] . 'parameters/switch.off')) {
     Logger::error(i18n::s('The server has been switched OFF. Switch it back on as soon as possible.'));
     // remember the change
     $label = i18n::c('The server has been switched off.');
     Logger::remember('control/switch.php: ' . $label);
     // if the server is currently switched off
 } elseif (file_exists($context['path_to_root'] . 'parameters/switch.off')) {
     Logger::error(i18n::s('The server is currently switched off. All users are redirected to the closed page.'));
 } else {
     Logger::error(i18n::s('Impossible to rename the file parameters/switch.on to parameters/switch.off. Do it yourself manually if you like.'));
 }
 // follow-up commands
 $menu = array();
 // do it again
 if (file_exists($context['path_to_root'] . 'parameters/switch.off')) {
     $menu = array_merge($menu, array('control/switch.php?action=on' => i18n::s('Switch on')));
 }
 // control panel
 $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
 // display follow-up commands
Example #28
0
File: cron.php Project: rair/yacs
}
//
// daily jobs
//
echo 'Checking daily jobs...' . BR;
// get date of last run
$record = Values::get_record('cron.daily', NULL_DATE);
// wait at least 1 day = 86400 seconds between runs
if (isset($record['edit_date'])) {
    $target = SQL::strtotime($record['edit_date']) + 86400;
} else {
    $target = time();
}
// request to be delayed
if ($target > time()) {
    echo 'Wait until ' . gmdate('r', $target) . ' GMT' . BR;
} else {
    Values::set('cron.daily', 'running...');
    // do the job and provide feed-back to user
    $context['text'] = Hooks::include_scripts('daily');
    echo $context['text'];
    // remember tick date and resulting text
    Values::set('cron.daily', $context['text']);
    // log outcome of script execution in debug mode
    if ($context['with_debug'] == 'Y') {
        Logger::remember('cron.php: daily processing', $context['text'], 'debug');
    }
}
// all done
$time = round(get_micro_time() - $context['start_time'], 2);
exit(sprintf('Script terminated in %.2f seconds.', $time) . BR);
Example #29
0
    if (isset($_REQUEST['users_without_uploads'])) {
        $content .= '$context[\'users_without_uploads\']=\'' . addcslashes($_REQUEST['users_without_uploads'], "\\'") . "';\n";
    }
    $content .= '?>' . "\n";
    // update the parameters file
    if (!Safe::file_put_contents('parameters/users.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/users.include.php'));
        // allow for a manual update
        $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/users.include.php') . "</p>\n";
        // job done
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/users.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/users.include.php');
        Logger::remember('users/configure.php: ' . $label);
    }
    // display updated parameters
    $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
    // follow-up commands
    $follow_up = i18n::s('Where do you want to go now?');
    $menu = array();
    $menu = array_merge($menu, array('users/' => i18n::s('People')));
    $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
    $menu = array_merge($menu, array('users/configure.php' => i18n::s('Configure again')));
    $follow_up .= Skin::build_list($menu, 'menu_bar');
    $context['text'] .= Skin::build_block($follow_up, 'bottom');
}
// render the skin
render_skin();
Example #30
-1
    if (isset($_REQUEST['bbb_server'])) {
        $content .= '$context[\'bbb_server\']=\'' . addcslashes($_REQUEST['bbb_server'], "\\'") . "';\n";
    }
    if (isset($_REQUEST['bbb_salt'])) {
        $content .= '$context[\'bbb_salt\']=\'' . addcslashes($_REQUEST['bbb_salt'], "\\'") . "';\n";
    }
    $content .= '?>' . "\n";
    // update the parameters file
    if (!Safe::file_put_contents('parameters/overlays.bbb_meetings.include.php', $content)) {
        Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/overlays.bbb_meetings.include.php'));
        // report to end-user
    } else {
        $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/overlays.bbb_meetings.include.php') . "</p>\n";
        // purge the cache
        Cache::clear();
        // remember the change
        $label = sprintf(i18n::c('%s has been updated'), 'parameters/overlays.bbb_meetings.include.php');
        Logger::remember('overlays/bbb_meetings/configure.php: ' . $label);
        // display updated parameters
        $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded');
        // follow-up commands
        $follow_up = i18n::s('Where do you want to go now?');
        $menu = array();
        $menu = array_merge($menu, array('control/' => i18n::s('Control Panel')));
        $menu = array_merge($menu, array('overlays/bbb_meetings/configure.php' => i18n::s('Configure again')));
        $follow_up .= Skin::build_list($menu, 'menu_bar');
        $context['text'] .= Skin::build_block($follow_up, 'bottom');
    }
}
// render the skin
render_skin();