function processAuthentications() { if (isset($_POST[POST_INTERN_PROCESS_AUTHENTICATIONS . "_va"])) { if (OperatorRequest::IsValidated()) { $users = explode(POST_ACTION_VALUE_SPLITTER, $_POST[POST_INTERN_PROCESS_AUTHENTICATIONS . "_va"]); $passwords = explode(POST_ACTION_VALUE_SPLITTER, $_POST[POST_INTERN_PROCESS_AUTHENTICATIONS . "_vb"]); foreach ($users as $key => $user) { if ($user == CALLER_SYSTEM_ID) { Server::$Operators[$user]->ChangePassword($passwords[$key]); Server::$Response->Authentications = "<val userid=\"" . base64_encode($user) . "\" />\r\n"; } } } } }
} } } } } } } } } } } } } else { Server::$Response->SetValidationError(AUTH_RESULT); } if (OperatorRequest::IsValidated() && !SERVERSETUP) { if (LOGOFF || LOGIN) { if (LOGOFF) { Server::$Operators[CALLER_SYSTEM_ID]->GetExternalObjects(); } Server::$Operators[CALLER_SYSTEM_ID]->Reposts = array(); } Server::$Operators[CALLER_SYSTEM_ID]->Save(); } if (LOGIN && DB_ACCESS_REQUIRED) { require LIVEZILLA_PATH . "_lib/functions.internal.man.inc.php"; $extension = !empty(Server::$Configuration->File["gl_db_ext"]) ? Server::$Configuration->File["gl_db_ext"] : ""; $res = ServerManager::ValidateDatabase(Server::$Configuration->File["gl_db_host"], Server::$Configuration->File["gl_db_user"], Server::$Configuration->File["gl_db_pass"], Server::$Configuration->File["gl_db_name"], Server::$Configuration->File["gl_db_prefix"], $extension, false, Server::$Configuration->File["gl_db_eng"]); if (!empty($res)) { Server::$Response->SetValidationError(LOGIN_REPLY_DB, $res); }
static function GetTranslationData($translation = "") { global $LZLANG; if (OperatorRequest::IsValidated() && Is::Defined("VALIDATED_FULL_LOGIN") && OperatorRequest::IsAdministrator(true)) { Logging::SecurityLog("ServerManager::GetTranslationData", serialize($_POST), CALLER_SYSTEM_ID); $langid = $_POST["p_int_trans_iso"]; if (strpos($langid, "..") === false && strlen($langid) <= 6) { $mobile = !empty($_POST["p_int_trans_m"]); $mobileOriginal = !empty($_POST["p_int_trans_mo"]); $path = !$mobileOriginal ? "_language/" : "mobile/php/translation/"; IOStruct::RequireDynamic(LocalizationManager::GetLocalizationFileString($langid, true, $mobile, $mobileOriginal), LIVEZILLA_PATH . $path); $translation .= "<language key=\"" . base64_encode($langid) . "\">\r\n"; foreach ($LZLANG as $key => $value) { $translation .= "<val key=\"" . base64_encode($key) . "\">" . base64_encode($value) . "</val>\r\n"; } $translation .= "</language>\r\n"; Server::$Response->SetStandardResponse(1, $translation); } else { Server::$Response->SetStandardResponse(0, $translation); } } }
@set_time_limit(30); require LIVEZILLA_PATH . "_definitions/definitions.inc.php"; require LIVEZILLA_PATH . "_lib/functions.global.inc.php"; require LIVEZILLA_PATH . "_definitions/definitions.dynamic.inc.php"; require LIVEZILLA_PATH . "_definitions/definitions.protocol.inc.php"; require LIVEZILLA_PATH . "_lib/objects.internal.inc.php"; @set_error_handler("handleError"); @error_reporting(E_ALL); header("Pragma: no-cache"); header("Cache-Control: no-cache, must-revalidate"); header("Keep-Alive: timeout=5, max=100"); Server::DefineURL("api.php"); Server::InitDataProvider(); Server::InitDataBlock(array("INTERNAL", "INPUTS", "DBCONFIG")); OperatorRequest::Validate(true); if (OperatorRequest::IsValidated() && Is::Defined("CALLER_SYSTEM_ID")) { if (Server::$Operators[CALLER_SYSTEM_ID]->GetPermission(46) != PERMISSION_NONE) { require "objects.apiv2.inc.php"; $apiv2 = new ApiV2(isset($_POST["p_json_pretty"])); if ($apiv2->RunActions() && empty($apiv2->ErrorField) && !empty($apiv2->JSONOutput)) { exit($apiv2->JSONOutput); } else { APIErrorExit($apiv2->GetErrorCodes()); } } else { APIErrorExit("LZAV20002"); } } else { APIErrorExit("LZAV20001"); } APIErrorExit("LZAV20000");
function SetPasswordChangeNeeded() { if (OperatorRequest::IsValidated() && Is::Defined("VALIDATED_FULL_LOGIN")) { Logging::SecurityLog("Operator->SetPasswordChangeNeeded", "", Is::Defined("CALLER_SYSTEM_ID")); $this->PasswordChangeRequest = true; DBManager::Execute(true, "UPDATE `" . DB_PREFIX . DATABASE_OPERATORS . "` SET `password_change_request`=1 WHERE `system_id`='" . DBManager::RealEscape($this->SystemId) . "' LIMIT 1;"); } }
static function IsAdministrator($_allowSubSites = false) { if (OperatorRequest::IsValidated() && isset(Server::$Operators[CALLER_SYSTEM_ID])) { if (Server::$Operators[CALLER_SYSTEM_ID]->Level == USER_LEVEL_ADMIN) { return true; } else { if ($_allowSubSites && (is_array(Server::$Operators[CALLER_SYSTEM_ID]->WebsitesUsers) && in_array(Server::$Configuration->File["gl_host"], Server::$Operators[CALLER_SYSTEM_ID]->WebsitesUsers))) { return true; } } } return false; }