$p_level = $p_level - 1; switch ($p_level) { case '3': $new_permissions->permissions["user"] = TRUE; $new_permissions->permissions["writer"] = TRUE; $new_permissions->permissions["moderator"] = TRUE; break; case '2': $new_permissions->permissions["user"] = TRUE; $new_permissions->permissions["writer"] = TRUE; break; case '1': $new_permissions->permissions["user"] = TRUE; break; } $mask = $new_permissions->toBitmask(); $query = sprintf("\n UPDATE \n %1\$s \n SET \n permission_level = %2\$d \n WHERE \n id = %3\$d", TABLE_USERS, $mask, $_GET['id']); $db->query($query); $ft->assign('CONFIRM', $i18n['edit_users'][6]); } } if ($plevel == "up") { if ($p_level == 4) { $ft->assign('CONFIRM', $i18n['edit_users'][7]); } else { $p_level = $p_level + 1; switch ($p_level) { case '4': $new_permissions->permissions["user"] = TRUE; $new_permissions->permissions["writer"] = TRUE; $new_permissions->permissions["moderator"] = TRUE;
$file .= '?' . '>'; $fp = @fopen('../administration/inc/config.php', 'w'); $result = @fputs($fp, $file, strlen($file)); @fclose($fp); $pass = md5($corepass_1); $t1 = $dbprefix . 'users'; $t2 = $dbprefix . 'category'; $t3 = $dbprefix . 'config'; $perms = new permissions(); // Nadajemu stosowne uprawnienia u¿ytkownikowi $perms->permissions["user"] = TRUE; $perms->permissions["writer"] = TRUE; $perms->permissions["moderator"] = TRUE; $perms->permissions["tpl_editor"] = TRUE; $perms->permissions["admin"] = TRUE; $bitmask = $perms->toBitmask(); // wstawiamy pocz±tkowego u¿ytkownika $query = sprintf("\r\n INSERT INTO\r\n %1\$s\r\n VALUES\r\n ('language_set', '%2\$s')", $t3, $lang); $db->query($query); // wstawiamy pocz±tkowego u¿ytkownika $query = sprintf("\r\n INSERT INTO\r\n %1\$s\r\n VALUES\r\n ('', '%2\$s', '%3\$s', '%4\$s', '%5\$d', 'Y', '', '', '', '', '', '', '', '', '', '')", $t1, $coreuser, $pass, $coremail, $bitmask); $db->query($query); if ($fp == FALSE) { $err .= $i18n['main_content'][5]; $file = str_replace('<', '<', $file); $err .= "<div class=\"code\">" . str_nl2br($file) . "</div>"; $err .= "<br /><br />"; } else { $err .= $i18n['main_content'][4]; } if (!is_writable('../photos')) {
function do_install() { global $ft, $i18n; $this->dbcreate = $_POST['dbcreate']; $this->db_schema = SQL_SCHEMA . 'core-mysql_install.sql'; if (isset($this->dbcreate)) { $dsn = 'mysql:host=' . $this->dbhost; try { $dbh = new PDO($dsn, $this->dbuser, $this->dbpass); } catch (PDOException $e) { echo 'Wyjatek z³apany: ' . $e->getMessage(); } $dbh->exec("CREATE DATABASE {$this->dbname}"); } $dsn = 'mysql:dbname=' . $this->dbname . ';host=' . $this->dbhost; try { $dbh = new PDO($dsn, $this->dbuser, $this->dbpass); } catch (PDOException $e) { echo 'Wyjatek z³apany: ' . $e->getMessage(); } $sql_query = explode(';', file_get_contents($this->db_schema)); $sql_query = str_replace('core_', $this->dbprefix, $sql_query); $sql_query = $this->lang == 'en' ? str_replace('DEFAULT_CATEGORY', 'default', $sql_query) : str_replace('DEFAULT_CATEGORY', 'ogólna', $sql_query); $sql_size = sizeof($sql_query) - 1; for ($i = 0; $i < $sql_size; $i++) { $dbh->exec($sql_query[$i]); } $file = '<?php' . "\n"; $file .= "\n// Core CMS auto-generated config file\n\n"; $file .= 'define(\'DB_HOST\', \'' . $this->dbhost . '\');' . "\n"; $file .= 'define(\'DB_USER\', \'' . $this->dbuser . '\');' . "\n"; $file .= 'define(\'DB_PASS\', \'' . $this->dbpass . '\');' . "\n"; $file .= 'define(\'DB_NAME\', \'' . $this->dbname . '\');' . "\n"; $file .= 'define(\'PREFIX\', \'' . $this->dbprefix . '\');' . "\n\n"; $file .= "define('TABLE_ASSIGN2CAT', PREFIX . 'assign2cat');\n"; $file .= "define('TABLE_MAIN', PREFIX . 'devlog');\n"; $file .= "define('TABLE_USERS', PREFIX . 'users');\n"; $file .= "define('TABLE_COMMENTS', PREFIX . 'comments');\n"; $file .= "define('TABLE_CONFIG', PREFIX . 'config');\n"; $file .= "define('TABLE_CATEGORY', PREFIX . 'category');\n"; $file .= "define('TABLE_PAGES', PREFIX . 'pages');\n"; $file .= "define('TABLE_LINKS', PREFIX . 'links');\n"; $file .= "define('TABLE_NEWSLETTER', PREFIX . 'newsletter');\n\n"; $file .= "define('CORE_INSTALLED', true);\n\n"; $file .= '//mail address to person who can repair if something in Your code is broken' . "\n"; $file .= "define('ADMIN_MAIL', '*****@*****.**');\n\n"; $file .= '?' . '>'; $fp = file_put_contents('../administration/inc/config.php', $file); $pass = md5($this->corepass_1); $t1 = $this->dbprefix . 'users'; $t2 = $this->dbprefix . 'category'; $t3 = $this->dbprefix . 'config'; $perms = new permissions(); $perms->permissions["user"] = TRUE; $perms->permissions["writer"] = TRUE; $perms->permissions["moderator"] = TRUE; $perms->permissions["tpl_editor"] = TRUE; $perms->permissions["admin"] = TRUE; $bitmask = $perms->toBitmask(); // wstawiamy pocz±tkowego u¿ytkownika $query = sprintf("\r\n INSERT INTO\r\n %1\$s\r\n VALUES\r\n ('language_set', '%2\$s')", $t3, $this->lang); $dbh->exec($query); // wstawiamy pocz±tkowego u¿ytkownika $query = sprintf("\r\n INSERT INTO\r\n %1\$s\r\n VALUES\r\n ('', '%2\$s', '%3\$s', '%4\$s', '%5\$d', 'Y', '', '', '', '', '', '', '', '', '', '')", $t1, $this->coreuser, $pass, $this->coremail, $bitmask); $dbh->exec($query); if ($fp == FALSE) { $this->err .= $i18n['main_content'][5]; $file = str_replace('<', '<', $file); $this->err .= "<div class=\"code\">" . str_nl2br($file) . "</div>"; $this->err .= "<br /><br />"; } else { $this->err .= $i18n['main_content'][4]; } if (!is_writable('../photos')) { $photos_dir = realpath('./../') . '/photos/'; $this->err .= $i18n['main_content'][6]; } $ft->assign('MONIT', $this->err); $ft->define('monit_content', "monit_content.tpl"); $ft->parse('ROWS', ".monit_content"); }