function nf_uploadfile($filename, &$upload_file, $allowablefiletypes, $filestore_path) { global $_FILES, $_CONF, $_TABLES, $CONF_NF, $LANG_GF00; include_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); $upload->setPath($filestore_path); $upload->setLogging(true); $upload->setAutomaticResize(false); $upload->setAllowedMimeTypes($allowablefiletypes); $upload->setMaxFileSize($CONF_NF['max_uploadfile_size']); if (strlen($upload_file['name']) > 0) { $upload->setFileNames($filename); $upload->setPerms($CONF_NF['fileperms']); $upload->_currentFile = $upload_file; // Verify file meets size limitations if (!$upload->_fileSizeOk()) { $upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit'); } // If all systems check, do the upload if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) { if ($upload->_copyFile()) { $upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName(); } } $upload->_currentFile = array(); if ($upload->areErrors() and !$upload->_continueOnError) { $errmsg = "Workflow Upload Attachment Error:" . $upload->printErrors(false); COM_errorlog($errmsg); $GLOBALS['nf_errmsg'] = $LANG_GF00['uploaderr'] . ':<BR>' . $upload->printErrors(false); return false; } return true; } else { return false; } return false; }
function INSTALLER_fail($pluginName, $rev) { $A = array_reverse($rev); foreach ($A as $sql) { if (empty($sql)) { // no step } elseif (is_array($sql)) { if (array_key_exists('type', $sql)) { $function = 'INSTALLER_fail_' . $type; if (function_exists($function)) { COM_errorlog("AutoInstall: FAIL: calling {$function}"); $function($sql); } } } else { COM_errorLog("AutoInstall: FAIL: {$sql}"); DB_query($sql, 1); } } PLG_uninstall($pluginName); }
/** * Converts permissions to numeric values * * This function will take all permissions for an object and get the numeric value * that can then be used to save the database. * * @param array $perm_owner Array of owner permissions These arrays are set up by SEC_getPermissionsHTML * @param array $perm_group Array of group permissions * @param array $perm_members Array of member permissions * @param array $perm_anon Array of anonymous user permissions * @return array returns numeric equivalent for each permissions array (2 = read, 3=edit/read) * @see SEC_getPermissionsHTML * @see SEC_getPermissionValue * */ function SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon) { global $_SEC_VERBOSE; if ($_SEC_VERBOSE) { COM_errorLog('**** Inside SEC_getPermissionValues ****', 1); } if (is_array($perm_owner)) { $perm_owner = SEC_getPermissionValue($perm_owner); } else { $perm_owner = 0; } if (is_array($perm_group)) { $perm_group = SEC_getPermissionValue($perm_group); } else { $perm_group = 0; } if (is_array($perm_members)) { $perm_members = SEC_getPermissionValue($perm_members); } else { $perm_members = 0; } if (is_array($perm_anon)) { $perm_anon = SEC_getPermissionValue($perm_anon); } else { $perm_anon = 0; } if ($_SEC_VERBOSE) { COM_errorlog('perm_owner = ' . $perm_owner, 1); COM_errorlog('perm_group = ' . $perm_group, 1); COM_errorlog('perm_member = ' . $perm_members, 1); COM_errorlog('perm_anon = ' . $perm_anon, 1); COM_errorLog('**** Leaving SEC_getPermissionValues ****', 1); } return array($perm_owner, $perm_group, $perm_members, $perm_anon); }
function FILECHECK_scanNegative() { global $_CONF, $D, $F, $data_arr, $max_time; // check for missing directories foreach ($D as $key => $value) { // replace the generic prefix with the actual directory $rdir = $key; if (strtolower(substr($rdir, 0, 7)) == 'private') { $where = 'private'; $rdir = strtolower($rdir) != $where ? $_CONF['path'] . substr($rdir, 8) : substr($_CONF['path'], 0, -1); } elseif (strtolower(substr($rdir, 0, 11)) == 'public_html') { $where = 'public_html'; $rdir = strtolower($rdir) != $where ? $_CONF['path_html'] . substr($rdir, 12) : substr($_CONF['path_html'], 0, -1); } elseif ($rdir == 'README' || $rdir == '.gitignore') { continue; } else { COM_errorlog('filecheck: unexpected root dirspec(not private/ or public_html/): ' . $rdir); } // how we check depends upon whether we were allowed to recurse there $test = $value[0]; switch ($test) { case 'E': // we were not allowed to recurse here, check manually if (!is_dir($rdir)) { $data_arr[] = array('where' => $where, 'type' => 'D', 'delta' => '-', 'location' => $rdir . '/'); } break; case 'R': // we recursed here, unpinged dirs must be missing if (stristr('!', $value)) { $data_arr[] = array('where' => $where, 'type' => 'D', 'delta' => '-', 'location' => $rdir . '/'); } break; } } // check for missing files foreach ($F as $key => $value) { // replace the generic prefix with the actual directory $rdir = $key; if (strtolower(substr($rdir, 0, 7)) == 'private') { $where = 'private'; $rdir = strtolower($rdir) != $where ? $_CONF['path'] . substr($rdir, 8) : substr($_CONF['path'], 0, -1); } elseif (strtolower(substr($rdir, 0, 11)) == 'public_html') { $where = 'public_html'; $rdir = strtolower($rdir) != $where ? $_CONF['path_html'] . substr($rdir, 12) : substr($_CONF['path_html'], 0, -1); } elseif ($rdir == 'README' || $rdir == '.gitignore') { continue; } else { COM_errorlog('filecheck: unexpected root dirspec(not private/ or public_html/): ' . $rdir); } // ok now check for unpinged files that are not set to be ignored $test = $value[0]; if (!stristr('!', $value) && $test != 'I') { // ostensibly, this file was not found - get the dir and file parts $pathinfo = pathinfo($rdir); $dirname = $pathinfo['dirname']; $filename = $pathinfo['filename'] . (isset($pathinfo['extension']) ? '.' . $pathinfo['extension'] : ''); // check to see if we were allowed to recurse into this dir if ($test == 'R') { // yes, we were allowed to look here, and the file was not found $data_arr[] = array('where' => $where, 'type' => 'F', 'delta' => '-', 'location' => $rdir); } else { // no, we were not allowed to look here, so test manually if (!file_exists($rdir)) { $data_arr[] = array('where' => $where, 'type' => 'F', 'delta' => '-', 'location' => $rdir); } } } } return true; }
function MG_upgrade_148() { global $_TABLES, $_CONF, $_MG_CONF, $_DB_dbms; $_SQL = array(); if ($_DB_dbms == 'mssql') { $_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `enable_keywords` SMALLINT NOT NULL DEFAULT '0'"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `podcast` SMALLINT NOT NULL DEFAULT '0'"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `media_resolution_x` INT NOT NULL default '0'"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `media_resolution_y` INT NOT NULL default '0'"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `media_resolution_x` INT NOT NULL default '0'"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `media_resolution_y` INT NOT NULL default '0'"; $_SQL['mg_session_items2'] = "CREATE TABLE [dbo].[{$_TABLES['mg_session_items2']}](\n [id] [int] IDENTITY(1,1) NOT NULL,\n [data1] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data2] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data3] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data4] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data5] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data6] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data7] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data8] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n [data9] [nvarchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,\n CONSTRAINT [PK_mg_batch_session_items2] PRIMARY KEY CLUSTERED\n (\n [id] ASC\n )WITH (PAD_INDEX = OFF, IGNORE_DUP_KEY = OFF) ON [PRIMARY]\n ) ON [PRIMARY]\n "; } else { $_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `enable_keywords` TINYINT(4) NOT NULL DEFAULT '0' AFTER `enable_views`"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `podcast` TINYINT(4) NOT NULL DEFAULT '0' AFTER `hidden`"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `media_resolution_x` INT(11) NOT NULL default '0' AFTER `media_rating`"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `media_resolution_y` int(11) NOT NULL default '0' AFTER `media_resolution_x`"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `media_resolution_x` INT(11) NOT NULL default '0' AFTER `media_rating`"; $_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `media_resolution_y` int(11) NOT NULL default '0' AFTER `media_resolution_x`"; $_SQL[] = "CREATE TABLE {$_TABLES['mg_session_items2']} (\n `id` bigint(20) NOT NULL,\n `data1` varchar(255) NOT NULL,\n `data2` varchar(255) NOT NULL,\n `data3` varchar(255) NOT NULL,\n `data4` varchar(255) NOT NULL,\n `data5` varchar(255) NOT NULL,\n `data6` varchar(255) NOT NULL,\n `data7` varchar(255) NOT NULL,\n `data8` varchar(255) NOT NULL,\n `data9` varchar(255) NOT NULL,\n KEY `id` (`id`)\n );"; } /* Execute SQL now to perform the upgrade */ for ($i = 1; $i <= count($_SQL); $i++) { COM_errorLOG("Media Gallery plugin 1.4.8 update: Executing SQL => " . current($_SQL)); DB_query(current($_SQL), 1); if (DB_error()) { COM_errorLog("SQL Error during Media Gallery plugin update", 1); return 1; break; } next($_SQL); } // need to make this a db save instead... DB_save($_TABLES['mg_config'], 'config_name,config_value', "'ad_enable_keywords','0'"); // Add new group MediaGallery.config COM_errorLog("Attempting to create mediagallery config group", 1); DB_query("INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr, grp_gl_core) " . "VALUES ('mediagallery Config', 'Users in this group can configure the mediagallery plugin',0)", 1); if (DB_error()) { return 1; } $group_id = DB_insertId(); if ($group_id == 0) { $lookup = 'mediagallery Config'; $result = DB_query("SELECT * FROM {$_TABLES['groups']} WHERE grp_name='" . $lookup . "'"); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $group_id = $row['grp_id']; } else { COM_errorlog("ERROR: Media Gallery Installation - Unable to determine group_id"); return 1; } } // Save the cgrp id for later uninstall COM_errorLog('About to save cgroup_id to vars table for use during uninstall', 1); DB_query("INSERT INTO {$_TABLES['vars']} VALUES ('mediagallery_cid', {$group_id})", 1); if (DB_error()) { COM_errorLog("Failed to save group_id to vars table", 1); return 1; } // Added new feature mediagallery.config COM_errorLog("Adding mediagallery.config feature", 1); DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr, ft_gl_core) " . "VALUES ('mediagallery.config','Media Gallery Config Rights',0)", 1); if (DB_error()) { COM_errorLog("Failure adding mediagallery.config feature", 1); return 1; } $feat_id = DB_insertId(); if ($feat_id == 0) { $result = DB_query("SELECT * FROM {$_TABLES['features']} WHERE ft_name='mediagallery.config'"); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $feat_id = $row['ft_id']; } else { COM_errorlog("ERROR: Media Gallery Upgrade - Unable to determine feat_id for mediagallery.config"); return 1; } } COM_errorLog("Success - feat_id = " . $feat_id, 1); COM_errorLog("Adding mediagallery.config feature to config group", 1); DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES ({$feat_id}, {$group_id})", 1); if (DB_error()) { COM_errorLog("Failure adding {$feature} feature to config group", 1); return 1; } COM_errorLog("Attempting to give all users in Root group access to mediagallery config group", 1); DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES ({$group_id}, NULL, 1)"); if (DB_error()) { COM_errorLog("Failure giving all users in Root group access"); return 1; } /* --- end of new feature / group --- */ // fix missing mime types for older installations $sql = "SELECT * FROM {$_TABLES['mg_media']} WHERE mime_type = '' OR mime_type = 'application/octet-stream'"; $result = DB_query($sql); while ($M = DB_fetchArray($result)) { switch ($M['media_mime_ext']) { case 'jpg': $mimeType = 'image/jpeg'; break; case 'png': $mimeType = 'image/png'; break; case 'tif': $mimeType = 'image/tiff'; break; case 'gif': $mimeType = 'image/gif'; break; case 'bmp': $mimeType = 'image/bmp'; break; case 'tga': $mimeType = 'image/tga'; break; case 'psd': $mimeType = 'image/psd'; break; case 'mp3': $mimeType = 'audio/mpeg'; break; case 'ogg': $mimeType = 'application/ogg'; break; case 'asf': $mimeType = 'video/x-ms-asf'; break; case 'wma': $mimeType = 'audio/x-ms-wma'; break; case 'swf': $mimeType = 'application/x-shockwave-flash'; break; case 'mov': $mimeType = 'video/quicktime'; break; case 'mp4': case 'mpg': case 'mpeg': $mimeType = 'video/mpeg'; break; case 'zip': $mimeType = 'application/zip'; break; case 'pdf': $mimeType = 'application/pdf'; break; case 'flv': $mimeType = 'video/x-flv'; break; default: $mimeType = 'application/octet-stream'; break; } DB_query("UPDATE {$_TABLES['mg_media']} set mime_type='" . $mimeType . "' WHERE media_id='" . $M['media_id'] . "'"); } DB_query("UPDATE {$_TABLES['plugins']} SET pi_homepage='http://www.gllabs.org' WHERE pi_name='mediagallery'", 1); }
/** * Check if the plugin is compatible with this Geeklog version * * @param string $pi_name Plugin name * @return boolean true: plugin compatible; false: not compatible * */ function plugin_compatible_with_this_version_nexpro($pi_name) { global $_CONF, $_DB_dbms; // check if we support the DBMS the site is running on $dbFile = $_CONF['path'] . 'plugins/' . $pi_name . '/sql/' . $_DB_dbms . '_install.php'; if (!file_exists($dbFile)) { return false; } //now here we are going to check if all of the files are installed in the right areas: $farray = array($_CONF['path'] . 'system/nexpro/classes/multiupload.class.php', $_CONF['path'] . 'system/nexpro/classes/tagcloud.class.php', $_CONF['path'] . 'system/nexpro/classes/TreeMenu.php', $_CONF['path'] . 'system/nexpro/classes/nexreport/formatter.class.php', $_CONF['path'] . 'system/nexpro/classes/nexreport/report.php', $_CONF['path'] . 'system/nexpro/classes/nexreport/format/display.class.php', $_CONF['path'] . 'system/nexpro/classes/nexreport/format/excel.class.php', $_CONF['path'] . 'system/nexpro/classes/nexreport/type/users.php', $_CONF['path_html'] . 'javascript/php_serializer.js', $_CONF['path_html'] . 'javascript/nexYUICal.js'); $missingfiles = false; $errormessage = ""; foreach ($farray as $file_to_check) { $handle = @fopen($file_to_check, "r"); if ($handle === false) { $missingfiles = true; $errormessage .= "nexPro plugin requires the {$file_to_check} to exist.\n"; } } if ($missingfiles) { COM_errorlog("You need to move all of the nexPro plugin files to the proper directories before installation.\n" . $errormessage); return false; } //now check if the sanitize class has a specific method within it: require_once $_CONF['path'] . 'system/classes/sanitize.class.php'; $testsanitize = new sanitizer(); if (!method_exists($testsanitize, 'normalize')) { COM_errorlog("The {$_CONF['path']}/system/classes/sanitize.class.php file needs to be updated with the one provided with the nexPro plugin."); COM_errorlog("Please update the sanitize.class.php file to install the nexPro plugin"); return false; } return true; }
function _ff_uploadfile($filename, &$upload_file, $allowablefiletypes, $use_filemgmt = 0) { global $_FILES, $_CONF, $_TABLES, $_FF_CONF, $LANG_GF00, $filemgmt_FileStore; USES_class_upload(); $upload = new upload(); if ($use_filemgmt == 1) { $upload->setPath($filemgmt_FileStore); } else { $upload->setPath($_FF_CONF['uploadpath']); } $upload->setLogging(true); $upload->setAllowedMimeTypes($allowablefiletypes); // Set max dimensions as well in case user is uploading a full size image $upload->setMaxDimensions($_FF_CONF['max_uploadimage_width'], $_FF_CONF['max_uploadimage_height']); if (!isset($_FF_CONF['max_uploadimage_size']) || $_FF_CONF['max_uploadimage_size'] == 0) { $upload->setMaxFileSize(100000000); } else { $upload->setMaxFileSize($_FF_CONF['max_uploadimage_size']); } $upload->setAutomaticResize(true); if (strlen($upload_file['name']) > 0) { $upload->setFileNames($filename); $upload->setPerms($_FF_CONF['fileperms']); $upload->_currentFile = $upload_file; // Verify file meets size limitations if (!$upload->_fileSizeOk()) { $upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit'); } // If all systems check, do the upload if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) { if ($upload->_copyFile()) { $upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName(); } } $upload->_currentFile = array(); if ($upload->areErrors() and !$upload->_continueOnError) { $errmsg = "Forum Upload Attachment Error:" . $upload->printErrors(false); COM_errorlog($errmsg); $GLOBALS['ff_errmsg'] = $LANG_GF00['uploaderr'] . ':<br/>' . $upload->printErrors(false); return false; } return true; } else { return false; } return false; }