/**
 *
 * Traps errors and insures thy are logged.
 * @param int $errno
 * @param string $errstr
 * @param string $errfile
 * @param string $errline
 * @return void|boolean
 */
function zpErrorHandler($errno, $errstr = '', $errfile = '', $errline = '')
{
    // check if function has been called by an exception
    if (func_num_args() == 5) {
        // called by trigger_error()
        list($errno, $errstr, $errfile, $errline) = func_get_args();
    } else {
        // caught exception
        $exc = func_get_arg(0);
        $errno = $exc->getCode();
        $errstr = $exc->getMessage();
        $errfile = $exc->getFile();
        $errline = $exc->getLine();
    }
    // if error has been supressed with an @
    if (error_reporting() == 0 && !in_array($errno, array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE))) {
        return;
    }
    $errorType = array(E_ERROR => gettext('ERROR'), E_WARNING => gettext('WARNING'), E_NOTICE => gettext('NOTICE'), E_USER_ERROR => gettext('USER ERROR'), E_USER_WARNING => gettext('USER WARNING'), E_USER_NOTICE => gettext('USER NOTICE'), E_STRICT => gettext('STRICT NOTICE'));
    // create error message
    if (array_key_exists($errno, $errorType)) {
        $err = $errorType[$errno];
    } else {
        $err = gettext("EXCEPTION ({$errno})");
        $errno = E_ERROR;
    }
    $msg = sprintf(gettext('%1$s: %2$s in %3$s on line %4$s'), $err, $errstr, $errfile, $errline);
    debugLogBacktrace($msg, 1);
    return false;
}
Exemple #2
0
/**
 * backs-up and updates the Zenphoto configuration file
 *
 * @param string $zp_cfg
 */
function storeConfig($zp_cfg)
{
    debugLogBacktrace(gettext('Updating the configuration file'));
    $mod = fileperms(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE) & 0777;
    @rename(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $backkup = SERVERPATH . '/' . DATA_FOLDER . '/' . stripSuffix(CONFIGFILE) . '.bak.php');
    @chmod($backup, $mod);
    file_put_contents(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $zp_cfg);
    @chmod($backup, SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $mod);
}
/**
 * Returns a new "image" object based on the file extension
 *
 * @param object $album the owner album
 * @param string $filename the filename
 * @param bool $quiet set true to supress error messages (used by loadimage)
 * @return object
 */
function newImage($album, $filename, $quiet = false)
{
    global $_zp_extra_filetypes;
    if (is_array($filename)) {
        $xalbum = new Album(new Gallery(), $filename['folder']);
        $filename = $filename['filename'];
    } else {
        $xalbum = $album;
    }
    if (!is_object($xalbum) || strtoLower(get_class($xalbum)) != 'album' || !$xalbum->exists) {
        $msg = sprintf(gettext('Bad album object parameter to newImage(%s)'), $filename);
        debugLogBacktrace($msg);
        trigger_error(html_encode($msg), E_USER_NOTICE);
        return NULL;
    }
    if ($ext = is_valid_other_type($filename)) {
        $object = $_zp_extra_filetypes[$ext];
        $image = new $object($xalbum, $filename);
    } else {
        if (is_valid_image($filename)) {
            $image = new _Image($xalbum, $filename);
        } else {
            $image = NULL;
        }
    }
    if ($image) {
        zp_apply_filter('image_instantiate', $image);
        if ($image->exists) {
            return $image;
        } else {
            return NULL;
        }
    }
    if (!$quiet) {
        $msg = sprintf(gettext('Bad filename suffix in newImage(%s)'), $filename);
        debugLogBacktrace($msg);
        trigger_error(html_encode($msg), E_USER_NOTICE);
    }
    return NULL;
}
/**
 *
 * Traps errors and insures thy are logged.
 * @param int $errno
 * @param string $errstr
 * @param string $errfile
 * @param string $errline
 * @return void|boolean
 */
function zpErrorHandler($errno, $errstr = '', $errfile = '', $errline = '')
{
    global $_zp_current_admin_obj, $_index_theme;
    // check if function has been called by an exception
    if (func_num_args() == 5) {
        list($errno, $errstr, $errfile, $errline) = func_get_args();
    } else {
        // caught exception
        $exc = func_get_arg(0);
        $errno = $exc->getCode();
        $errstr = $exc->getMessage();
        $errfile = $exc->getFile();
        $errline = $exc->getLine();
    }
    // if error has been supressed with an @
    if (error_reporting() == 0 && !in_array($errno, array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE))) {
        return;
    }
    $errorType = array(E_ERROR => gettext('ERROR'), E_WARNING => gettext('WARNING'), E_NOTICE => gettext('NOTICE'), E_USER_ERROR => gettext('USER ERROR'), E_USER_WARNING => gettext('USER WARNING'), E_USER_NOTICE => gettext('USER NOTICE'), E_STRICT => gettext('STRICT NOTICE'));
    // create error message
    if (array_key_exists($errno, $errorType)) {
        $err = $errorType[$errno];
    } else {
        $err = gettext("EXCEPTION ({$errno})");
        $errno = E_ERROR;
    }
    $msg = sprintf(gettext('%1$s: "%2$s" in %3$s on line %4$s'), $err, $errstr, $errfile, $errline);
    if (array_key_exists('REQUEST_URI', $_SERVER)) {
        $uri = sanitize($_SERVER['REQUEST_URI']);
        preg_match('|^(http[s]*\\://[a-zA-Z0-9\\-\\.]+/?)*(.*)$|xis', $uri, $matches);
        $uri = $matches[2];
        if (!empty($matches[1])) {
            $uri = '/' . $uri;
        }
    } else {
        $uri = sanitize(@$_SERVER['SCRIPT_NAME']);
    }
    if ($uri) {
        $uri = "\n URI:" . urldecode(str_replace('\\', '/', $uri));
    }
    $uri .= "\n IP `" . getUserIP() . '`';
    if (is_object($_zp_current_admin_obj)) {
        $uri .= "\n " . gettext('user') . ':' . $_zp_current_admin_obj->getUser();
    }
    if ($_index_theme) {
        $uri .= "\n " . gettext('theme') . ':' . $_index_theme;
    }
    debugLogBacktrace($msg . $uri, 1);
    if (!ini_get('display_errors') && ($errno == E_ERROR || ($errno = E_USER_ERROR))) {
        // out of curtesy show the error message on the WEB page since there will likely be a blank page otherwise
        ?>
		<div style="padding: 10px 15px 10px 15px;	background-color: #FDD;	border-width: 1px 1px 2px 1px;	border-style: solid;	border-color: #FAA;	margin-bottom: 10px;	font-size: 100%;">
		<?php 
        echo html_encode($msg);
        ?>
		</div>
		<?php 
    }
    return false;
}
Exemple #5
0
/**
 * Tool to log execution times of script bits
 *
 * @param string $point location identifier
 */
function instrument($point)
{
    global $_zp_timer;
    $now = microtime(true);
    if (empty($_zp_timer)) {
        $delta = '';
    } else {
        $delta = ' (' . ($now - $_zp_timer) . ')';
    }
    $_zp_timer = microtime(true);
    debugLogBacktrace($point . ' ' . $now . $delta);
}
Exemple #6
0
function intel2Moto($intel)
{
    static $cache = array();
    if (isset($cache[$intel])) {
        return $cache[$intel];
    }
    $cache[$intel] = '';
    $len = strlen($intel);
    if ($len > 1000) {
        debugLogBacktrace('intel2Moto called with unreasonable data string: length=' . $len);
        trigger_error(sprintf('intel2Moto called with unreasonable data string: length=%s. See debug log for details. (Setting DEBUG_EXIF to true might help locate problem images.)', $len));
    } else {
        for ($i = 0; $i <= $len; $i += 2) {
            $cache[$intel] .= substr($intel, $len - $i, 2);
        }
    }
    return $cache[$intel];
}
/**
 * Setup code for gettext translation
 * Returns the result of the setlocale call
 *
 * @param string $override force locale to this
 * @return mixed
 */
function setupCurrentLocale($override = NULL)
{
    if (is_null($override)) {
        $locale = getOption('locale');
    } else {
        $locale = $override;
    }
    if (getOption('disallow_' . $locale)) {
        if (DEBUG_LOCALE) {
            debugLogBacktrace("setupCurrentLocale({$override}): {$locale} denied by option.");
        }
        $locale = getOption('locale');
        if (empty($locale) || getOption('disallow_' . $locale)) {
            $languages = generateLanguageList();
            $locale = array_shift($languages);
        }
    }
    // gettext setup
    @putenv("LANG={$locale}");
    // Windows ???
    @putenv("LANGUAGE={$locale}");
    // Windows ???
    $result = i18nSetLocale($locale);
    if (!$result) {
        if (isset($_REQUEST['locale']) || is_null($override)) {
            // and it was chosen via locale
            if (isset($_REQUEST['oldlocale'])) {
                $locale = sanitize($_REQUEST['oldlocale'], 3);
                setOption('locale', $locale, false);
                zp_clearCookie('dynamic_locale');
            }
        }
    }
    if (DEBUG_LOCALE) {
        debugLogBacktrace("setupCurrentLocale({$override}): locale={$locale}, \$result={$result}");
    }
    setupDomain();
    return $result;
}
Exemple #8
0
 /**
  * Retuns the administration rights of a saved authorization code
  * Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin
  *
  * @param string $authCode the hash code to check
  * @param int $id whom we think this is
  *
  * @return bit
  */
 function checkAuthorization($authCode, $id)
 {
     global $_zp_current_admin_obj;
     if (DEBUG_LOGIN) {
         debugLogBacktrace("checkAuthorization({$authCode}, {$id})");
     }
     $admins = $this->getAdministrators();
     if (count($admins) == 0) {
         if (DEBUG_LOGIN) {
             debugLog("checkAuthorization: no admins");
         }
         $_zp_current_admin_obj = new Zenphoto_Administrator('', 1);
         $_zp_current_admin_obj->set('id', 0);
         $_zp_current_admin_obj->reset = true;
         return ADMIN_RIGHTS;
     }
     if (is_object($_zp_current_admin_obj) && $_zp_current_admin_obj->reset) {
         if (DEBUG_LOGIN) {
             debugLog("checkAuthorization: reset request");
         }
         return $_zp_current_admin_obj->getRights();
     }
     $_zp_current_admin_obj = NULL;
     if (empty($authCode) || empty($id)) {
         return 0;
     }
     //  so we don't "match" with an empty password
     if (DEBUG_LOGIN) {
         debugLogVar("checkAuthorization: admins", $admins);
     }
     $rights = 0;
     $criteria = array('`pass`=' => $authCode, '`id`=' => (int) $id, '`valid`=' => 1);
     $user = $this->getAnAdmin($criteria);
     if (is_object($user)) {
         $_zp_current_admin_obj = $user;
         $rights = $user->getRights();
         if (DEBUG_LOGIN) {
             debugLog(sprintf('checkAuthorization: from %1$s->%2$X', $authCode, $rights));
         }
         return $rights;
     }
     $_zp_current_admin_obj = NULL;
     if (DEBUG_LOGIN) {
         debugLog("checkAuthorization: no match");
     }
     return 0;
     // no rights
 }
 /**
  * Constructor for albums
  *
  * @param object &$gallery The parent gallery
  * @param string $folder8 folder name (UTF8) of the album
  * @param bool $cache load from cache if present
  * @return Album
  */
 function Album(&$gallery, $folder8, $cache = true, $quiet = false)
 {
     if (!is_object($gallery) || strtolower(get_class($gallery)) != 'gallery') {
         $msg = sprintf(gettext('Bad gallery in instantiation of album %s.'), $folder8);
         debugLogBacktrace($msg);
         trigger_error(html_encode($msg), E_USER_NOTICE);
         $gallery = new Gallery();
     }
     $folder8 = sanitize_path($folder8);
     $folderFS = internalToFilesystem($folder8);
     $this->gallery =& $gallery;
     if (empty($folder8)) {
         $localpath = ALBUM_FOLDER_SERVERPATH;
     } else {
         $localpath = ALBUM_FOLDER_SERVERPATH . $folderFS . "/";
     }
     if (filesystemToInternal($folderFS) != $folder8) {
         // an attempt to spoof the album name.
         $this->exists = false;
         $msg = sprintf(gettext('Zenphoto encountered an album name spoof attempt: %1$s=>%2$s.'), filesystemToInternal($folderFS), $folder8);
         debugLogBacktrace($msg);
         trigger_error(html_encode($msg), E_USER_NOTICE);
         return;
     }
     if ($dynamic = hasDynamicAlbumSuffix($folder8)) {
         $localpath = substr($localpath, 0, -1);
         $this->set('dynamic', 1);
     }
     // Must be a valid (local) folder:
     if (!file_exists($localpath) || !($dynamic || is_dir($localpath))) {
         $this->exists = false;
         if (!$quiet) {
             $msg = sprintf(gettext('class-album detected an invalid folder name: %s.'), $folder8);
             debugLogBacktrace($msg);
             trigger_error(html_encode($msg), E_USER_NOTICE);
         }
         return;
     }
     $this->localpath = $localpath;
     $this->name = $folder8;
     $new = parent::PersistentObject('albums', array('folder' => $this->name), 'folder', $cache, empty($folder8));
     if ($dynamic) {
         $new = !$this->get('search_params');
         if ($new || filemtime($this->localpath) > $this->get('mtime')) {
             $constraints = '';
             $data = file_get_contents($this->localpath);
             while (!empty($data)) {
                 $data1 = trim(substr($data, 0, $i = strpos($data, "\n")));
                 if ($i === false) {
                     $data1 = $data;
                     $data = '';
                 } else {
                     $data = substr($data, $i + 1);
                 }
                 if (strpos($data1, 'WORDS=') !== false) {
                     $words = "words=" . urlencode(substr($data1, 6));
                 }
                 if (strpos($data1, 'THUMB=') !== false) {
                     $thumb = trim(substr($data1, 6));
                     $this->set('thumb', $thumb);
                 }
                 if (strpos($data1, 'FIELDS=') !== false) {
                     $fields = "&searchfields=" . trim(substr($data1, 7));
                 }
                 if (strpos($data1, 'CONSTRAINTS=') !== false) {
                     $constraints = '&' . trim(substr($data1, 12));
                 }
             }
             if (!empty($words)) {
                 if (empty($fields)) {
                     $fields = '&searchfields=tags';
                 }
                 $this->set('search_params', $words . $fields . $constraints);
             }
             $this->set('mtime', filemtime($this->localpath));
             if ($new) {
                 $title = $this->get('title');
                 $this->set('title', substr($title, 0, -4));
                 // Strip the .'.alb' suffix
                 $this->setDateTime(strftime('%Y-%m-%d %H:%M:%S', $this->get('mtime')));
             }
             $this->set('dynamic', 1);
         }
     }
     if ($new) {
         $this->save();
         zp_apply_filter('new_album', $this);
     }
     zp_apply_filter('album_instantiate', $this);
 }
Exemple #10
0
 /**
  * Retuns the administration rights of a saved authorization code
  * Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin
  *
  * @param string $authCode the hash code to check
  * @param int $id whom we think this is
  *
  * @return bit
  */
 function checkAuthorization($authCode, $id)
 {
     global $_zp_current_admin_obj, $_zp_reset_admin, $_zp_null_account;
     $_zp_current_admin_obj = NULL;
     if (DEBUG_LOGIN) {
         debugLogBacktrace("checkAuthorization({$authCode}, {$id})");
     }
     $admins = $this->getAdministrators();
     if (DEBUG_LOGIN) {
         debugLogArray("checkAuthorization: admins", $admins);
     }
     if (count($admins) == 0) {
         if (DEBUG_LOGIN) {
             debugLog("checkAuthorization: no admins");
         }
         $_zp_null_account = true;
         return ADMIN_RIGHTS;
         //no admins or reset request
     }
     if ($_zp_reset_admin) {
         if (DEBUG_LOGIN) {
             debugLog("checkAuthorization: reset request");
         }
         if (is_object($_zp_reset_admin)) {
             return $_zp_reset_admin->getRights();
         }
     }
     if (empty($authCode)) {
         return 0;
     }
     //  so we don't "match" with an empty password
     $rights = 0;
     $criteria = array('`pass`=' => $authCode, '`valid`=' => 1);
     if (!is_null($id)) {
         $criteria['`id`='] = $id;
     }
     $user = $this->getAnAdmin($criteria);
     if (is_object($user)) {
         $_zp_current_admin_obj = $user;
         $rights = $user->getRights();
         if (DEBUG_LOGIN) {
             debugLog(sprintf('checkAuthorization: from $authcode %X', $rights));
         }
         return $rights;
     }
     $_zp_current_admin_obj = NULL;
     if (DEBUG_LOGIN) {
         debugLog("checkAuthorization: no match");
     }
     return 0;
     // no rights
 }
/**
 * Retuns the administration rights of a saved authorization code
 *
 * @param string $authCode the md5 code to check
 *
 * @return bit
 */
function checkAuthorization($authCode)
{
    if (DEBUG_LOGIN) {
        debugLogBacktrace("checkAuthorization({$authCode})");
    }
    global $_zp_current_admin;
    $admins = getAdministrators();
    if (DEBUG_LOGIN) {
        debugLogArray("admins", $admins);
    }
    $reset_date = getOption('admin_reset_date');
    if (count($admins) == 0 || empty($reset_date)) {
        $_zp_current_admin = null;
        if (DEBUG_LOGIN) {
            debugLog("no admin or reset request");
        }
        return ADMIN_RIGHTS;
        //no admins or reset request
    }
    if (empty($authCode)) {
        return 0;
    }
    //  so we don't "match" with an empty password
    $i = 0;
    foreach ($admins as $key => $user) {
        if (DEBUG_LOGIN) {
            debugLog("checking: {$key}");
        }
        if ($user['pass'] == $authCode) {
            $_zp_current_admin = $user;
            $result = $user['rights'];
            if ($i == 0) {
                // the first admin is the master.
                $result = $result | ADMIN_RIGHTS;
            }
            if (DEBUG_LOGIN) {
                debugLog("match");
            }
            return $result;
        }
        $i++;
    }
    $_zp_current_admin = null;
    return 0;
    // no rights
}
Exemple #12
0
 function checkAuthorization($authCode, $id)
 {
     global $_zp_current_admin_obj;
     if (LDAP_ID_OFFSET && $id > LDAP_ID_OFFSET) {
         //	LDAP ID
         $ldid = $id - LDAP_ID_OFFSET;
         $ad = self::ldapInit(LDAP_DOMAIN);
         if ($ad) {
             self::ldapReader($ad);
             $userData = self::ldapUser($ad, "(uidNumber={$ldid})");
             if ($userData) {
                 $userData = array_change_key_case($userData, CASE_LOWER);
                 if (DEBUG_LOGIN) {
                     debugLogBacktrace("LDAPcheckAuthorization({$authCode}, {$ldid})");
                 }
                 $goodAuth = Zenphoto_Authority::passwordHash($userData['uid'][0], serialize($userData));
                 if ($authCode == $goodAuth) {
                     $userobj = self::setupUser($ad, $userData);
                     if ($userobj) {
                         $_zp_current_admin_obj = $userobj;
                         $rights = $_zp_current_admin_obj->getRights();
                     } else {
                         $rights = 0;
                     }
                     if (DEBUG_LOGIN) {
                         debugLog(sprintf('LDAPcheckAuthorization: from %1$s->%2$X', $authCode, $rights));
                     }
                 } else {
                     if (DEBUG_LOGIN) {
                         debugLog(sprintf('LDAPcheckAuthorization: AuthCode %1$s <> %2$s', $goodAuth, $authCode));
                     }
                 }
             }
             @ldap_unbind($ad);
         }
     }
     if ($_zp_current_admin_obj) {
         return $_zp_current_admin_obj->getRights();
     } else {
         return parent::checkAuthorization($authCode, $id);
     }
 }
/**
 * Setup code for gettext translation
 * Returns the result of the setlocale call
 *
 * @return mixed
 */
function setupCurrentLocale($plugindomain = '', $type = '')
{
    global $_zp_languages;
    $encoding = getOption('charset');
    if (empty($encoding)) {
        $encoding = 'UTF-8';
    }
    if (empty($plugindomain) && empty($type)) {
        $locale = getOption("locale");
        @putenv("LANG={$locale}");
        // gettext setup
        $result = setlocale(LC_ALL, $locale . '.' . $encoding, $locale);
        if (!$result) {
            // failed to set the locale
            if (isset($_POST['dynamic-locale'])) {
                // and it was chosen via dynamic-locale
                $cookiepath = WEBPATH;
                if (WEBPATH == '') {
                    $cookiepath = '/';
                }
                $locale = sanitize($_POST['oldlocale'], 3);
                setOption('locale', $locale, false);
                zp_setCookie('dynamic_locale', '', time() - 368000, $cookiepath);
            }
        }
        // Set the text domain as 'messages'
        $domain = 'zenphoto';
        $domainpath = SERVERPATH . "/" . ZENFOLDER . "/locale/";
        if (DEBUG_LOCALE) {
            debugLogBacktrace("setupCurrentLocale({$plugindomain}, {$type}): locale={$locale}");
        }
    } else {
        $domain = $plugindomain;
        switch ($type) {
            case "plugin":
                $domainpath = SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER . $domain . "/locale/";
                break;
            case "theme":
                $domainpath = SERVERPATH . "/" . THEMEFOLDER . "/" . $domain . "/locale/";
                break;
            case 'admin':
                $domainpath = SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER . $domain . "/locale/";
                $domain = 'zenphoto';
                break;
        }
        $result = true;
        if (DEBUG_LOCALE) {
            debugLogBacktrace("setupCurrentLocale({$plugindomain}, {$type}): domainpath={$domainpath}");
        }
    }
    bindtextdomain($domain, $domainpath);
    // function only since php 4.2.0
    if (function_exists('bind_textdomain_codeset')) {
        bind_textdomain_codeset($domain, $encoding);
    }
    textdomain($domain);
    return $result;
}