/** * * Traps errors and insures thy are logged. * @param int $errno * @param string $errstr * @param string $errfile * @param string $errline * @return void|boolean */ function zpErrorHandler($errno, $errstr = '', $errfile = '', $errline = '') { // check if function has been called by an exception if (func_num_args() == 5) { // called by trigger_error() list($errno, $errstr, $errfile, $errline) = func_get_args(); } else { // caught exception $exc = func_get_arg(0); $errno = $exc->getCode(); $errstr = $exc->getMessage(); $errfile = $exc->getFile(); $errline = $exc->getLine(); } // if error has been supressed with an @ if (error_reporting() == 0 && !in_array($errno, array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE))) { return; } $errorType = array(E_ERROR => gettext('ERROR'), E_WARNING => gettext('WARNING'), E_NOTICE => gettext('NOTICE'), E_USER_ERROR => gettext('USER ERROR'), E_USER_WARNING => gettext('USER WARNING'), E_USER_NOTICE => gettext('USER NOTICE'), E_STRICT => gettext('STRICT NOTICE')); // create error message if (array_key_exists($errno, $errorType)) { $err = $errorType[$errno]; } else { $err = gettext("EXCEPTION ({$errno})"); $errno = E_ERROR; } $msg = sprintf(gettext('%1$s: %2$s in %3$s on line %4$s'), $err, $errstr, $errfile, $errline); debugLogBacktrace($msg, 1); return false; }
/** * backs-up and updates the Zenphoto configuration file * * @param string $zp_cfg */ function storeConfig($zp_cfg) { debugLogBacktrace(gettext('Updating the configuration file')); $mod = fileperms(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE) & 0777; @rename(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $backkup = SERVERPATH . '/' . DATA_FOLDER . '/' . stripSuffix(CONFIGFILE) . '.bak.php'); @chmod($backup, $mod); file_put_contents(SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $zp_cfg); @chmod($backup, SERVERPATH . '/' . DATA_FOLDER . '/' . CONFIGFILE, $mod); }
/** * Returns a new "image" object based on the file extension * * @param object $album the owner album * @param string $filename the filename * @param bool $quiet set true to supress error messages (used by loadimage) * @return object */ function newImage($album, $filename, $quiet = false) { global $_zp_extra_filetypes; if (is_array($filename)) { $xalbum = new Album(new Gallery(), $filename['folder']); $filename = $filename['filename']; } else { $xalbum = $album; } if (!is_object($xalbum) || strtoLower(get_class($xalbum)) != 'album' || !$xalbum->exists) { $msg = sprintf(gettext('Bad album object parameter to newImage(%s)'), $filename); debugLogBacktrace($msg); trigger_error(html_encode($msg), E_USER_NOTICE); return NULL; } if ($ext = is_valid_other_type($filename)) { $object = $_zp_extra_filetypes[$ext]; $image = new $object($xalbum, $filename); } else { if (is_valid_image($filename)) { $image = new _Image($xalbum, $filename); } else { $image = NULL; } } if ($image) { zp_apply_filter('image_instantiate', $image); if ($image->exists) { return $image; } else { return NULL; } } if (!$quiet) { $msg = sprintf(gettext('Bad filename suffix in newImage(%s)'), $filename); debugLogBacktrace($msg); trigger_error(html_encode($msg), E_USER_NOTICE); } return NULL; }
/** * * Traps errors and insures thy are logged. * @param int $errno * @param string $errstr * @param string $errfile * @param string $errline * @return void|boolean */ function zpErrorHandler($errno, $errstr = '', $errfile = '', $errline = '') { global $_zp_current_admin_obj, $_index_theme; // check if function has been called by an exception if (func_num_args() == 5) { list($errno, $errstr, $errfile, $errline) = func_get_args(); } else { // caught exception $exc = func_get_arg(0); $errno = $exc->getCode(); $errstr = $exc->getMessage(); $errfile = $exc->getFile(); $errline = $exc->getLine(); } // if error has been supressed with an @ if (error_reporting() == 0 && !in_array($errno, array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE))) { return; } $errorType = array(E_ERROR => gettext('ERROR'), E_WARNING => gettext('WARNING'), E_NOTICE => gettext('NOTICE'), E_USER_ERROR => gettext('USER ERROR'), E_USER_WARNING => gettext('USER WARNING'), E_USER_NOTICE => gettext('USER NOTICE'), E_STRICT => gettext('STRICT NOTICE')); // create error message if (array_key_exists($errno, $errorType)) { $err = $errorType[$errno]; } else { $err = gettext("EXCEPTION ({$errno})"); $errno = E_ERROR; } $msg = sprintf(gettext('%1$s: "%2$s" in %3$s on line %4$s'), $err, $errstr, $errfile, $errline); if (array_key_exists('REQUEST_URI', $_SERVER)) { $uri = sanitize($_SERVER['REQUEST_URI']); preg_match('|^(http[s]*\\://[a-zA-Z0-9\\-\\.]+/?)*(.*)$|xis', $uri, $matches); $uri = $matches[2]; if (!empty($matches[1])) { $uri = '/' . $uri; } } else { $uri = sanitize(@$_SERVER['SCRIPT_NAME']); } if ($uri) { $uri = "\n URI:" . urldecode(str_replace('\\', '/', $uri)); } $uri .= "\n IP `" . getUserIP() . '`'; if (is_object($_zp_current_admin_obj)) { $uri .= "\n " . gettext('user') . ':' . $_zp_current_admin_obj->getUser(); } if ($_index_theme) { $uri .= "\n " . gettext('theme') . ':' . $_index_theme; } debugLogBacktrace($msg . $uri, 1); if (!ini_get('display_errors') && ($errno == E_ERROR || ($errno = E_USER_ERROR))) { // out of curtesy show the error message on the WEB page since there will likely be a blank page otherwise ?> <div style="padding: 10px 15px 10px 15px; background-color: #FDD; border-width: 1px 1px 2px 1px; border-style: solid; border-color: #FAA; margin-bottom: 10px; font-size: 100%;"> <?php echo html_encode($msg); ?> </div> <?php } return false; }
/** * Tool to log execution times of script bits * * @param string $point location identifier */ function instrument($point) { global $_zp_timer; $now = microtime(true); if (empty($_zp_timer)) { $delta = ''; } else { $delta = ' (' . ($now - $_zp_timer) . ')'; } $_zp_timer = microtime(true); debugLogBacktrace($point . ' ' . $now . $delta); }
function intel2Moto($intel) { static $cache = array(); if (isset($cache[$intel])) { return $cache[$intel]; } $cache[$intel] = ''; $len = strlen($intel); if ($len > 1000) { debugLogBacktrace('intel2Moto called with unreasonable data string: length=' . $len); trigger_error(sprintf('intel2Moto called with unreasonable data string: length=%s. See debug log for details. (Setting DEBUG_EXIF to true might help locate problem images.)', $len)); } else { for ($i = 0; $i <= $len; $i += 2) { $cache[$intel] .= substr($intel, $len - $i, 2); } } return $cache[$intel]; }
/** * Setup code for gettext translation * Returns the result of the setlocale call * * @param string $override force locale to this * @return mixed */ function setupCurrentLocale($override = NULL) { if (is_null($override)) { $locale = getOption('locale'); } else { $locale = $override; } if (getOption('disallow_' . $locale)) { if (DEBUG_LOCALE) { debugLogBacktrace("setupCurrentLocale({$override}): {$locale} denied by option."); } $locale = getOption('locale'); if (empty($locale) || getOption('disallow_' . $locale)) { $languages = generateLanguageList(); $locale = array_shift($languages); } } // gettext setup @putenv("LANG={$locale}"); // Windows ??? @putenv("LANGUAGE={$locale}"); // Windows ??? $result = i18nSetLocale($locale); if (!$result) { if (isset($_REQUEST['locale']) || is_null($override)) { // and it was chosen via locale if (isset($_REQUEST['oldlocale'])) { $locale = sanitize($_REQUEST['oldlocale'], 3); setOption('locale', $locale, false); zp_clearCookie('dynamic_locale'); } } } if (DEBUG_LOCALE) { debugLogBacktrace("setupCurrentLocale({$override}): locale={$locale}, \$result={$result}"); } setupDomain(); return $result; }
/** * Retuns the administration rights of a saved authorization code * Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin * * @param string $authCode the hash code to check * @param int $id whom we think this is * * @return bit */ function checkAuthorization($authCode, $id) { global $_zp_current_admin_obj; if (DEBUG_LOGIN) { debugLogBacktrace("checkAuthorization({$authCode}, {$id})"); } $admins = $this->getAdministrators(); if (count($admins) == 0) { if (DEBUG_LOGIN) { debugLog("checkAuthorization: no admins"); } $_zp_current_admin_obj = new Zenphoto_Administrator('', 1); $_zp_current_admin_obj->set('id', 0); $_zp_current_admin_obj->reset = true; return ADMIN_RIGHTS; } if (is_object($_zp_current_admin_obj) && $_zp_current_admin_obj->reset) { if (DEBUG_LOGIN) { debugLog("checkAuthorization: reset request"); } return $_zp_current_admin_obj->getRights(); } $_zp_current_admin_obj = NULL; if (empty($authCode) || empty($id)) { return 0; } // so we don't "match" with an empty password if (DEBUG_LOGIN) { debugLogVar("checkAuthorization: admins", $admins); } $rights = 0; $criteria = array('`pass`=' => $authCode, '`id`=' => (int) $id, '`valid`=' => 1); $user = $this->getAnAdmin($criteria); if (is_object($user)) { $_zp_current_admin_obj = $user; $rights = $user->getRights(); if (DEBUG_LOGIN) { debugLog(sprintf('checkAuthorization: from %1$s->%2$X', $authCode, $rights)); } return $rights; } $_zp_current_admin_obj = NULL; if (DEBUG_LOGIN) { debugLog("checkAuthorization: no match"); } return 0; // no rights }
/** * Constructor for albums * * @param object &$gallery The parent gallery * @param string $folder8 folder name (UTF8) of the album * @param bool $cache load from cache if present * @return Album */ function Album(&$gallery, $folder8, $cache = true, $quiet = false) { if (!is_object($gallery) || strtolower(get_class($gallery)) != 'gallery') { $msg = sprintf(gettext('Bad gallery in instantiation of album %s.'), $folder8); debugLogBacktrace($msg); trigger_error(html_encode($msg), E_USER_NOTICE); $gallery = new Gallery(); } $folder8 = sanitize_path($folder8); $folderFS = internalToFilesystem($folder8); $this->gallery =& $gallery; if (empty($folder8)) { $localpath = ALBUM_FOLDER_SERVERPATH; } else { $localpath = ALBUM_FOLDER_SERVERPATH . $folderFS . "/"; } if (filesystemToInternal($folderFS) != $folder8) { // an attempt to spoof the album name. $this->exists = false; $msg = sprintf(gettext('Zenphoto encountered an album name spoof attempt: %1$s=>%2$s.'), filesystemToInternal($folderFS), $folder8); debugLogBacktrace($msg); trigger_error(html_encode($msg), E_USER_NOTICE); return; } if ($dynamic = hasDynamicAlbumSuffix($folder8)) { $localpath = substr($localpath, 0, -1); $this->set('dynamic', 1); } // Must be a valid (local) folder: if (!file_exists($localpath) || !($dynamic || is_dir($localpath))) { $this->exists = false; if (!$quiet) { $msg = sprintf(gettext('class-album detected an invalid folder name: %s.'), $folder8); debugLogBacktrace($msg); trigger_error(html_encode($msg), E_USER_NOTICE); } return; } $this->localpath = $localpath; $this->name = $folder8; $new = parent::PersistentObject('albums', array('folder' => $this->name), 'folder', $cache, empty($folder8)); if ($dynamic) { $new = !$this->get('search_params'); if ($new || filemtime($this->localpath) > $this->get('mtime')) { $constraints = ''; $data = file_get_contents($this->localpath); while (!empty($data)) { $data1 = trim(substr($data, 0, $i = strpos($data, "\n"))); if ($i === false) { $data1 = $data; $data = ''; } else { $data = substr($data, $i + 1); } if (strpos($data1, 'WORDS=') !== false) { $words = "words=" . urlencode(substr($data1, 6)); } if (strpos($data1, 'THUMB=') !== false) { $thumb = trim(substr($data1, 6)); $this->set('thumb', $thumb); } if (strpos($data1, 'FIELDS=') !== false) { $fields = "&searchfields=" . trim(substr($data1, 7)); } if (strpos($data1, 'CONSTRAINTS=') !== false) { $constraints = '&' . trim(substr($data1, 12)); } } if (!empty($words)) { if (empty($fields)) { $fields = '&searchfields=tags'; } $this->set('search_params', $words . $fields . $constraints); } $this->set('mtime', filemtime($this->localpath)); if ($new) { $title = $this->get('title'); $this->set('title', substr($title, 0, -4)); // Strip the .'.alb' suffix $this->setDateTime(strftime('%Y-%m-%d %H:%M:%S', $this->get('mtime'))); } $this->set('dynamic', 1); } } if ($new) { $this->save(); zp_apply_filter('new_album', $this); } zp_apply_filter('album_instantiate', $this); }
/** * Retuns the administration rights of a saved authorization code * Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin * * @param string $authCode the hash code to check * @param int $id whom we think this is * * @return bit */ function checkAuthorization($authCode, $id) { global $_zp_current_admin_obj, $_zp_reset_admin, $_zp_null_account; $_zp_current_admin_obj = NULL; if (DEBUG_LOGIN) { debugLogBacktrace("checkAuthorization({$authCode}, {$id})"); } $admins = $this->getAdministrators(); if (DEBUG_LOGIN) { debugLogArray("checkAuthorization: admins", $admins); } if (count($admins) == 0) { if (DEBUG_LOGIN) { debugLog("checkAuthorization: no admins"); } $_zp_null_account = true; return ADMIN_RIGHTS; //no admins or reset request } if ($_zp_reset_admin) { if (DEBUG_LOGIN) { debugLog("checkAuthorization: reset request"); } if (is_object($_zp_reset_admin)) { return $_zp_reset_admin->getRights(); } } if (empty($authCode)) { return 0; } // so we don't "match" with an empty password $rights = 0; $criteria = array('`pass`=' => $authCode, '`valid`=' => 1); if (!is_null($id)) { $criteria['`id`='] = $id; } $user = $this->getAnAdmin($criteria); if (is_object($user)) { $_zp_current_admin_obj = $user; $rights = $user->getRights(); if (DEBUG_LOGIN) { debugLog(sprintf('checkAuthorization: from $authcode %X', $rights)); } return $rights; } $_zp_current_admin_obj = NULL; if (DEBUG_LOGIN) { debugLog("checkAuthorization: no match"); } return 0; // no rights }
/** * Retuns the administration rights of a saved authorization code * * @param string $authCode the md5 code to check * * @return bit */ function checkAuthorization($authCode) { if (DEBUG_LOGIN) { debugLogBacktrace("checkAuthorization({$authCode})"); } global $_zp_current_admin; $admins = getAdministrators(); if (DEBUG_LOGIN) { debugLogArray("admins", $admins); } $reset_date = getOption('admin_reset_date'); if (count($admins) == 0 || empty($reset_date)) { $_zp_current_admin = null; if (DEBUG_LOGIN) { debugLog("no admin or reset request"); } return ADMIN_RIGHTS; //no admins or reset request } if (empty($authCode)) { return 0; } // so we don't "match" with an empty password $i = 0; foreach ($admins as $key => $user) { if (DEBUG_LOGIN) { debugLog("checking: {$key}"); } if ($user['pass'] == $authCode) { $_zp_current_admin = $user; $result = $user['rights']; if ($i == 0) { // the first admin is the master. $result = $result | ADMIN_RIGHTS; } if (DEBUG_LOGIN) { debugLog("match"); } return $result; } $i++; } $_zp_current_admin = null; return 0; // no rights }
function checkAuthorization($authCode, $id) { global $_zp_current_admin_obj; if (LDAP_ID_OFFSET && $id > LDAP_ID_OFFSET) { // LDAP ID $ldid = $id - LDAP_ID_OFFSET; $ad = self::ldapInit(LDAP_DOMAIN); if ($ad) { self::ldapReader($ad); $userData = self::ldapUser($ad, "(uidNumber={$ldid})"); if ($userData) { $userData = array_change_key_case($userData, CASE_LOWER); if (DEBUG_LOGIN) { debugLogBacktrace("LDAPcheckAuthorization({$authCode}, {$ldid})"); } $goodAuth = Zenphoto_Authority::passwordHash($userData['uid'][0], serialize($userData)); if ($authCode == $goodAuth) { $userobj = self::setupUser($ad, $userData); if ($userobj) { $_zp_current_admin_obj = $userobj; $rights = $_zp_current_admin_obj->getRights(); } else { $rights = 0; } if (DEBUG_LOGIN) { debugLog(sprintf('LDAPcheckAuthorization: from %1$s->%2$X', $authCode, $rights)); } } else { if (DEBUG_LOGIN) { debugLog(sprintf('LDAPcheckAuthorization: AuthCode %1$s <> %2$s', $goodAuth, $authCode)); } } } @ldap_unbind($ad); } } if ($_zp_current_admin_obj) { return $_zp_current_admin_obj->getRights(); } else { return parent::checkAuthorization($authCode, $id); } }
/** * Setup code for gettext translation * Returns the result of the setlocale call * * @return mixed */ function setupCurrentLocale($plugindomain = '', $type = '') { global $_zp_languages; $encoding = getOption('charset'); if (empty($encoding)) { $encoding = 'UTF-8'; } if (empty($plugindomain) && empty($type)) { $locale = getOption("locale"); @putenv("LANG={$locale}"); // gettext setup $result = setlocale(LC_ALL, $locale . '.' . $encoding, $locale); if (!$result) { // failed to set the locale if (isset($_POST['dynamic-locale'])) { // and it was chosen via dynamic-locale $cookiepath = WEBPATH; if (WEBPATH == '') { $cookiepath = '/'; } $locale = sanitize($_POST['oldlocale'], 3); setOption('locale', $locale, false); zp_setCookie('dynamic_locale', '', time() - 368000, $cookiepath); } } // Set the text domain as 'messages' $domain = 'zenphoto'; $domainpath = SERVERPATH . "/" . ZENFOLDER . "/locale/"; if (DEBUG_LOCALE) { debugLogBacktrace("setupCurrentLocale({$plugindomain}, {$type}): locale={$locale}"); } } else { $domain = $plugindomain; switch ($type) { case "plugin": $domainpath = SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER . $domain . "/locale/"; break; case "theme": $domainpath = SERVERPATH . "/" . THEMEFOLDER . "/" . $domain . "/locale/"; break; case 'admin': $domainpath = SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER . $domain . "/locale/"; $domain = 'zenphoto'; break; } $result = true; if (DEBUG_LOCALE) { debugLogBacktrace("setupCurrentLocale({$plugindomain}, {$type}): domainpath={$domainpath}"); } } bindtextdomain($domain, $domainpath); // function only since php 4.2.0 if (function_exists('bind_textdomain_codeset')) { bind_textdomain_codeset($domain, $encoding); } textdomain($domain); return $result; }