/** * Put a secure token in the session * @static * @return string */ public static function generateSecureToken() { if (isset($_SESSION["FORCE_SECURE_TOKEN"])) { $_SESSION["SECURE_TOKEN"] = $_SESSION["FORCE_SECURE_TOKEN"]; return $_SESSION["SECURE_TOKEN"]; } $_SESSION["SECURE_TOKEN"] = AJXP_Utils::generateRandomString(32); //md5(time()); return $_SESSION["SECURE_TOKEN"]; }
public function processUserAccessPoint($action, $httpVars, $fileVars) { switch ($action) { case "user_access_point": $uri = explode("/", trim($_SERVER["REQUEST_URI"], "/")); array_shift($uri); $action = array_shift($uri); $this->processSubAction($action, $uri); $_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array("REBASE" => "../../", "USER_GUI_ACTION" => $action); AJXP_Controller::findActionAndApply("get_boot_gui", array(), array()); unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']); break; case "reset-password-ask": // This is a reset password request, generate a token and store it. // Find user by id if (AuthService::userExists($httpVars["email"])) { // Send email $userObject = ConfService::getConfStorageImpl()->createUserObject($httpVars["email"]); $email = $userObject->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, ""); if (!empty($email)) { $uuid = AJXP_Utils::generateRandomString(48); ConfService::getConfStorageImpl()->saveTemporaryKey("password-reset", $uuid, AJXP_Utils::decodeSecureMagic($httpVars["email"]), array()); $mailer = AJXP_PluginsService::getInstance()->getUniqueActivePluginForType("mailer"); if ($mailer !== false) { $mess = ConfService::getMessages(); $link = AJXP_Utils::detectServerURL() . "/user/reset-password/" . $uuid; $mailer->sendMail(array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"{$link}\">{$link}</a>"); } else { echo 'ERROR: There is no mailer configured, please contact your administrator'; } } } // Prune existing expired tokens ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20); echo "SUCCESS"; break; case "reset-password": ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20); // This is a reset password if (isset($httpVars["key"]) && isset($httpVars["user_id"])) { $key = ConfService::getConfStorageImpl()->loadTemporaryKey("password-reset", $httpVars["key"]); if ($key != null && $key["user_id"] == $httpVars["user_id"] && AuthService::userExists($key["user_id"])) { AuthService::updatePassword($key["user_id"], $httpVars["new_pass"]); } ConfService::getConfStorageImpl()->deleteTemporaryKey("password-reset", $httpVars["key"]); } AuthService::disconnect(); echo 'SUCCESS'; break; default: break; } }
/** * Put a secure token in the session * @static * @return string */ public static function generateSecureToken() { if (!isset($_SESSION["SECURE_TOKENS"])) { $_SESSION["SECURE_TOKENS"] = array(); } if (isset($_SESSION["FORCE_SECURE_TOKEN"])) { $_SESSION["SECURE_TOKENS"][] = $_SESSION["FORCE_SECURE_TOKEN"]; return $_SESSION["FORCE_SECURE_TOKEN"]; } $newToken = AJXP_Utils::generateRandomString(32); //md5(time()); $_SESSION["SECURE_TOKENS"][] = $newToken; return $newToken; }
public function switchAction($actionName, $httpVars, $fileVars) { $this->baseURL = rtrim($this->getFilteredOption("ETHERPAD_SERVER"), "/"); $this->apiKey = $this->getFilteredOption("ETHERPAD_APIKEY"); $userSelection = new UserSelection(ConfService::getRepository(), $httpVars); if ($userSelection->isEmpty()) { throw new Exception("Empty selection"); } $repository = ConfService::getRepository(); if (!$repository->detectStreamWrapper(false)) { return false; } $selectedNode = $userSelection->getUniqueNode(); $selectedNode->loadNodeInfo(); if (!$selectedNode->isLeaf()) { throw new Exception("Cannot handle folders, please select a file!"); } $nodeExtension = strtolower(pathinfo($selectedNode->getPath(), PATHINFO_EXTENSION)); // Determine pad ID if ($nodeExtension == "pad") { $padID = file_get_contents($selectedNode->getUrl()); } else { // TRY TO LOAD PAD ID FROM NODE SHARED METADATA $metadata = $selectedNode->retrieveMetadata("etherpad", AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false); if (isset($metadata["pad_id"])) { $padID = $metadata["pad_id"]; } else { $padID = AJXP_Utils::generateRandomString(); $selectedNode->setMetadata("etherpad", array("pad_id" => $padID), AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false); } } require_once "etherpad-client/etherpad-lite-client.php"; $client = new EtherpadLiteClient($this->apiKey, $this->baseURL . "/api"); $loggedUser = AuthService::getLoggedUser(); $userName = $loggedUser->getId(); $userLabel = $loggedUser->mergedRole->filterParameterValue("core.conf", "USER_DISPLAY_NAME", AJXP_REPO_SCOPE_ALL, $userName); $res = $client->createAuthorIfNotExistsFor($userName, $userLabel); $authorID = $res->authorID; $res2 = $client->createGroupIfNotExistsFor($loggedUser->getGroupPath()); $groupID = $res2->groupID; $fullId = $groupID . "\$" . $padID; if ($actionName == "etherpad_create") { $resP = $client->listPads($groupID); $currentContent = file_get_contents($selectedNode->getUrl()); if ($nodeExtension == "html" && strpos($currentContent, "<html>") === false) { $currentContent = "<html><head></head><body>{$currentContent}</body></html>"; } if (!in_array($fullId, $resP->padIDs)) { $client->createGroupPad($groupID, $padID, null); if ($nodeExtension == "html" && !empty($currentContent)) { $client->setHTML($fullId, $currentContent); } else { if ($nodeExtension != "pad") { $client->setText($fullId, $currentContent); } } } else { if ($nodeExtension != "pad") { // If someone is already connected, do not override. $existingAuthors = $client->listAuthorsOfPad($fullId); if (!count($existingAuthors->authorIDs)) { if ($nodeExtension == "html" && !empty($currentContent)) { $client->setHTML($fullId, $currentContent); } else { $client->setText($fullId, $currentContent); } } } } $res4 = $client->createSession($groupID, $authorID, time() + 14400); $sessionID = $res4->sessionID; setcookie('sessionID', $sessionID, null, "/"); $padID = $groupID . '$' . $padID; $data = array("url" => $this->baseURL . "/p/" . $padID, "padID" => $padID, "sessionID" => $sessionID); HTMLWriter::charsetHeader('application/json'); echo json_encode($data); } else { if ($actionName == "etherpad_save") { $padID = $httpVars["pad_id"]; if ($nodeExtension == "html" || $nodeExtension == "pad") { $res = $client->getHTML($padID); $content = $res->html; } else { $res = $client->getText($padID); $content = $res->text; } if ($nodeExtension == "pad") { // Create a new file and save the content in it. $origUrl = $selectedNode->getUrl(); $mess = ConfService::getMessages(); $dateStamp = date(" Y-m-d H:i", time()); $startUrl = preg_replace('"\\.pad$"', $dateStamp . '.html', $origUrl); $newNode = new AJXP_Node($startUrl); AJXP_Controller::applyHook("node.before_create", array($newNode, strlen($content))); file_put_contents($newNode->getUrl(), $content); AJXP_Controller::applyHook("node.change", array(null, $newNode)); } else { AJXP_Controller::applyHook("node.before_change", array($selectedNode, strlen($content))); file_put_contents($selectedNode->getUrl(), $content); clearstatcache(true, $selectedNode->getUrl()); $selectedNode->loadNodeInfo(true); AJXP_Controller::applyHook("node.change", array($selectedNode, $selectedNode)); } } else { if ($actionName == "etherpad_close") { // WE SHOULD DETECT IF THERE IS NOBODY CONNECTED ANYMORE, AND DELETE THE PAD. // BUT SEEMS LIKE THERE'S NO WAY TO PROPERLY REMOVE AN AUTHOR VIA API $sessionID = $httpVars["session_id"]; $client->deleteSession($sessionID); } else { if ($actionName == "etherpad_proxy_api") { if ($httpVars["api_action"] == "list_pads") { $res = $client->listPads($groupID); } else { if ($httpVars["api_action"] == "list_authors_for_pad") { $res = $client->listAuthorsOfPad($httpVars["pad_id"]); } } HTMLWriter::charsetHeader("application/json"); echo json_encode($res); } else { if ($actionName == "etherpad_get_content") { HTMLWriter::charsetHeader("text/plain"); echo $client->getText($httpVars["pad_id"])->text; } } } } } return null; }
/** * Create or update the bootstrap json file. * @param Array $data Parsed result of the installer form * @return array 2 entries array containing the new Conf Driver (0) and Auth Driver (1) * @throws Exception */ public function createBootstrapConf($data) { // Create a custom bootstrap.json file $coreConf = array(); $coreAuth = array(); $this->_loadPluginConfig("core.conf", $coreConf); $this->_loadPluginConfig("core.auth", $coreAuth); if (!isset($coreConf["UNIQUE_INSTANCE_CONFIG"])) { $coreConf["UNIQUE_INSTANCE_CONFIG"] = array(); } if (!isset($coreAuth["MASTER_INSTANCE_CONFIG"])) { $coreAuth["MASTER_INSTANCE_CONFIG"] = array(); } $coreConf["AJXP_CLI_SECRET_KEY"] = AJXP_Utils::generateRandomString(24, true); // REWRITE BOOTSTRAP.JSON $coreConf["DIBI_PRECONFIGURATION"] = $data["db_type"]; if (isset($coreConf["DIBI_PRECONFIGURATION"]["sqlite3_driver"])) { $dbFile = AJXP_VarsFilter::filter($coreConf["DIBI_PRECONFIGURATION"]["sqlite3_database"]); if (!file_exists(dirname($dbFile))) { mkdir(dirname($dbFile), 0755, true); } } $coreConf["UNIQUE_INSTANCE_CONFIG"] = array_merge($coreConf["UNIQUE_INSTANCE_CONFIG"], array("instance_name" => "conf.sql", "group_switch_value" => "conf.sql", "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core"))); $coreAuth["MASTER_INSTANCE_CONFIG"] = array_merge($coreAuth["MASTER_INSTANCE_CONFIG"], array("instance_name" => "auth.sql", "group_switch_value" => "auth.sql", "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core"))); // DETECT REQUIRED SQL TABLES AND INSTALL THEM $registry = AJXP_PluginsService::getInstance()->getDetectedPlugins(); $driverData = array("SQL_DRIVER" => $data["db_type"]); foreach ($registry as $type => $plugins) { foreach ($plugins as $plugObject) { if ($plugObject instanceof SqlTableProvider) { $plugObject->installSQLTables($driverData); } } } $oldBoot = $this->getPluginWorkDir(true) . "/bootstrap.json"; if (is_file($oldBoot)) { copy($oldBoot, $oldBoot . ".bak"); unlink($oldBoot); } $newBootstrap = array("core.conf" => $coreConf, "core.auth" => $coreAuth); AJXP_Utils::saveSerialFile($oldBoot, $newBootstrap, true, false, "json", true); // Write new bootstrap and reload conf plugin! $coreConf["UNIQUE_INSTANCE_CONFIG"]["SQL_DRIVER"] = $coreConf["DIBI_PRECONFIGURATION"]; $coreAuth["MASTER_INSTANCE_CONFIG"]["SQL_DRIVER"] = $coreConf["DIBI_PRECONFIGURATION"]; $newConfigPlugin = ConfService::instanciatePluginFromGlobalParams($coreConf["UNIQUE_INSTANCE_CONFIG"], "AbstractConfDriver"); $newAuthPlugin = ConfService::instanciatePluginFromGlobalParams($coreAuth["MASTER_INSTANCE_CONFIG"], "AbstractAuthDriver"); $sqlPlugs = array("core.notifications/UNIQUE_FEED_INSTANCE" => "feed.sql", "core.log/UNIQUE_PLUGIN_INSTANCE" => "log.sql", "core.mq/UNIQUE_MS_INSTANCE" => "mq.sql"); foreach ($sqlPlugs as $core => $value) { list($pluginId, $param) = explode("/", $core); $options = array(); $newConfigPlugin->_loadPluginConfig($pluginId, $options); $options[$param] = array("instance_name" => $value, "group_switch_value" => $value, "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core")); $newConfigPlugin->_savePluginConfig($pluginId, $options); } return array($newConfigPlugin, $newAuthPlugin); }
public function getCookieString() { $hashes = $this->getPref("cookie_hash"); if ($hashes == "") { $hashes = array(); } else { $hashes = explode(",", $hashes); } $newHash = md5($this->id . ":" . AJXP_Utils::generateRandomString()); array_push($hashes, $newHash); $this->setPref("cookie_hash", implode(",", $hashes)); $this->save("user"); return $newHash; }
/** * @param String $action * @param Array $httpVars * @param Array $fileVars * @return String */ function authTokenActions($action, $httpVars, $fileVars) { if (AuthService::getLoggedUser() == null) { return; } $this->storage = ConfService::getConfStorageImpl(); if (!is_a($this->storage, "sqlConfDriver")) { return false; } $user = AuthService::getLoggedUser()->getId(); if (AuthService::getLoggedUser()->isAdmin() && isset($httpVars["user_id"])) { $user = AJXP_Utils::sanitize($httpVars["user_id"], AJXP_SANITIZE_EMAILCHARS); } switch ($action) { case "keystore_generate_auth_token": if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) { $this->logDebug("Keystore Generate Tokens", "Session Credentials set: returning empty tokens to force basic authentication"); HTMLWriter::charsetHeader("text/plain"); echo ""; break; } $token = AJXP_Utils::generateRandomString(); $private = AJXP_Utils::generateRandomString(); $data = array("USER_ID" => $user, "PRIVATE" => $private); if (!empty($httpVars["device"])) { // Revoke previous tokens for this device $device = $httpVars["device"]; $keys = $this->storage->simpleStoreList("keystore", null, "", "serial", '%"DEVICE_ID";s:' . strlen($device) . ':"' . $device . '"%'); foreach ($keys as $keyId => $keyData) { if ($keyData["USER_ID"] != $user) { continue; } $this->storage->simpleStoreClear("keystore", $keyId); } $data["DEVICE_ID"] = $device; } $data["DEVICE_UA"] = $_SERVER['HTTP_USER_AGENT']; $data["DEVICE_IP"] = $_SERVER['REMOTE_ADDR']; $this->storage->simpleStoreSet("keystore", $token, $data, "serial"); HTMLWriter::charsetHeader("application/json"); echo json_encode(array("t" => $token, "p" => $private)); break; case "keystore_revoke_tokens": // Invalidate previous tokens $mess = ConfService::getMessages(); $passedKeyId = ""; if (isset($httpVars["key_id"])) { $passedKeyId = $httpVars["key_id"]; } $keys = $this->storage->simpleStoreList("keystore", null, $passedKeyId, "serial", '%"USER_ID";s:' . strlen($user) . ':"' . $user . '"%'); foreach ($keys as $keyId => $keyData) { $this->storage->simpleStoreClear("keystore", $keyId); } $message = array("result" => "SUCCESS", "message" => $mess["keystore.8"]); HTMLWriter::charsetHeader("application/json"); echo json_encode($message); break; case "keystore_list_tokens": if (!isset($user)) { break; } $keys = $this->storage->simpleStoreList("keystore", null, "", "serial", '%"USER_ID";s:' . strlen($user) . ':"' . $user . '"%'); foreach ($keys as $keyId => &$keyData) { unset($keyData["PRIVATE"]); unset($keyData["USER_ID"]); $deviceDesc = "Web Browser"; $deviceOS = "Unkown"; if (isset($keyData["DEVICE_UA"])) { $agent = $keyData["DEVICE_UA"]; if (strpos($agent, "python-requests") !== false) { $deviceDesc = "PydioSync"; if (strpos($agent, "Darwin") !== false) { $deviceOS = "Mac OS X"; } else { if (strpos($agent, "Windows/7") !== false) { $deviceOS = "Windows 7"; } else { if (strpos($agent, "Windows/8") !== false) { $deviceOS = "Windows 8"; } else { if (strpos($agent, "Linux") !== false) { $deviceOS = "Linux"; } } } } } else { $deviceOS = AJXP_Utils::osFromUserAgent($agent); } } $keyData["DEVICE_DESC"] = $deviceDesc; $keyData["DEVICE_OS"] = $deviceOS; } header("Content-type: application/json;"); echo json_encode($keys); break; default: break; } return null; }
/** * Transmit to the ajxp_conf load_plugin_manifest action * @param $action * @param $httpVars * @param $fileVars */ public function applyInstallerForm($action, $httpVars, $fileVars) { $data = array(); AJXP_Utils::parseStandardFormParameters($httpVars, $data, null, ""); // Create a custom bootstrap.json file $coreConf = array(); $coreAuth = array(); $this->_loadPluginConfig("core.conf", $coreConf); $this->_loadPluginConfig("core.auth", $coreAuth); if (!isset($coreConf["UNIQUE_INSTANCE_CONFIG"])) { $coreConf["UNIQUE_INSTANCE_CONFIG"] = array(); } if (!isset($coreAuth["MASTER_INSTANCE_CONFIG"])) { $coreAuth["MASTER_INSTANCE_CONFIG"] = array(); } $coreConf["AJXP_CLI_SECRET_KEY"] = AJXP_Utils::generateRandomString(24, true); $storageType = $data["STORAGE_TYPE"]["type"]; if ($storageType == "db") { // REWRITE BOOTSTRAP.JSON $coreConf["DIBI_PRECONFIGURATION"] = $data["STORAGE_TYPE"]["db_type"]; if (isset($coreConf["DIBI_PRECONFIGURATION"]["sqlite3_driver"])) { $dbFile = AJXP_VarsFilter::filter($coreConf["DIBI_PRECONFIGURATION"]["sqlite3_database"]); if (!file_exists(dirname($dbFile))) { mkdir(dirname($dbFile), 0755, true); } } $coreConf["UNIQUE_INSTANCE_CONFIG"] = array_merge($coreConf["UNIQUE_INSTANCE_CONFIG"], array("instance_name" => "conf.sql", "group_switch_value" => "conf.sql", "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core"))); $coreAuth["MASTER_INSTANCE_CONFIG"] = array_merge($coreAuth["MASTER_INSTANCE_CONFIG"], array("instance_name" => "auth.sql", "group_switch_value" => "auth.sql", "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core"))); // INSTALL ALL SQL TABLES $sqlPlugs = array("conf.sql", "auth.sql", "feed.sql", "log.sql", "meta.syncable"); foreach ($sqlPlugs as $plugId) { $plug = AJXP_PluginsService::findPluginById($plugId); $plug->installSQLTables(array("SQL_DRIVER" => $data["STORAGE_TYPE"]["db_type"])); } } else { $coreConf["UNIQUE_INSTANCE_CONFIG"] = array_merge($coreConf["UNIQUE_INSTANCE_CONFIG"], array("instance_name" => "conf.serial", "group_switch_value" => "conf.serial")); $coreAuth["MASTER_INSTANCE_CONFIG"] = array_merge($coreAuth["MASTER_INSTANCE_CONFIG"], array("instance_name" => "auth.serial", "group_switch_value" => "auth.serial")); } $oldBoot = $this->getPluginWorkDir(true) . "/bootstrap.json"; if (is_file($oldBoot)) { copy($oldBoot, $oldBoot . ".bak"); unlink($oldBoot); } $newBootstrap = array("core.conf" => $coreConf, "core.auth" => $coreAuth); AJXP_Utils::saveSerialFile($oldBoot, $newBootstrap, true, false, "json", true); // Write new bootstrap and reload conf plugin! if ($storageType == "db") { $coreConf["UNIQUE_INSTANCE_CONFIG"]["SQL_DRIVER"] = $coreConf["DIBI_PRECONFIGURATION"]; $coreAuth["MASTER_INSTANCE_CONFIG"]["SQL_DRIVER"] = $coreConf["DIBI_PRECONFIGURATION"]; } $newConfigPlugin = ConfService::instanciatePluginFromGlobalParams($coreConf["UNIQUE_INSTANCE_CONFIG"], "AbstractConfDriver"); $newAuthPlugin = ConfService::instanciatePluginFromGlobalParams($coreAuth["MASTER_INSTANCE_CONFIG"], "AbstractAuthDriver"); if ($data["ENCODING"] != (defined('AJXP_LOCALE') ? AJXP_LOCALE : SystemTextEncoding::getEncoding())) { file_put_contents($this->getPluginWorkDir() . "/encoding.php", "<?php \$ROOT_ENCODING='" . $data["ENCODING"] . "';"); } $tpl = file_get_contents($this->getBaseDir() . "/htaccess.tpl"); if (!empty($data["SERVER_URI"]) && $data["SERVER_URI"] != "/") { $htContent = str_replace('${APPLICATION_ROOT}', $data["SERVER_URI"], $tpl); } else { $htContent = str_replace('${APPLICATION_ROOT}/', "/", $tpl); $htContent = str_replace('${APPLICATION_ROOT}', "/", $htContent); } if (is_writeable(AJXP_INSTALL_PATH . "/.htaccess")) { file_put_contents(AJXP_INSTALL_PATH . "/.htaccess", $htContent); } else { $htAccessToUpdate = AJXP_INSTALL_PATH . "/.htaccess"; } if ($storageType == "db") { $sqlPlugs = array("core.notifications/UNIQUE_FEED_INSTANCE" => "feed.sql", "core.log/UNIQUE_PLUGIN_INSTANCE" => "log.sql", "core.mq/UNIQUE_MS_INSTANCE" => "mq.sql"); $data["ENABLE_NOTIF"] = $data["STORAGE_TYPE"]["notifications"]; } // Prepare plugins configs $direct = array("APPLICATION_TITLE" => "core.ajaxplorer/APPLICATION_TITLE", "APPLICATION_LANGUAGE" => "core.ajaxplorer/DEFAULT_LANGUAGE", "ENABLE_NOTIF" => "core.notifications/USER_EVENTS", "APPLICATION_WELCOME" => "gui.ajax/CUSTOM_WELCOME_MESSAGE"); $mailerEnabled = $data["MAILER_ENABLE"]["status"]; if ($mailerEnabled == "yes") { // Enable core.mailer $data["MAILER_SYSTEM"] = $data["MAILER_ENABLE"]["MAILER_SYSTEM"]; $data["MAILER_ADMIN"] = $data["MAILER_ENABLE"]["MAILER_ADMIN"]; $direct = array_merge($direct, array("MAILER_SYSTEM" => "mailer.phpmailer-lite/MAILER", "MAILER_ADMIN" => "core.mailer/FROM")); } foreach ($direct as $key => $value) { list($pluginId, $param) = explode("/", $value); $options = array(); $newConfigPlugin->_loadPluginConfig($pluginId, $options); $options[$param] = $data[$key]; $newConfigPlugin->_savePluginConfig($pluginId, $options); } if (isset($sqlPlugs)) { foreach ($sqlPlugs as $core => $value) { list($pluginId, $param) = explode("/", $core); $options = array(); $newConfigPlugin->_loadPluginConfig($pluginId, $options); $options[$param] = array("instance_name" => $value, "group_switch_value" => $value, "SQL_DRIVER" => array("core_driver" => "core", "group_switch_value" => "core")); $newConfigPlugin->_savePluginConfig($pluginId, $options); } } ConfService::setTmpStorageImplementations($newConfigPlugin, $newAuthPlugin); require_once $newConfigPlugin->getUserClassFileName(); $adminLogin = AJXP_Utils::sanitize($data["ADMIN_USER_LOGIN"], AJXP_SANITIZE_EMAILCHARS); $adminName = $data["ADMIN_USER_NAME"]; $adminPass = $data["ADMIN_USER_PASS"]; $adminPass2 = $data["ADMIN_USER_PASS2"]; AuthService::createUser($adminLogin, $adminPass, true); $uObj = $newConfigPlugin->createUserObject($adminLogin); if (isset($data["MAILER_ADMIN"])) { $uObj->personalRole->setParameterValue("core.conf", "email", $data["MAILER_ADMIN"]); } $uObj->personalRole->setParameterValue("core.conf", "USER_DISPLAY_NAME", $adminName); $uObj->personalRole->setAcl('ajxp_conf', 'rw'); AuthService::updateRole($uObj->personalRole); $loginP = "USER_LOGIN"; $i = 0; while (isset($data[$loginP]) && !empty($data[$loginP])) { $pass = $data[str_replace("_LOGIN", "_PASS", $loginP)]; $pass2 = $data[str_replace("_LOGIN", "_PASS2", $loginP)]; $name = $data[str_replace("_LOGIN", "_NAME", $loginP)]; $mail = $data[str_replace("_LOGIN", "_MAIL", $loginP)]; $saniLogin = AJXP_Utils::sanitize($data[$loginP], AJXP_SANITIZE_EMAILCHARS); AuthService::createUser($saniLogin, $pass); $uObj = $newConfigPlugin->createUserObject($saniLogin); $uObj->personalRole->setParameterValue("core.conf", "email", $mail); $uObj->personalRole->setParameterValue("core.conf", "USER_DISPLAY_NAME", $name); AuthService::updateRole($uObj->personalRole); $i++; $loginP = "USER_LOGIN_" . $i; } AJXP_PluginsService::clearPluginsCache(); AJXP_Utils::setApplicationFirstRunPassed(); if (isset($htAccessToUpdate)) { HTMLWriter::charsetHeader("application/json"); echo json_encode(array('file' => $htAccessToUpdate, 'content' => $htContent)); } else { session_destroy(); HTMLWriter::charsetHeader("text/plain"); echo 'OK'; } }