/** * Specific operations to perform at boot time * @static * @param array $START_PARAMETERS A HashTable of parameters to send back to the client * @return void */ public static function bootSequence(&$START_PARAMETERS) { if (AJXP_Utils::detectApplicationFirstRun()) { return; } if (file_exists(AJXP_CACHE_DIR . "/admin_counted")) { return; } $rootRole = AuthService::getRole("ROOT_ROLE", false); if ($rootRole === false) { $rootRole = new AJXP_Role("ROOT_ROLE"); $rootRole->setLabel("Root Role"); $rootRole->setAutoApplies(array("standard", "admin")); $dashId = ""; foreach (ConfService::getRepositoriesList("all") as $repositoryId => $repoObject) { if ($repoObject->isTemplate) { continue; } if ($repoObject->getAccessType() == "ajxp_user") { $dashId = $repositoryId; } $gp = $repoObject->getGroupPath(); if (empty($gp) || $gp == "/") { if ($repoObject->getDefaultRight() != "") { $rootRole->setAcl($repositoryId, $repoObject->getDefaultRight()); } } } if (!empty($dashId)) { $rootRole->setParameterValue("core.conf", "DEFAULT_START_REPOSITORY", $dashId); } $paramNodes = AJXP_PluginsService::searchAllManifests("//server_settings/param[@scope]", "node", false, false, true); if (is_array($paramNodes) && count($paramNodes)) { foreach ($paramNodes as $xmlNode) { $default = $xmlNode->getAttribute("default"); if (empty($default)) { continue; } $parentNode = $xmlNode->parentNode->parentNode; $pluginId = $parentNode->getAttribute("id"); if (empty($pluginId)) { $pluginId = $parentNode->nodeName . "." . $parentNode->getAttribute("name"); } $rootRole->setParameterValue($pluginId, $xmlNode->getAttribute("name"), $default); } } AuthService::updateRole($rootRole); } $miniRole = AuthService::getRole("MINISITE", false); if ($miniRole === false) { $rootRole = new AJXP_Role("MINISITE"); $rootRole->setLabel("Minisite Users"); $actions = array("access.fs" => array("ajxp_link", "chmod", "purge"), "meta.watch" => array("toggle_watch"), "conf.serial" => array("get_bookmarks"), "conf.sql" => array("get_bookmarks"), "index.lucene" => array("index"), "action.share" => array("share"), "gui.ajax" => array("bookmark"), "auth.serial" => array("pass_change"), "auth.sql" => array("pass_change")); foreach ($actions as $pluginId => $acts) { foreach ($acts as $act) { $rootRole->setActionState($pluginId, $act, AJXP_REPO_SCOPE_SHARED, false); } } AuthService::updateRole($rootRole); } $miniRole = AuthService::getRole("MINISITE_NODOWNLOAD", false); if ($miniRole === false) { $rootRole = new AJXP_Role("MINISITE_NODOWNLOAD"); $rootRole->setLabel("Minisite Users - No Download"); $actions = array("access.fs" => array("download", "download_chunk", "prepare_chunk_dl", "download_all")); foreach ($actions as $pluginId => $acts) { foreach ($acts as $act) { $rootRole->setActionState($pluginId, $act, AJXP_REPO_SCOPE_SHARED, false); } } AuthService::updateRole($rootRole); } $miniRole = AuthService::getRole("GUEST", false); if ($miniRole === false) { $rootRole = new AJXP_Role("GUEST"); $rootRole->setLabel("Guest user role"); $actions = array("access.fs" => array("purge"), "meta.watch" => array("toggle_watch"), "index.lucene" => array("index")); $rootRole->setAutoApplies(array("guest")); foreach ($actions as $pluginId => $acts) { foreach ($acts as $act) { $rootRole->setActionState($pluginId, $act, AJXP_REPO_SCOPE_ALL); } } AuthService::updateRole($rootRole); } $adminCount = AuthService::countAdminUsers(); if ($adminCount == 0) { $authDriver = ConfService::getAuthDriverImpl(); $adminPass = ADMIN_PASSWORD; if ($authDriver->getOption("TRANSMIT_CLEAR_PASS") !== true) { $adminPass = md5(ADMIN_PASSWORD); } AuthService::createUser("admin", $adminPass, true); if (ADMIN_PASSWORD == INITIAL_ADMIN_PASSWORD) { $userObject = ConfService::getConfStorageImpl()->createUserObject("admin"); $userObject->setAdmin(true); AuthService::updateAdminRights($userObject); if (AuthService::changePasswordEnabled()) { $userObject->setLock("pass_change"); } $userObject->save("superuser"); $START_PARAMETERS["ALERT"] .= "Warning! User 'admin' was created with the initial password '" . INITIAL_ADMIN_PASSWORD . "'. \\nPlease log in as admin and change the password now!"; } AuthService::updateUser($userObject); } else { if ($adminCount == -1) { // Here we may come from a previous version! Check the "admin" user and set its right as admin. $confStorage = ConfService::getConfStorageImpl(); $adminUser = $confStorage->createUserObject("admin"); $adminUser->setAdmin(true); $adminUser->save("superuser"); $START_PARAMETERS["ALERT"] .= "There is an admin user, but without admin right. Now any user can have the administration rights, \\n your 'admin' user was set with the admin rights. Please check that this suits your security configuration."; } } file_put_contents(AJXP_CACHE_DIR . "/admin_counted", "true"); }
function switchAction($action, $httpVars, $fileVars) { if (!isset($this->actions[$action])) { return; } $xmlBuffer = ""; foreach ($httpVars as $getName => $getValue) { ${$getName} = AJXP_Utils::securePath($getValue); } if (isset($dir) && $action != "upload") { $dir = SystemTextEncoding::fromUTF8($dir); } $mess = ConfService::getMessages(); switch ($action) { //------------------------------------ // GET AN HTML TEMPLATE //------------------------------------ case "get_template": HTMLWriter::charsetHeader(); $folder = CLIENT_RESOURCES_FOLDER . "/html"; if (isset($httpVars["pluginName"])) { $folder = "plugins/" . $httpVars["pluginName"]; if (isset($httpVars["pluginPath"])) { $folder .= "/" . $httpVars["pluginPath"]; } } if (isset($template_name) && is_file($folder . "/" . $template_name)) { include $folder . "/" . $template_name; } exit(0); break; //------------------------------------ // GET I18N MESSAGES //------------------------------------ //------------------------------------ // GET I18N MESSAGES //------------------------------------ case "get_i18n_messages": HTMLWriter::charsetHeader('text/javascript'); HTMLWriter::writeI18nMessagesClass(ConfService::getMessages()); exit(0); break; //------------------------------------ // SEND XML REGISTRY //------------------------------------ //------------------------------------ // SEND XML REGISTRY //------------------------------------ case "get_xml_registry": $regDoc = AJXP_PluginsService::getXmlRegistry(); if (isset($_GET["xPath"])) { $regPath = new DOMXPath($regDoc); $nodes = $regPath->query($_GET["xPath"]); AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"])); if ($nodes->length) { print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML($nodes->item(0))); } AJXP_XMLWriter::close("ajxp_registry_part"); } else { header('Content-Type: application/xml; charset=UTF-8'); print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML()); } exit(0); break; //------------------------------------ // DISPLAY DOC //------------------------------------ //------------------------------------ // DISPLAY DOC //------------------------------------ case "display_doc": HTMLWriter::charsetHeader(); echo HTMLWriter::getDocFile(htmlentities($_GET["doc_file"])); exit(1); break; //------------------------------------ // CHECK UPDATE //------------------------------------ //------------------------------------ // CHECK UPDATE //------------------------------------ case "check_software_update": $content = @file_get_contents(SOFTWARE_UPDATE_SITE . "last_version.txt"); $message = $mess["345"]; if (isset($content) && $content != "") { $last_version = floatval($content); $currrent_version = floatval(AJXP_VERSION); if ($last_version == $currrent_version) { $message = $mess["346"]; } else { if ($last_version > $currrent_version) { $message = sprintf($mess["347"], $content, '<a href="http://www.ajaxplorer.info/">http://www.ajaxplorer.info/</a>'); } } } HTMLWriter::charsetHeader("text/plain"); print $message; exit(1); break; //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ case "get_boot_conf": if (isset($_GET["server_prefix_uri"])) { $_SESSION["AJXP_SERVER_PREFIX_URI"] = $_GET["server_prefix_uri"]; } $config = array(); $config["ajxpResourcesFolder"] = AJXP_THEME_FOLDER; $config["ajxpServerAccess"] = SERVER_ACCESS; $config["zipEnabled"] = ConfService::zipEnabled(); $config["multipleFilesDownloadEnabled"] = !DISABLE_ZIP_CREATION; $config["flashUploaderEnabled"] = ConfService::getConf("UPLOAD_ENABLE_FLASH"); $welcomeCustom = ConfService::getConf("WELCOME_CUSTOM_MSG"); if ($welcomeCustom != "") { $config["customWelcomeMessage"] = $welcomeCustom; } if (!ConfService::getConf("UPLOAD_ENABLE_FLASH")) { $UploadMaxSize = AJXP_Utils::convertBytes(ini_get('upload_max_filesize')); $confMaxSize = ConfService::getConf("UPLOAD_MAX_FILE"); if ($confMaxSize != 0 && $confMaxSize < $UploadMaxSize) { $UploadMaxSize = $confMaxSize; } $confTotalNumber = ConfService::getConf("UPLOAD_MAX_NUMBER"); $config["htmlMultiUploaderOptions"] = array("282" => $UploadMaxSize, "284" => $confTotalNumber); } $config["usersEnabled"] = AuthService::usersEnabled(); $config["loggedUser"] = AuthService::getLoggedUser() != null; $config["currentLanguage"] = ConfService::getLanguage(); $config["userChangePassword"] = AuthService::changePasswordEnabled(); $config["availableLanguages"] = ConfService::getConf("AVAILABLE_LANG"); $config["ajxpVersion"] = AJXP_VERSION; $config["ajxpVersionDate"] = AJXP_VERSION_DATE; if (stristr($_SERVER["HTTP_USER_AGENT"], "msie 6")) { $config["cssResources"] = array("css/pngHack/pngHack.css"); } if (defined("GOOGLE_ANALYTICS_ID") && GOOGLE_ANALYTICS_ID != "") { $config["googleAnalyticsData"] = array("id" => GOOGLE_ANALYTICS_ID, "domain" => GOOGLE_ANALYTICS_DOMAIN, "event" => GOOGLE_ANALYTICS_EVENT); } $config["i18nMessages"] = ConfService::getMessages(); header("Content-type:application/json;charset=UTF-8"); print json_encode($config); exit(1); break; default: break; } if (isset($logMessage) || isset($errorMessage)) { $xmlBuffer .= AJXP_XMLWriter::sendMessage(isset($logMessage) ? $logMessage : null, isset($errorMessage) ? $errorMessage : null, false); } if (isset($requireAuth)) { $xmlBuffer .= AJXP_XMLWriter::requireAuth(false); } if (isset($reload_current_node) && $reload_current_node == "true") { $xmlBuffer .= AJXP_XMLWriter::reloadCurrentNode(false); } if (isset($reload_dest_node) && $reload_dest_node != "") { $xmlBuffer .= AJXP_XMLWriter::reloadNode($reload_dest_node, false); } if (isset($reload_file_list)) { $xmlBuffer .= AJXP_XMLWriter::reloadFileList($reload_file_list, false); } return $xmlBuffer; }