/** * Sends a notification to user who added a question * * @param string $email Email address of the user * @param string $userName Name of the user * @param string $url URL of answered FAQ * * @return void */ public function sendOpenQuestionAnswered($email, $userName, $url) { $this->mail->addTo($email, $userName); $this->mail->subject = $this->config->get('main.titleFAQ') . ' - ' . $this->pmfStr['msgQuestionAnswered']; $this->mail->message = sprintf($this->pmfStr['msgMessageQuestionAnswered'], $this->config->get('main.titleFAQ')) . "\n\r" . $url; $this->mail->send(); }
/** * Constructor * * @param PMF_Configuration $config * * @return PMF_Sitemap */ public function __construct(PMF_Configuration $config) { $this->_config = $config; if ($this->_config->get('security.permLevel') == 'medium') { $this->groupSupport = true; } }
/** * @static * @param PMF_Configuration $faqConfig */ public static function init(PMF_Configuration $faqConfig) { $config = array(); if ($faqConfig->get('cache.varnishEnable')) { $config[VARNISH_CONFIG_PORT] = $faqConfig->get('cache.varnishPort'); $config[VARNISH_CONFIG_SECRET] = $faqConfig->get('cache.varnishSecret'); $config[VARNISH_CONFIG_TIMEOUT] = $faqConfig->get('cache.varnishTimeout'); $config[VARNISH_CONFIG_HOST] = $faqConfig->get('cache.varnishHost'); self::$instance = new PMF_Cache_Varnish($config); } else { self::$instance = new PMF_Cache_Dummy($config); } }
/** * This function checks the content against a bad word list if the banned * word spam protection has been activated from the general phpMyFAQ * configuration. * * @param string $content * * @return bool */ public function checkBannedWord($content) { // Sanity checks $content = PMF_String::strtolower(trim($content)); if ('' === $content || !$this->_config->get('spam.checkBannedWords')) { return true; } // Check if we check more than one word $checkWords = explode(' ', $content); if (1 === count($checkWords)) { $checkWords = array($content); } $bannedWords = $this->getBannedWords(); // We just search a match of, at least, one banned word into $content if (is_array($bannedWords)) { foreach ($bannedWords as $bannedWord) { foreach ($checkWords as $word) { if (PMF_String::strtolower($word) === PMF_String::strtolower($bannedWord)) { return false; } } } } return true; }
/** * Prints the open questions as a XHTML table * * @return string * @access public * @since 2002-09-17 * @author Thorsten Rinne <*****@*****.**> */ function printOpenQuestions() { global $sids, $category; $date = new PMF_Date($this->_config); $mail = new PMF_Mail($this->_config); $query = sprintf("\n SELECT\n COUNT(id) AS num\n FROM\n %sfaqquestions\n WHERE\n is_visible != 'Y'", PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); $row = $this->_config->getDb()->fetchObject($result); $numOfInvisibles = $row->num; if ($numOfInvisibles > 0) { $extraout = sprintf('<tr><td colspan="3"><small>%s %s</small></td></tr>', $this->pmf_lang['msgQuestionsWaiting'], $numOfInvisibles); } else { $extraout = ''; } $query = sprintf("\n SELECT\n *\n FROM\n %sfaqquestions\n WHERE\n is_visible = 'Y'\n ORDER BY\n created ASC", PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); $output = ''; if ($result && $this->_config->getDb()->numRows($result) > 0) { while ($row = $this->_config->getDb()->fetchObject($result)) { $output .= '<tr class="openquestions">'; $output .= sprintf('<td><small>%s</small><br /><a href="mailto:%s">%s</a></td>', $date->format(PMF_Date::createIsoDate($row->created)), $mail->safeEmail($row->email), $row->username); $output .= sprintf('<td><strong>%s:</strong><br />%s</td>', isset($category->categoryName[$row->category_id]['name']) ? $category->categoryName[$row->category_id]['name'] : '', strip_tags($row->question)); if ($this->_config->get('records.enableCloseQuestion') && $row->answer_id) { $output .= sprintf('<td><a id="PMF_openQuestionAnswered" href="?%saction=artikel&cat=%d&id=%d">%s</a></td>', $sids, $row->category_id, $row->answer_id, $this->pmf_lang['msg2answerFAQ']); } else { $output .= sprintf('<td><a class="btn btn-primary" href="?%saction=add&question=%d&cat=%d">%s</a></td>', $sids, $row->id, $row->category_id, $this->pmf_lang['msg2answer']); } $output .= '</tr>'; } } else { $output = sprintf('<tr><td colspan="3">%s</td></tr>', $this->pmf_lang['msgNoQuestionsAvailable']); } return $output . $extraout; }
/** * Returns the number of anonymous users and registered ones. * These are the numbers of unique users who have perfomed * some activities within the last five minutes * * @param integer $activityTimeWindow Optionally set the time window size in sec. * Default: 300sec, 5 minutes * * @return array */ public function getUsersOnline($activityTimeWindow = 300) { $users = array(0, 0); if ($this->config->get('main.enableUserTracking')) { $timeNow = $_SERVER['REQUEST_TIME'] - $activityTimeWindow; if (!$this->config->get('security.enableLoginOnly')) { // Count all sids within the time window for public installations // @todo add a new field in faqsessions in order to find out only sids of anonymous users $query = sprintf("\n SELECT\n count(sid) AS anonymous_users\n FROM\n %sfaqsessions\n WHERE\n user_id = -1\n AND\n time > %d", PMF_Db::getTablePrefix(), $timeNow); $result = $this->config->getDb()->query($query); if (isset($result)) { $row = $this->config->getDb()->fetchObject($result); $users[0] = $row->anonymous_users; } } // Count all faquser records within the time window $query = sprintf("\n SELECT\n count(session_id) AS registered_users\n FROM\n %sfaquser\n WHERE\n session_timestamp > %d", PMF_Db::getTablePrefix(), $timeNow); $result = $this->config->getDb()->query($query); if (isset($result)) { $row = $this->config->getDb()->fetchObject($result); $users[1] = $row->registered_users; } } return $users; }
/** * This function checks the provided captcha code * if the captcha code spam protection has been activated from the general PMF configuration. * * @param string $code Captcha Code * @return bool */ public function checkCaptchaCode($code) { if ($this->_config->get('spam.enableCaptchaCode')) { return $this->validateCaptchaCode($code); } else { return true; } }
/** * Adds a new adminlog entry * * @param PMF_User $user User object * @param string $logText Logged string * * @return boolean */ public function logAdmin(PMF_User $user, $logText = '') { if ($this->_config->get('main.enableAdminLog')) { $query = sprintf("\n INSERT INTO\n %sfaqadminlog\n (id, time, usr, text, ip)\n VALUES \n (%d, %d, %d, '%s', '%s')", PMF_Db::getTablePrefix(), $this->_config->getDb()->nextId(PMF_Db::getTablePrefix() . 'faqadminlog', 'id'), $_SERVER['REQUEST_TIME'], $user->userdata->get('user_id'), $this->_config->getDb()->escape(nl2br($logText)), $_SERVER['REMOTE_ADDR']); return $this->_config->getDb()->query($query); } else { return false; } }
/** * Return the latest news data * * @param boolean $showArchive Show archived news * @param boolean $active Show active news * @param boolean $forceConfLimit Force to limit in configuration * * @return array */ public function getLatestData($showArchive = false, $active = true, $forceConfLimit = false) { $news = []; $counter = 0; $now = date('YmdHis'); $query = sprintf("\n SELECT\n *\n FROM\n %sfaqnews\n WHERE\n date_start <= '%s'\n AND \n date_end >= '%s'\n %s\n AND\n lang = '%s'\n ORDER BY\n datum DESC", PMF_Db::getTablePrefix(), $now, $now, $active ? "AND active = 'y'" : '', $this->_config->getLanguage()->getLanguage()); $result = $this->_config->getDb()->query($query); if ($this->_config->get('records.numberOfShownNewsEntries') > 0 && $this->_config->getDb()->numRows($result) > 0) { while ($row = $this->_config->getDb()->fetchObject($result)) { $counter++; if ($showArchive && $counter > $this->_config->get('records.numberOfShownNewsEntries') || !$showArchive && !$forceConfLimit && $counter <= $this->_config->get('records.numberOfShownNewsEntries') || !$showArchive && $forceConfLimit) { $item = array('id' => $row->id, 'lang' => $row->lang, 'date' => $row->datum, 'lang' => $row->lang, 'header' => $row->header, 'content' => $row->artikel, 'authorName' => $row->author_name, 'authorEmail' => $row->author_email, 'dateStart' => $row->date_start, 'dateEnd' => $row->date_end, 'active' => 'y' == $row->active, 'allowComments' => 'y' == $row->comment, 'link' => $row->link, 'linkTitle' => $row->linktitel, 'target' => $row->target); $news[] = $item; } } } return $news; }
/** * Performs a check if an IPv4 or IPv6 address is banned * * @param string $ip IPv4 or IPv6 address * * @return boolean true, if not banned */ public function checkIp($ip) { $bannedIps = explode(' ', $this->_config->get('security.bannedIPs')); foreach ($bannedIps as $ipAddress) { if (0 == strlen($ipAddress)) { continue; } if (false === filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { // Handle IPv4 if ($this->checkForAddrMatchIpv4($ip, $ipAddress)) { return false; } } else { // Handle IPv6 if ($this->checkForAddrMatchIpv6($ip, $ipAddress)) { return false; } } } return true; }
/** * Check on user and group permissions and on duplicate FAQs * * @param array $resultset Array with search results * * @return void */ public function reviewResultset(array $resultset) { $this->setResultset($resultset); $duplicateResults = []; $currentUserId = $this->user->getUserId(); if ('medium' === $this->_config->get('security.permLevel')) { $currentGroupIds = $this->user->perm->getUserGroups($currentUserId); } else { $currentGroupIds = array(-1); } foreach ($this->rawResultset as $result) { $permission = false; // check permissions for groups if ('medium' === $this->_config->get('security.permLevel')) { $groupPermission = $this->faq->getPermission('group', $result->id); if (count($groupPermission) && in_array($groupPermission[0], $currentGroupIds)) { $permission = true; } } // check permission for user if ($permission || 'basic' === $this->_config->get('security.permLevel')) { $userPermission = $this->faq->getPermission('user', $result->id); if (in_array(-1, $userPermission) || in_array($this->user->getUserId(), $userPermission)) { $permission = true; } else { $permission = false; } } // check on duplicates if (!isset($duplicateResults[$result->id])) { $duplicateResults[$result->id] = 1; } else { ++$duplicateResults[$result->id]; continue; } if ($permission) { $this->reviewedResultset[] = $result; } } $this->setNumberOfResults($this->reviewedResultset); }
/** * Checks if the system URI is running with http or https * * @param PMF_Configuration $faqConfig * * @return mixed */ public function getSystemUri(PMF_Configuration $faqConfig) { $mainUrl = $faqConfig->get('main.referenceURL'); if (isset($_ENV['REQUEST_SCHEME']) && 'https' === $_ENV['REQUEST_SCHEME']) { if (false === strpos($mainUrl, 'https')) { $mainUrl = str_replace('http://', 'https://', $mainUrl); } } if ('/' !== substr($mainUrl, -1)) { $mainUrl .= '/'; } return $mainUrl; }
/** * Starts the installation * * @param array $DB */ public function startInstall(array $DB = null) { $query = $uninst = $dbSetup = []; // Check table prefix $dbSetup['dbPrefix'] = $sqltblpre = PMF_Filter::filterInput(INPUT_POST, 'sqltblpre', FILTER_SANITIZE_STRING, ''); if ('' !== $dbSetup['dbPrefix']) { PMF_Db::setTablePrefix($dbSetup['dbPrefix']); } // Check database entries $dbSetup['dbType'] = PMF_Filter::filterInput(INPUT_POST, 'sql_type', FILTER_SANITIZE_STRING); if (!is_null($dbSetup['dbType'])) { $dbSetup['dbType'] = trim($dbSetup['dbType']); if (!file_exists(PMF_ROOT_DIR . '/setup/assets/sql/' . $dbSetup['dbType'] . '.sql.php')) { printf('<p class="alert alert-danger"><strong>Error:</strong> Invalid server type: %s</p>', $dbSetup['dbType']); PMF_System::renderFooter(true); } } else { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please select a database type.</p>\n"; PMF_System::renderFooter(true); } $dbSetup['dbServer'] = PMF_Filter::filterInput(INPUT_POST, 'sql_server', FILTER_SANITIZE_STRING); if (is_null($dbSetup['dbServer']) && !PMF_System::isSqlite($dbSetup['dbType'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a database server.</p>\n"; PMF_System::renderFooter(true); } $dbSetup['dbPort'] = PMF_Filter::filterInput(INPUT_POST, 'sql_port', FILTER_VALIDATE_INT); if (is_null($dbSetup['dbPort']) && !PMF_System::isSqlite($dbSetup['dbType'])) { echo "<p class=\"alert alert-error\"><strong>Error:</strong> Please add a valid database port.</p>\n"; PMF_System::renderFooter(true); } $dbSetup['dbUser'] = PMF_Filter::filterInput(INPUT_POST, 'sql_user', FILTER_SANITIZE_STRING); if (is_null($dbSetup['dbUser']) && !PMF_System::isSqlite($dbSetup['dbType'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a database username.</p>\n"; PMF_System::renderFooter(true); } $dbSetup['dbPassword'] = PMF_Filter::filterInput(INPUT_POST, 'sql_passwort', FILTER_UNSAFE_RAW); if (is_null($dbSetup['dbPassword']) && !PMF_System::isSqlite($dbSetup['dbType'])) { // Password can be empty... $dbSetup['dbPassword'] = ''; } $dbSetup['dbDatabaseName'] = PMF_Filter::filterInput(INPUT_POST, 'sql_db', FILTER_SANITIZE_STRING); if (is_null($dbSetup['dbDatabaseName']) && !PMF_System::isSqlite($dbSetup['dbType'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a database name.</p>\n"; PMF_System::renderFooter(true); } if (PMF_System::isSqlite($dbSetup['dbType'])) { $dbSetup['dbServer'] = PMF_Filter::filterInput(INPUT_POST, 'sql_sqlitefile', FILTER_SANITIZE_STRING); if (is_null($dbSetup['dbServer'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a SQLite database filename.</p>\n"; PMF_System::renderFooter(true); } } // check database connection PMF_Db::setTablePrefix($dbSetup['dbPrefix']); $db = PMF_Db::factory($dbSetup['dbType']); $db->connect($dbSetup['dbServer'], $dbSetup['dbUser'], $dbSetup['dbPassword'], $dbSetup['dbDatabaseName']); if (!$db) { printf("<p class=\"alert alert-danger\"><strong>DB Error:</strong> %s</p>\n", $db->error()); PMF_System::renderFooter(true); } $configuration = new PMF_Configuration($db); // check LDAP if available $ldapEnabled = PMF_Filter::filterInput(INPUT_POST, 'ldap_enabled', FILTER_SANITIZE_STRING); if (extension_loaded('ldap') && !is_null($ldapEnabled)) { $ldapSetup = []; // check LDAP entries $ldapSetup['ldapServer'] = PMF_Filter::filterInput(INPUT_POST, 'ldap_server', FILTER_SANITIZE_STRING); if (is_null($ldapSetup['ldapServer'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a LDAP server.</p>\n"; PMF_System::renderFooter(true); } $ldapSetup['ldapPort'] = PMF_Filter::filterInput(INPUT_POST, 'ldap_port', FILTER_VALIDATE_INT); if (is_null($ldapSetup['ldapPort'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a LDAP port.</p>\n"; PMF_System::renderFooter(true); } $ldapSetup['ldapBase'] = PMF_Filter::filterInput(INPUT_POST, 'ldap_base', FILTER_SANITIZE_STRING); if (is_null($ldapSetup['ldapBase'])) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Please add a LDAP base search DN.</p>\n"; PMF_System::renderFooter(true); } // LDAP User and LDAP password are optional $ldapSetup['ldapUser'] = PMF_Filter::filterInput(INPUT_POST, 'ldap_user', FILTER_SANITIZE_STRING, ''); $ldapSetup['ldapPassword'] = PMF_Filter::filterInput(INPUT_POST, 'ldap_password', FILTER_SANITIZE_STRING, ''); // check LDAP connection require PMF_ROOT_DIR . "/inc/PMF/Ldap.php"; $ldap = new PMF_Ldap($configuration); $ldap->connect($ldapSetup['ldapServer'], $ldapSetup['ldapPort'], $ldapSetup['ldapBase'], $ldapSetup['ldapUser'], $ldapSetup['ldapPassword']); if (!$ldap) { echo "<p class=\"alert alert-danger\"><strong>LDAP Error:</strong> " . $ldap->error() . "</p>\n"; PMF_System::renderFooter(true); } } // check loginname $loginname = PMF_Filter::filterInput(INPUT_POST, 'loginname', FILTER_SANITIZE_STRING); if (is_null($loginname)) { echo '<p class="alert alert-danger"><strong>Error:</strong> Please add a loginname for your account.</p>'; PMF_System::renderFooter(true); } // check user entries $password = PMF_Filter::filterInput(INPUT_POST, 'password', FILTER_SANITIZE_STRING); if (is_null($password)) { echo '<p class="alert alert-danger"><strong>Error:</strong> Please add a password for the your account.</p>'; PMF_System::renderFooter(true); } $password_retyped = PMF_Filter::filterInput(INPUT_POST, 'password_retyped', FILTER_SANITIZE_STRING); if (is_null($password_retyped)) { echo '<p class="alert alert-danger"><strong>Error:</strong> Please add a retyped password.</p>'; PMF_System::renderFooter(true); } if (strlen($password) <= 5 || strlen($password_retyped) <= 5) { echo '<p class="alert alert-danger"><strong>Error:</strong> Your password and retyped password are too short.' . ' Please set your password and your retyped password with a minimum of 6 characters.</p>'; PMF_System::renderFooter(true); } if ($password != $password_retyped) { echo '<p class="alert alert-danger"><strong>Error:</strong> Your password and retyped password are not equal.' . ' Please check your password and your retyped password.</p>'; PMF_System::renderFooter(true); } $language = PMF_Filter::filterInput(INPUT_POST, 'language', FILTER_SANITIZE_STRING, 'en'); $realname = PMF_Filter::filterInput(INPUT_POST, 'realname', FILTER_SANITIZE_STRING, ''); $email = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL, ''); $permLevel = PMF_Filter::filterInput(INPUT_POST, 'permLevel', FILTER_SANITIZE_STRING, 'basic'); $instanceSetup = new PMF_Instance_Setup(); $instanceSetup->setRootDir(PMF_ROOT_DIR); // Write the DB variables in database.php if (!$instanceSetup->createDatabaseFile($dbSetup)) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Setup cannot write to ./config/database.php.</p>"; $this->_system->cleanInstallation(); PMF_System::renderFooter(true); } // check LDAP if available if (extension_loaded('ldap') && !is_null($ldapEnabled)) { if (!$instanceSetup->createLdapFile($ldapSetup, '')) { echo "<p class=\"alert alert-danger\"><strong>Error:</strong> Setup cannot write to ./config/ldap.php.</p>"; $this->_system->cleanInstallation(); PMF_System::renderFooter(true); } } // connect to the database using config/database.php require PMF_ROOT_DIR . '/config/database.php'; $db = PMF_Db::factory($dbSetup['dbType']); $db->connect($DB['server'], $DB['user'], $DB['password'], $DB['db']); if (!$db) { echo "<p class=\"alert alert-danger\"><strong>DB Error:</strong> " . $db->error() . "</p>\n"; $this->_system->cleanInstallation(); PMF_System::renderFooter(true); } require PMF_ROOT_DIR . '/setup/assets/sql/' . $dbSetup['dbType'] . '.sql.php'; // CREATE TABLES require PMF_ROOT_DIR . '/setup/assets/sql/stopwords.sql.php'; // INSERTs for stopwords $this->_system->setDatabase($db); echo '<p>'; // Erase any table before starting creating the required ones if (!PMF_System::isSqlite($dbSetup['dbType'])) { $this->_system->dropTables($uninst); } // Start creating the required tables $count = 0; foreach ($query as $executeQuery) { $result = @$db->query($executeQuery); if (!$result) { echo '<p class="alert alert-danger"><strong>Error:</strong> Please install your version of phpMyFAQ once again or send us a <a href=\\"http://www.phpmyfaq.de\\" target=\\"_blank\\">bug report</a>.</p>'; printf('<p class="alert alert-danger"><strong>DB error:</strong> %s</p>', $db->error()); printf('<code>%s</code>', htmlentities($executeQuery)); $this->_system->dropTables($uninst); $this->_system->cleanInstallation(); PMF_System::renderFooter(true); } usleep(2500); $count++; if (!($count % 10)) { echo '| '; } } $link = new PMF_Link(null, $configuration); // add main configuration, add personal settings $this->_mainConfig['main.metaPublisher'] = $realname; $this->_mainConfig['main.administrationMail'] = $email; $this->_mainConfig['main.language'] = $language; $this->_mainConfig['security.permLevel'] = $permLevel; foreach ($this->_mainConfig as $name => $value) { $configuration->add($name, $value); } $configuration->update(array('main.referenceURL' => $link->getSystemUri('/setup/index.php'))); $configuration->add('security.salt', md5($configuration->get('main.referenceURL'))); // add admin account and rights $admin = new PMF_User($configuration); if (!$admin->createUser($loginname, $password, 1)) { printf("<p class=\"alert alert-danger\"><strong>Fatal installation error:</strong><br>" . "Couldn't create the admin user: %s</p>\n", $admin->error()); $this->_system->cleanInstallation(); PMF_System::renderFooter(true); } $admin->setStatus('protected'); $adminData = array('display_name' => $realname, 'email' => $email); $admin->setUserData($adminData); // add default rights foreach ($this->_mainRights as $right) { $admin->perm->grantUserRight(1, $admin->perm->addRight($right)); } // Add anonymous user account $instanceSetup->createAnonymousUser($configuration); // Add master instance $instanceData = array('url' => $link->getSystemUri($_SERVER['SCRIPT_NAME']), 'instance' => $link->getSystemRelativeUri('setup/index.php'), 'comment' => 'phpMyFAQ ' . PMF_System::getVersion()); $faqInstance = new PMF_Instance($configuration); $faqInstance->addInstance($instanceData); $faqInstanceMaster = new PMF_Instance_Master($configuration); $faqInstanceMaster->createMaster($faqInstance); echo '</p>'; }
/** * This static method returns a valid CurrentUser object if there is one * in the session that is not timed out. The session-ID is updated if * necessary. The CurrentUser will be removed from the session, if it is * timed out. If there is no valid CurrentUser in the session or the * session is timed out, null will be returned. If the session data is * correct, but there is no user found in the user table, false will be * returned. On success, a valid CurrentUser object is returned. * * @static * * @param PMF_Configuration $config * * @return null|PMF_User_CurrentUser */ public static function getFromSession(PMF_Configuration $config) { // there is no valid user object in session if (!isset($_SESSION[PMF_SESSION_CURRENT_USER]) || !isset($_SESSION[PMF_SESSION_ID_TIMESTAMP])) { return null; } // create a new CurrentUser object $user = new PMF_User_CurrentUser($config); $user->getUserById($_SESSION[PMF_SESSION_CURRENT_USER]); // user object is timed out if ($user->sessionIsTimedOut()) { $user->deleteFromSession(); $user->errors[] = 'Session timed out.'; return null; } // session-id not found in user table $session_info = $user->getSessionInfo(); $session_id = isset($session_info['session_id']) ? $session_info['session_id'] : ''; if ($session_id == '' || $session_id != session_id()) { return false; } // check ip if ($config->get('security.ipCheck') && $session_info['ip'] != $_SERVER['REMOTE_ADDR']) { return false; } // session-id needs to be updated if ($user->sessionIdIsTimedOut()) { $user->updateSessionId(); } // user is now logged in $user->_loggedIn = true; // save current user to session and return the instance $user->saveToSession(); return $user; }
/** * Adds a table of content for exports of the complete FAQ * * @return void */ public function addFaqToc() { global $PMF_LANG; $this->addTOCPage(); // Title $this->SetFont($this->currentFont, 'B', 24); $this->MultiCell(0, 0, $this->_config->get('main.titleFAQ'), 0, 'C', 0, 1, '', '', true, 0); $this->Ln(); // TOC $this->SetFont($this->currentFont, 'B', 16); $this->MultiCell(0, 0, $PMF_LANG['msgTableOfContent'], 0, 'C', 0, 1, '', '', true, 0); $this->Ln(); $this->SetFont($this->currentFont, '', 12); // Render TOC $this->addTOC(1, $this->currentFont, '.', $PMF_LANG['msgTableOfContent'], 'B', array(128, 0, 0)); $this->endTOCPage(); }
/** * If the email spam protection has been activated from the general * phpMyFAQ configuration this method converts an email address e.g. * from "*****@*****.**" to "user_AT_example_DOT_org". Otherwise * it will return the plain email address. * * @param string $email E-mail address * @static * * @return string */ public function safeEmail($email) { if ($this->_config->get('spam.enableSafeEmail')) { return str_replace(array('@', '.'), array('_AT_', '_DOT_'), $email); } else { return $email; } }
/** * Verifies specified article content and update links_state database entry * * @param string $contents * @param integer $id * @param string $artlang * @param boolean $cron * * @return string HTML text, if $cron is false (default) */ public function verifyArticleURL($contents = '', $id = 0, $artlang = '', $cron = false) { global $PMF_LANG; if ($this->_config->get('main.referenceURL') == '') { $output = $PMF_LANG['ad_linkcheck_noReferenceURL']; return $cron ? '' : '<br /><br />' . $output; } if (trim('' == $this->_config->get('main.referenceURL'))) { $output = $PMF_LANG['ad_linkcheck_noReferenceURL']; return $cron ? '' : '<br /><br />' . $output; } if ($this->isReady() === false) { $output = $PMF_LANG['ad_linkcheck_noAllowUrlOpen']; return $cron ? '' : '<br /><br />' . $output; } // Parse contents and verify URLs $this->parse_string($contents); $result = $this->VerifyURLs($this->_config->get('main.referenceURL')); $this->markEntry($id, $artlang); // If no URLs found if ($result == false) { $output = sprintf('<h2>%s</h2><br />%s', $PMF_LANG['ad_linkcheck_checkResult'], $PMF_LANG['ad_linkcheck_noLinksFound']); return $cron ? '' : $output; } $failreasons = $inforeasons = []; $output = " <h2>" . $PMF_LANG['ad_linkcheck_checkResult'] . "</h2>\n"; $output .= ' <table class="verifyArticleURL">' . "\n"; foreach ($result as $type => $_value) { $output .= " <tr><td><strong>" . PMF_String::htmlspecialchars($type) . "</strong></td></tr>\n"; foreach ($_value as $value) { $_output = ' <td />'; $_output .= ' <td><a href="' . $value['absurl'] . '" target="_blank">' . PMF_String::htmlspecialchars($value['absurl']) . "</a></td>\n"; $_output .= ' <td>'; if (isset($value['redirects']) && $value['redirects'] > 0) { $_redirects = "(" . $value['redirects'] . ")"; } else { $_redirects = ""; } if ($value['valid'] === true) { $_classname = "urlsuccess"; $_output .= '<td class="' . $_classname . '">' . $PMF_LANG['ad_linkcheck_checkSuccess'] . $_redirects . '</td>'; if ($value['reason'] != "") { $inforeasons[] = sprintf($PMF_LANG['ad_linkcheck_openurl_infoprefix'], PMF_String::htmlspecialchars($value['absurl'])) . $value['reason']; } } else { $_classname = "urlfail"; $_output .= '<td class="' . $_classname . '">' . $PMF_LANG['ad_linkcheck_checkFailed'] . '</td>'; if ($value['reason'] != "") { $failreasons[] = $value['reason']; } } $_output .= '</td>'; $output .= ' <tr class="' . $_classname . '">' . "\n" . $_output . "\n"; $output .= " </tr>\n"; } } $output .= " </table>\n"; if (count($failreasons) > 0) { $output .= " <br />\n <strong>" . $PMF_LANG['ad_linkcheck_failReason'] . "</strong>\n <ul>\n"; foreach ($failreasons as $reason) { $output .= " <li>" . $reason . "</li>\n"; } $output .= " </ul>\n"; } if (count($inforeasons) > 0) { $output .= " <br />\n <strong>" . $PMF_LANG['ad_linkcheck_infoReason'] . "</strong>\n <ul>\n"; foreach ($inforeasons as $reason) { $output .= " <li>" . $reason . "</li>\n"; } $output .= " </ul>\n"; } if ($cron) { return ''; } else { return $output; } }
/** * Setter for salt * * @param string $login * * @return PMF_Enc */ public function setSalt($login) { $this->salt = $this->_config->get('security.salt') . $login; return $this; }
// ini_set('session.use_only_cookies', 1); // Avoid any PHP version to move sessions on URLs ini_set('session.auto_start', 0); // Prevent error to use session_start() if it's active in php.ini ini_set('session.use_trans_sid', 0); ini_set('url_rewriter.tags', ''); // // Start the PHP session // PMF_Init::cleanRequest(); session_start(); // // Connect to LDAP server, when LDAP support is enabled // if ($faqConfig->get('security.ldapSupport') && file_exists(PMF_CONFIG_DIR . '/ldap.php') && extension_loaded('ldap')) { require PMF_CONFIG_DIR . '/constants_ldap.php'; require PMF_CONFIG_DIR . '/ldap.php'; $faqConfig->setLdapConfig($PMF_LDAP); } else { $ldap = null; } // // Build attachments path // $confAttachmentsPath = trim($faqConfig->get('records.attachmentsPath')); if ('/' == $confAttachmentsPath[0] || preg_match('%^[a-z]:(\\\\|/)%i', $confAttachmentsPath)) { // If we're here, some windows or unix style absolute path was detected. define('PMF_ATTACHMENTS_DIR', $confAttachmentsPath); } else { // otherwise build the absolute path
/** * Returns the "Send 2 Friends" URL * * @return string */ public function getSuggestLink() { return sprintf('%s?action=send2friend&cat=%d&id=%d&artlang=%s', $this->_config->get('main.referenceURL'), $this->getCategoryId(), $this->getFaqId(), $this->getLanguage()); }
/** * Resolves the PMF markers like e.g. %sitename%. * * @param string $text Text contains PMF markers * @param PMF_Configuration $config * * @return string */ public static function resolveMarkers($text, PMF_Configuration $config) { // Available markers: key and resolving value $markers = array('%sitename%' => $config->get('main.titleFAQ')); // Resolve any known pattern return str_replace(array_keys($markers), array_values($markers), $text); }
/** * Constructor * * @param PMF_Configuration $config * * @return PMF_User */ public function __construct(PMF_Configuration $config) { $this->config = $config; $perm = PMF_Perm::selectPerm($this->config->get('security.permLevel'), $this->config); if (!$this->addPerm($perm)) { return; } // authentication objects // always make a 'local' $auth object (see: $authData) $this->authContainer = []; $auth = new PMF_Auth($this->config); $authLocal = $auth->selectAuth($this->getAuthSource('name')); $authLocal->selectEncType($this->getAuthData('encType')); $authLocal->setReadOnly($this->getAuthData('readOnly')); if (!$this->addAuth($authLocal, $this->getAuthSource('type'))) { return; } // additionally, set given $auth objects if (count($auth) > 0) { foreach ($auth as $name => $authObject) { if (!$authObject instanceof PMF_Auth_Driver && !$this->addAuth($authObject, $name)) { break; } } } // user data object $this->userdata = new PMF_User_UserData($this->config); }
/** * print the static tree with the number of records * * @return string */ public function viewTree() { global $sids, $plr; $totFaqRecords = 0; $number = []; $query = sprintf("\n SELECT\n fcr.category_id AS category_id,\n count(fcr.category_id) AS number\n FROM\n %sfaqcategoryrelations fcr,\n %sfaqdata fd\n WHERE\n fcr.record_id = fd.id\n AND\n fcr.record_lang = fd.lang", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()); if (strlen($this->language) > 0) { $query .= sprintf(" AND fd.lang = '%s'", $this->language); } $query .= sprintf("\n AND\n fd.active = 'yes'\n GROUP BY\n fcr.category_id", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); if ($this->_config->getDb()->numRows($result) > 0) { while ($row = $this->_config->getDb()->fetchObject($result)) { $number[$row->category_id] = $row->number; } } $output = "<ul>\n"; $open = 0; $this->expandAll(); for ($y = 0; $y < $this->height(); $y = $this->getNextLineTree($y)) { list($hasChild, $categoryName, $parent, $description) = $this->getLineDisplay($y); $level = $this->treeTab[$y]['level']; $leveldiff = $open - $level; if (!isset($number[$parent])) { $number[$parent] = 0; } if ($this->_config->get('records.hideEmptyCategories') && 0 === $number[$parent] && '-' === $hasChild) { continue; } if ($leveldiff > 1) { $output .= '</li>'; for ($i = $leveldiff; $i > 1; $i--) { $output .= sprintf("\n%s</ul>\n%s</li>\n", str_repeat("\t", $level + $i + 1), str_repeat("\t", $level + $i)); } } if ($level < $open) { if ($level - $open == -1) { $output .= '</li>'; } $output .= sprintf("\n%s</ul>\n%s</li>\n", str_repeat("\t", $level + 2), str_repeat("\t", $level + 1)); } elseif ($level == $open && $y != 0) { $output .= "</li>\n"; } if ($level > $open) { $output .= sprintf("\n%s<ul>\n%s<li>", str_repeat("\t", $level + 1), str_repeat("\t", $level + 1)); } else { $output .= str_repeat("\t", $level + 1) . "<li>"; } if (0 === $number[$parent] && 0 === $level) { $numFaqs = ''; } else { $totFaqRecords += $number[$parent]; $numFaqs = '<span class="rssCategoryLink"> (' . $plr->GetMsg('plmsgEntries', $number[$parent]); if ($this->_config->get('main.enableRssFeeds')) { $numFaqs .= sprintf(' <a href="feed/category/rss.php?category_id=%d&category_lang=%s" target="_blank"><i class="fa fa-rss"></i></a>', $parent, $this->language, $parent); } $numFaqs .= ')</span>'; } $url = sprintf('%s?%saction=show&cat=%d', PMF_Link::getSystemRelativeUri(), $sids, $parent); $oLink = new PMF_Link($url, $this->_config); $oLink->itemTitle = $categoryName; $oLink->text = $categoryName; $oLink->tooltip = $description; $output .= $oLink->toHtmlAnchor() . $numFaqs; $open = $level; } if (isset($level) && $level > 0) { $output .= str_repeat("</li>\n\t</ul>\n\t", $level); } $output .= "\t</li>\n"; $output .= "\t</ul>\n"; $output .= '<span id="totFaqRecords" style="display: none;">' . $totFaqRecords . "</span>\n"; return $output; }
/** * Returns date formatted according to user defined format * * @param string $date * @return string */ public function format($unformattedDate) { $date = new DateTime($unformattedDate); return $date->format($this->_config->get('main.dateFormat')); }
/** * Rewrites a URL string * * @param boolean $forceNoModrewriteSupport Force no rewrite support * * @return string */ public function toString($forceNoModrewriteSupport = false) { $url = $this->toUri(); // Check mod_rewrite support and 'rewrite' the passed (system) uri // according to the rewrite rules written in .htaccess if (!$forceNoModrewriteSupport && $this->_config->get('main.enableRewriteRules')) { if ($this->isHomeIndex()) { $getParams = $this->getHttpGetParameters(); if (isset($getParams[self::PMF_LINK_GET_ACTION])) { // Get the part of the url 'till the '/' just before the pattern $url = substr($url, 0, strpos($url, self::PMF_LINK_INDEX_HOME) + 1); // Build the Url according to .htaccess rules switch ($getParams[self::PMF_LINK_GET_ACTION]) { case self::PMF_LINK_GET_ACTION_ADD: $url .= self::PMF_LINK_HTML_ADDCONTENT; break; case self::PMF_LINK_GET_ACTION_ARTIKEL: $url .= self::PMF_LINK_CONTENT . $getParams[self::PMF_LINK_GET_CATEGORY] . self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_ID] . self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_ARTLANG] . self::PMF_LINK_SLASH . $this->getSEOItemTitle() . self::PMF_LINK_HTML_EXTENSION; if (isset($getParams[self::PMF_LINK_GET_HIGHLIGHT])) { $url .= self::PMF_LINK_SEARCHPART_SEPARATOR . self::PMF_LINK_GET_HIGHLIGHT . '=' . $getParams[self::PMF_LINK_GET_HIGHLIGHT]; } if (isset($getParams[self::PMF_LINK_FRAGMENT_SEPARATOR])) { $url .= self::PMF_LINK_FRAGMENT_SEPARATOR . $getParams[self::PMF_LINK_FRAGMENT_SEPARATOR]; } break; case self::PMF_LINK_GET_ACTION_ASK: $url .= self::PMF_LINK_HTML_ASK; break; case self::PMF_LINK_GET_ACTION_CONTACT: $url .= self::PMF_LINK_HTML_CONTACT; break; case self::PMF_LINK_GET_ACTION_GLOSSARY: $url .= self::PMF_LINK_HTML_GLOSSARY; break; case self::PMF_LINK_GET_ACTION_HELP: $url .= self::PMF_LINK_HTML_HELP; break; case self::PMF_LINK_GET_ACTION_OPEN: $url .= self::PMF_LINK_HTML_OPEN; break; case self::PMF_LINK_GET_ACTION_SEARCH: if (!isset($getParams[self::PMF_LINK_GET_ACTION_SEARCH]) && isset($getParams[self::PMF_LINK_GET_TAGGING_ID])) { $url .= self::PMF_LINK_TAGS . $getParams[self::PMF_LINK_GET_TAGGING_ID]; if (isset($getParams[self::PMF_LINK_GET_PAGE])) { $url .= self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_PAGE]; } $url .= self::PMF_LINK_SLASH . $this->getSEOItemTitle() . self::PMF_LINK_HTML_EXTENSION; } elseif (isset($getParams[self::PMF_LINK_GET_ACTION_SEARCH])) { $url .= self::PMF_LINK_HTML_SEARCH; $url .= self::PMF_LINK_SEARCHPART_SEPARATOR . self::PMF_LINK_GET_ACTION_SEARCH . '=' . $getParams[self::PMF_LINK_GET_ACTION_SEARCH]; if (isset($getParams[self::PMF_LINK_GET_PAGE])) { $url .= self::PMF_LINK_AMPERSAND . self::PMF_LINK_GET_PAGE . '=' . $getParams[self::PMF_LINK_GET_PAGE]; } } if (isset($getParams[self::PMF_LINK_GET_LANGS])) { $url .= self::PMF_LINK_AMPERSAND . self::PMF_LINK_GET_LANGS . '=' . $getParams[self::PMF_LINK_GET_LANGS]; } break; case self::PMF_LINK_GET_ACTION_SITEMAP: if (isset($getParams[self::PMF_LINK_GET_LETTER])) { $url .= self::PMF_LINK_SITEMAP . $getParams[self::PMF_LINK_GET_LETTER] . self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_LANG] . self::PMF_LINK_HTML_EXTENSION; } else { $url .= self::PMF_LINK_SITEMAP . 'A' . self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_LANG] . self::PMF_LINK_HTML_EXTENSION; } break; case self::PMF_LINK_GET_ACTION_SHOW: if (!isset($getParams[self::PMF_LINK_GET_CATEGORY]) || isset($getParams[self::PMF_LINK_GET_CATEGORY]) && 0 == $getParams[self::PMF_LINK_GET_CATEGORY]) { $url .= self::PMF_LINK_HTML_SHOWCAT; } else { $url .= self::PMF_LINK_CATEGORY . $getParams[self::PMF_LINK_GET_CATEGORY]; if (isset($getParams[self::PMF_LINK_GET_PAGE])) { $url .= self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_PAGE]; } $url .= self::PMF_LINK_HTML_SLASH . $this->getSEOItemTitle() . self::PMF_LINK_HTML_EXTENSION; } break; case self::PMF_LINK_GET_ACTION_NEWS: $url .= self::PMF_LINK_NEWS . $getParams[self::PMF_LINK_GET_NEWS_ID] . self::PMF_LINK_HTML_SLASH . $getParams[self::PMF_LINK_GET_NEWS_LANG] . self::PMF_LINK_SLASH . $this->getSEOItemTitle() . self::PMF_LINK_HTML_EXTENSION; break; } if (isset($getParams[self::PMF_LINK_GET_SIDS])) { $url = $this->appendSids($url, $getParams[self::PMF_LINK_GET_SIDS]); } if (isset($getParams['fragment'])) { $url .= self::PMF_LINK_FRAGMENT_SEPARATOR . $getParams['fragment']; } } } } return $url; }