function __construct() { // DO Not translate - debug info only. $log = e107::getAdminLog(); if (E107_DEBUG_LEVEL > 0 || e107::getPref('developer')) { $dep = debug_backtrace(false); foreach ($dep as $d) { $log->addDebug("Deprecated ArrayStorage Class called by " . str_replace(e_ROOT, "", $d['file']) . " on line " . $d['line']); } $log->save('DEPRECATED', E_LOG_NOTICE, '', false, LOG_TO_ROLLING); e107::getMessage()->addDebug("Please remove references to <b>arraystorage_class.php</b> and use e107::serialize() and e107::unserialize() instead."); } }
function parseXmlContents() { $log = e107::getAdminLog(); foreach ($this->xmlData as $key => $value) { unset($this->xmlData[$key]); } foreach ($this->counterArray as $key => $value) { unset($this->counterArray[$key]); } if (!function_exists('xml_parser_create')) { $log->addDebug("No XML source specified")->save('XML', E_LOG_WARNING); return FALSE; } if (!$this->xmlLegacyContents) { $log->addDebug("No XML source specified")->save('XML'); return FALSE; } $this->parser = xml_parser_create(''); xml_set_object($this->parser, $this); xml_set_element_handler($this->parser, 'startElement', 'endElement'); xml_set_character_data_handler($this->parser, 'characterData'); $array = explode("\n", $this->xmlLegacyContents); foreach ($array as $data) { if (strlen($data == 4096)) { $log->addDebug("The XML cannot be parsed as it is badly formed.")->save('XML'); return FALSE; } if (!xml_parse($this->parser, $data)) { $error = sprintf('XML error: %s at line %d, column %d', xml_error_string(xml_get_error_code($this->parser)), xml_get_current_line_number($this->parser), xml_get_current_column_number($this->parser)); $log->addDebug($error)->save('XML'); return FALSE; } } xml_parser_free($this->parser); return $this->xmlData; }
function maintenanceProcess() { $mes = e107::getMessage(); $ns = e107::getRender(); $log = e107::getAdminLog(); $frm = e107::getForm(); $sql = e107::getDb(); // print_a($_POST); if (!empty($_POST['deleteoldadmin']) && isset($_POST['rolllog_clearadmin'])) { $back_count = intval($_POST['rolllog_clearadmin']); $_POST['backdeltype'] = 'confdel'; $action = 'backdel'; } elseif (!empty($_POST['deleteoldaudit']) && isset($_POST['rolllog_clearaudit'])) { $back_count = intval($_POST['rolllog_clearaudit']); $action = 'backdel'; $_POST['backdeltype'] = 'auditdel'; } /* if(isset($back_count)) { if(($back_count >= 1) && ($back_count <= 90)) { $temp_date = getdate(); $old_date = intval(mktime(0, 0, 0, $temp_date['mon'], $temp_date['mday'] - $back_count, $temp_date['year'])); $old_string = strftime("%d %B %Y", $old_date); // $message = "Back delete ".$back_count." days. Oldest date = ".$old_string; $action = $next_action; $qs[1] = $old_date; $qs[2] = $back_count; } else { $mes->addWarning(RL_LAN_050); } } */ $old_date = strtotime($back_count . ' days ago'); // Actually delete back events - admin or user audit log if ($action == "backdel" && isset($_POST['backdeltype'])) { // $old_date = intval($qs[1]); $old_string = strftime("%d %B %Y", $old_date); $qry = "dblog_datestamp < " . $old_date; // Same field for both logs switch ($_POST['backdeltype']) { case 'confdel': $db_table = 'admin_log'; $db_name = RL_LAN_052; $db_msg = "ADLOG_02"; break; case 'auditdel': $db_table = 'audit_log'; $db_name = RL_LAN_053; $db_msg = "ADLOG_03"; break; default: exit; // Someone fooling around! } e107::getMessage()->addDebug("Back delete, oldest date = {$old_string} Query = {$qry}"); if ($del_count = $sql->delete($db_table, $qry)) { // Add in a log event $message = $db_name . str_replace(array('--OLD--', '--NUM--'), array($old_string, $del_count), RL_LAN_057); $mes->addSuccess($message); $log->log_event($db_msg, "db_Delete - earlier than {$old_string} (past {$back_count} days)[!br!]" . $message . '[!br!]' . $db_table . ' ' . $qry, E_LOG_INFORMATIVE, ''); } else { $mes->addWarning(RL_LAN_054 . " : " . $sql->mySQLresult); } } // Prompt to delete back events /* if(($action == "confdel") || ($action == "auditdel")) { $old_string = strftime("%d %B %Y", $qs[1]); $text = " <form method='post' action='".e_SELF."?backdel.{$qs[1]}.{$qs[2]}'> <fieldset id='core-admin-log-confirm-delete'> <legend class='e-hideme'>".LAN_CONFDELETE."</legend> <table class='table adminform'> <tr> <td class='center'> <strong>".(($action == "confdel") ? RL_LAN_047 : RL_LAN_065).$old_string."</strong> </td> </tr> </table> <div class='buttons-bar center'> <input type='hidden' name='backdeltype' value='{$action}' /> ".$frm->admin_button('confirmdeleteold', 'no-value', 'delete', RL_LAN_049)." ".$frm->admin_button('confirmcancelold', 'no-value', 'delete', LAN_CANCEL)." </div> </fieldset> </form> "; $ns->tablerender(LAN_CONFDELETE, $text); } */ }
function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); e107::getEvent()->trigger('admin_news_updated', $data['data']); $message = LAN_UPDATED; $emessage->add(LAN_UPDATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NO_CHANGE, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NO_CHANGE . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_CREATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); e107::getEvent()->trigger('admin_news_created', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_UPDATED, E_MESSAGE_ERROR, $smessages); } } //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
/** * Fix tables * FixArray eg. [core][table][field] = alter|create|index| etc. */ function runFix($fixArray = '') { $mes = e107::getMessage(); $log = e107::getAdminLog(); if (!is_array($fixArray)) { $fixArray = $this->fixList; // Fix All } foreach ($fixArray as $j => $file) { foreach ($file as $table => $val) { $id = $this->getId($this->tables[$j]['tables'], $table); foreach ($val as $field => $fixes) { foreach ($fixes as $mode) { if (substr($mode, 0, 5) == 'index') { $fdata = $this->getIndex($this->tables[$j]['data'][$id]); $newval = $this->toMysql($fdata[$field], 'index'); } else { $fdata = $this->getFields($this->tables[$j]['data'][$id]); $newval = $this->toMysql($fdata[$field]); } switch ($mode) { case 'alter': $query = "ALTER TABLE `" . MPREFIX . $table . "` CHANGE `{$field}` `{$field}` {$newval}"; break; case 'insert': $after = ($aft = $this->getPrevious($fdata, $field)) ? " AFTER {$aft}" : ""; $query = "ALTER TABLE `" . MPREFIX . $table . "` ADD `{$field}` {$newval}{$after}"; break; case 'drop': $query = "ALTER TABLE `" . MPREFIX . $table . "` DROP `{$field}` "; break; case 'index': $query = "ALTER TABLE `" . MPREFIX . $table . "` ADD {$newval} "; break; case 'indexdrop': $query = "ALTER TABLE `" . MPREFIX . $table . "` DROP INDEX `{$field}`"; break; case 'create': $query = "CREATE TABLE `" . MPREFIX . $table . "` (" . $this->tables[$j]['data'][$id] . ") ENGINE=MyISAM;"; break; } // $mes->addDebug("Query: ".$query); // continue; if (e107::getDb()->gen($query) !== false) { $log->addDebug(LAN_UPDATED . ' [' . $query . ']'); } else { $log->addWarning(LAN_UPDATED_FAILED . ' [' . $query . ']'); $log->addWarning(e107::getDb()->getLastErrorText()); // PDO compatible. /*if(mysql_errno()) { $log->addWarning('SQL #'.mysql_errno().': '.mysql_error()); }*/ } } } } // } $log->flushMessages("Database Table(s) Modified"); }
/** * Updates user status, primarily the user_ban field, to reflect outside events * * @param string $start - 'ban', 'bounce' * @param integer $uid - internal user ID, zero if not known * @param string $emailAddress - email address (optional) * * @return boolean | string - FALSE if user found, error message if not */ public function userStatusUpdate($action, $uid, $emailAddress = '') { $db = e107::getDb('user'); $qry = ''; $error = FALSE; // Assume no error to start with $uid = intval($uid); // Precautionary - should have already been done switch ($action) { case 'ban': $newVal = USER_BANNED; $logEvent = USER_AUDIT_BANNED; break; case 'bounce': $newVal = USER_EMAIL_BOUNCED; $logEvent = USER_AUDIT_MAIL_BOUNCE; break; case 'reset': $newVal = USER_BOUNCED_RESET; $logEvent = USER_AUDIT_BOUNCE_RESET; break; case 'temp': $newVal = USER_TEMPORARY_ACCOUNT; $logEvent = USER_AUDIT_TEMP_ACCOUNT; break; default: return 'Invalid action: ' . $action; } if ($uid) { $qry = '`user_id`=' . $uid; } if ($emailAddress) { if ($qry) { $qry .= ' OR '; } $qry .= "`user_email` = '{$emailAddress}'"; } if (FALSE === $db->select('user', 'user_id, user_email, user_ban, user_loginname', $qry . ' LIMIT 1')) { $error = 'User not found: ' . $uid . '/' . $emailAddress; } else { $row = $db->db_Fetch(MYSQL_ASSOC); if ($uid && $uid != $row['user_id']) { $error = 'UID mismatch: ' . $uid . '/' . $row['user_id']; } elseif ($emailAddress && $emailAddress != $row['user_email']) { $error = 'User email mismatch: ' . $emailAddress . '/' . $row['user_email']; } else { // Valid user! if ($row['user_ban'] != $newVal) { // Only update if needed $db->db_Update('user', '`user_ban` = ' . $newVal . ', `user_email` = \'\' WHERE `user_id` = ' . $row['user_id'] . ' LIMIT 1'); // Add to user audit log TODO: Should we log to admin log as well? $adminLog = e107::getAdminLog(); $adminLog->user_audit($logEvent, array('user_ban' => $newVal, 'user_email' => $row['user_email']), $row['user_id'], $row['user_loginname']); } } } return $error; }
function saveMailPrefs(&$mes) { if (!getperms('0')) { return; } //$pref = e107::getPref(); $e107 = e107::getInstance(); $tp = e107::getParser(); $mes = e107::getMessage(); $bounceOpts = array('none' => LAN_MAILOUT_232, 'auto' => LAN_MAILOUT_233, 'mail' => LAN_MAILOUT_234); unset($temp); if (!in_array($_POST['mailer'], array('smtp', 'sendmail', 'php'))) { $_POST['mailer'] = 'php'; } $temp['mailer'] = $_POST['mailer']; // Allow qmail as an option as well - works much as sendmail if (strpos($_POST['sendmail'], 'sendmail') !== FALSE || strpos($_POST['sendmail'], 'qmail') !== FALSE) { $temp['sendmail'] = $tp->toDB($_POST['sendmail']); } else { $temp['sendmail'] = ''; } $temp['smtp_server'] = $tp->toDB($_POST['smtp_server']); $temp['smtp_username'] = $tp->toDB($_POST['smtp_username']); $temp['smtp_password'] = $tp->toDB($_POST['smtp_password']); $smtp_opts = array(); switch (trim($_POST['smtp_options'])) { case 'smtp_ssl': $smtp_opts[] = 'secure=SSL'; break; case 'smtp_tls': $smtp_opts[] = 'secure=TLS'; break; case 'smtp_pop3auth': $smtp_opts[] = 'pop3auth'; break; } if (vartrue($_POST['smtp_keepalive'])) { $smtp_opts[] = 'keepalive'; } if (vartrue($_POST['smtp_useVERP'])) { $smtp_opts[] = 'useVERP'; } $temp['smtp_options'] = implode(',', $smtp_opts); $temp['mail_sendstyle'] = $tp->toDB($_POST['mail_sendstyle']); $temp['mail_pause'] = intval($_POST['mail_pause']); $temp['mail_pausetime'] = intval($_POST['mail_pausetime']); $temp['mail_workpertick'] = intval($_POST['mail_workpertick']); $temp['mail_workpertick'] = min($temp['mail_workpertick'], 1000); $temp['mail_bounce'] = isset($bounceOpts[$_POST['mail_bounce']]) ? $_POST['mail_bounce'] : 'none'; $temp['mail_bounce_auto'] = 0; // Make sure this is always defined switch ($temp['mail_bounce']) { case 'none': $temp['mail_bounce_email'] = ''; break; case 'auto': $temp['mail_bounce_email'] = $tp->toDB($_POST['mail_bounce_email2']); break; case 'mail': $temp['mail_bounce_email'] = $tp->toDB($_POST['mail_bounce_email']); $temp['mail_bounce_auto'] = intval($_POST['mail_bounce_auto']); break; } $temp['mail_bounce_pop3'] = $tp->toDB($_POST['mail_bounce_pop3']); $temp['mail_bounce_user'] = $tp->toDB($_POST['mail_bounce_user']); $temp['mail_bounce_pass'] = $tp->toDB($_POST['mail_bounce_pass']); $temp['mail_bounce_type'] = $tp->toDB($_POST['mail_bounce_type']); $temp['mail_bounce_delete'] = intval(varset($_POST['mail_bounce_delete'], 0)); $temp['mailout_enabled'] = implode(',', varset($_POST['mail_mailer_enabled'], '')); $temp['mail_log_options'] = intval($_POST['mail_log_option']) . ',' . intval($_POST['mail_log_email']); foreach ($temp as &$t) { if ($t === NULL) { $t = ''; } } $pref = e107::pref('core'); // Core Prefs Array. if (e107::getAdminLog()->logArrayDiffs($temp, $pref, 'MAIL_03')) { e107::getConfig()->updatePref($temp); e107::getConfig()->save(false); // Only save if changes - generates its own message } else { $mes->addInfo(LAN_NO_CHANGE); } }
private function menuPageSave() { $temp = array(); $tp = e107::getParser(); $log = e107::getAdminLog(); $menu_pref = e107::getConfig('menu')->getPref(''); $temp['banner_caption'] = $tp->toDB($_POST['banner_caption']); $temp['banner_amount'] = intval($_POST['banner_amount']); $temp['banner_rendertype'] = intval($_POST['banner_rendertype']); if (isset($_POST['multiaction_cat_active'])) { $cat = implode('|', $tp->toDB($_POST['multiaction_cat_active'])); $temp['banner_campaign'] = $cat; } if ($log->logArrayDiffs($temp, $menu_pref, 'BANNER_01')) { $menuPref = e107::getConfig('menu'); //e107::getConfig('menu')->setPref('', $menu_pref); //e107::getConfig('menu')->save(false, true, false); foreach ($temp as $k => $v) { $menuPref->setPref($k, $v); } $menuPref->save(false, true, false); e107::getMessage()->addSuccess(LAN_SAVED); $menu_pref = e107::getConfig('menu')->getPref(''); //banners_adminlog('01', $menu_pref['banner_caption'].'[!br!]'.$menu_pref['banner_amount'].', '.$menu_pref['banner_rendertype'].'[!br!]'.$menu_pref['banner_campaign']); } }
if (getperms('0')) { $ns->tablerender("Testing Mode", print_a($message, true)); require_once FOOTERF; exit; } // Try to send the email if (sendemail($clean_email, "" . LAN_09 . "" . SITENAME, $message)) { e107::getMessage()->addInfo(LAN_FPW6); $do_log['password_result'] = LAN_FPW20; } else { //$text = "<div style='text-align:center'>".LAN_02."</div>"; $do_log['password_result'] = LAN_FPW19; fpw_error(LAN_02); } // Log to user audit log e107::getAdminLog()->user_audit(USER_AUDIT_PW_RES, $do_log, $row['user_id'], $row['user_name']); $ns->tablerender(LAN_03, $text . e107::getMessage()->render()); require_once FOOTERF; exit; } else { //$text = LAN_213; //$ns->tablerender(LAN_214, "<div style='text-align:center'>".$text."</div>"); e107::getMessage()->addError(LAN_213); $ns->tablerender(LAN_214, e107::getMessage()->render()); } } $sc = array(); // needed? /* if (USE_IMAGECODE) {
/** * Zip up folders and files * @param array $filePaths * @param string $newFile */ public function zip($filePaths = null, $newFile = '', $options = array()) { if (empty($newFile)) { $newFile = e_BACKUP . eHelper::title2sef(SITENAME) . "_" . date("Y-m-d-H-i-s") . ".zip"; } if (is_null($filePaths)) { return "No file-paths set!"; } require_once e_HANDLER . 'pclzip.lib.php'; $archive = new PclZip($newFile); $removePath = !empty($options['remove_path']) ? $options['remove_path'] : e_BASE; if ($archive->create($filePaths, PCLZIP_OPT_REMOVE_PATH, $removePath) == 0) { $error = $archive->errorInfo(true); e107::getAdminLog()->addError($error)->save('FILE', E_LOG_NOTICE); return false; } else { return $newFile; } }
/** * Calculate 'global' maximum upload size - the maximum before extension-specific restrictions taken into account * * @param int $max_up - if > 0, its a global maximum permitted. If < 0, $pref['upload_maxfilesize'] is used (if set) * * @return int maximum allowed upload size for file */ function calc_max_upload_size($max_up = -1) { global $pref; $admin_log = e107::getAdminLog(); // Work out maximum allowable file size if (UH_DEBUG) { $admin_log->e_log_event(10, __FILE__ . "|" . __FUNCTION__ . "@" . __LINE__, "DEBUG", "Upload Handler test", "File size limits - user set: " . $pref['upload_maxfilesize'] . " Post_max_size: " . ini_get('post_max_size') . " upload_max_size: " . ini_get('upload_max_size'), FALSE, FALSE); } $max_upload_size = file_size_decode(ini_get('post_max_size')); $max_upload_size = file_size_decode(ini_get('upload_max_filesize'), $max_upload_size, 'lt'); if ($max_up > 0) { $max_upload_size = file_size_decode($max_up, $max_upload_size, 'lt'); } else { if (varset($pref['upload_maxfilesize'], 0) > 0) { $max_upload_size = file_size_decode($pref['upload_maxfilesize'], $max_upload_size, 'lt'); } } if (UH_DEBUG) { $admin_log->e_log_event(10, __FILE__ . "|" . __FUNCTION__ . "@" . __LINE__, "DEBUG", "Upload Handler test", "Final max upload size: {$max_upload_size}", FALSE, FALSE); } return $max_upload_size; }
/** * Quick Add user submit trigger */ public function AddSubmitTrigger() { $e107cache = e107::getCache(); $userMethods = e107::getUserSession(); $mes = e107::getMessage(); $sql = e107::getDb(); $e_event = e107::getEvent(); $admin_log = e107::getAdminLog(); if (!$_POST['ac'] == md5(ADMINPWCHANGE)) { exit; } $e107cache->clear('online_menu_member_total'); $e107cache->clear('online_menu_member_newest'); $error = false; if (isset($_POST['generateloginname'])) { $_POST['loginname'] = $userMethods->generateUserLogin($pref['predefinedLoginName']); } $_POST['password2'] = $_POST['password1'] = $_POST['password']; // Now validate everything $allData = validatorClass::validateFields($_POST, $userMethods->userVettingInfo, true); // Fix Display and user name if (!check_class($pref['displayname_class'], $allData['data']['user_class'])) { if ($allData['data']['user_name'] != $allData['data']['user_loginname']) { $allData['data']['user_name'] = $allData['data']['user_loginname']; $mes->addWarning(str_replace('[x]', $allData['data']['user_loginname'], USRLAN_237)); //$allData['errors']['user_name'] = ERR_FIELDS_DIFFERENT; } } // Do basic validation validatorClass::checkMandatory('user_name, user_loginname', $allData); // Check for missing fields (email done in userValidation() ) validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks $userMethods->userValidation($allData); // Do user-specific DB checks if (!isset($allData['errors']['user_password'])) { // No errors in password - keep it outside the main data array $savePassword = $allData['data']['user_password']; // Delete the password value in the output array unset($allData['data']['user_password']); } // Restrict the scope of this unset($_POST['password2'], $_POST['password1']); if (count($allData['errors'])) { $temp = validatorClass::makeErrorList($allData, 'USER_ERR_', '%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo); $mes->addError($temp); $error = true; } // Always save some of the entered data - then we can redisplay on error $user_data =& $allData['data']; if ($error) { $this->setParam('user_data', $user_data); return; } if (varset($_POST['perms'])) { $allData['data']['user_admin'] = 1; $allData['data']['user_perms'] = implode('.', $_POST['perms']); } $user_data['user_password'] = $userMethods->HashPassword($savePassword, $user_data['user_login']); $user_data['user_join'] = time(); if ($userMethods->needEmailPassword()) { // Save separate password encryption for use with email address $user_prefs = e107::getArrayStorage()->unserialize($user_data['user_prefs']); $user_prefs['email_password'] = $userMethods->HashPassword($savePassword, $user_data['user_email']); $user_data['user_prefs'] = e107::getArrayStorage()->serialize($user_prefs); unset($user_prefs); } $userMethods->userClassUpdate($allData['data'], 'userall'); //FIXME - (SecretR) there is a better way to fix this (missing default value, sql error in strict mode - user_realm is to be deleted from DB later) $allData['data']['user_realm'] = ''; // Set any initial classes $userMethods->addNonDefaulted($user_data); validatorClass::addFieldTypes($userMethods->userVettingInfo, $allData); $userid = $sql->insert('user', $allData); if ($userid) { $sysuser = e107::getSystemUser(false, false); $sysuser->setData($allData['data']); $sysuser->setId($userid); $user_data['user_id'] = $userid; // Add to admin log e107::getLog()->add('USET_02', "UName: {$user_data['user_name']}; Email: {$user_data['user_email']}", E_LOG_INFORMATIVE); // Add to user audit trail e107::getLog()->user_audit(USER_AUDIT_ADD_ADMIN, $user_data, 0, $user_data['user_loginname']); e107::getEvent()->trigger('userfull', $user_data); e107::getEvent()->trigger('admin_user_created', $user_data); // send everything available for user data - bit sparse compared with user-generated signup if (isset($_POST['sendconfemail'])) { $check = false; // Send confirmation email to user switch ((int) $_POST['sendconfemail']) { case 0: // activate, don't notify $check = -1; break; case 1: // activate and send password $check = $sysuser->email('quickadd', array('user_password' => $savePassword, 'mail_subject' => USRLAN_187 . SITENAME, 'activation_url' => USRLAN_238)); break; case 2: // require activation and send password and activation link $sysuser->set('user_ban', 2)->set('user_sess', e_user_model::randomKey())->save(); $check = $sysuser->email('quickadd', array('user_password' => $savePassword, 'mail_subject' => USRLAN_187 . SITENAME, 'activation_url' => SITEURL . "signup.php?activate." . $sysuser->getId() . "." . $sysuser->getValue('sess'))); break; } if ($check && $check !== -1) { $mes->addSuccess(USRLAN_188); } elseif (!$check) { $mes->addError(USRLAN_189); } } // $message = str_replace('--NAME--', htmlspecialchars($user_data['user_name'], ENT_QUOTES, CHARSET), USRLAN_174); $message = USRLAN_172; $mes->addSuccess($message)->addSuccess(USRLAN_128 . ': <strong>' . htmlspecialchars($user_data['user_loginname'], ENT_QUOTES, CHARSET) . '</strong>'); $mes->addSuccess(LAN_PASSWORD . ': <strong>' . htmlspecialchars($savePassword, ENT_QUOTES, CHARSET) . '</strong>'); return; } else { $mes->addError(LAN_CREATED_FAILED); $mes->addError($sql->getLastErrorText()); } }
public function __get($name) { switch ($name) { case 'tp': $ret = e107::getParser(); break; case 'sql': $ret = e107::getDb(); break; case 'ecache': $ret = e107::getCache(); break; case 'arrayStorage': $ret = e107::getArrayStorage(); break; case 'e_event': $ret = e107::getEvent(); break; case 'ns': $ret = e107::getRender(); break; case 'url': $ret = e107::getUrl(); break; case 'admin_log': $ret = e107::getAdminLog(); break; case 'override': $ret = e107::getSingleton('override', e_HANDLER . 'override_class.php'); break; case 'notify': $ret = e107::getNotify(); break; case 'e_online': $ret = e107::getOnline(); break; case 'eIPHandler': $ret = e107::getIPHandler(); break; case 'user_class': $ret = e107::getUserClass(); break; default: trigger_error('$e107->$' . $name . ' not defined', E_USER_WARNING); return null; break; } $this->{$name} = $ret; return $ret; }
function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); $message = LAN_NEWS_21; $emessage->add(LAN_NEWS_21, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NEWS_46, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NEWS_46 . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_NEWS_6, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_NEWS_7, E_MESSAGE_ERROR, $smessages); } } /* FIXME - trackback should be hooked! */ if ($news['news_id'] && $pref['trackbackEnabled']) { $excerpt = e107::getParser()->text_truncate(strip_tags(e107::getParser()->post_toHTML($news['news_body'])), 100, '...'); // $id=mysql_insert_id(); $permLink = $e107->base_path . "comment.php?comment.news." . intval($news['news_id']); require_once e_PLUGIN . "trackback/trackbackClass.php"; $trackback = new trackbackClass(); if ($_POST['trackback_urls']) { $urlArray = explode("\n", $_POST['trackback_urls']); foreach ($urlArray as $pingurl) { if (!($terror = $trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt))) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "<br />was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]"; $emessage->add("was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]", E_MESSAGE_ERROR, $smessages); } } } if (isset($_POST['pingback_urls'])) { if ($urlArray = $trackback->getPingUrls($news['news_body'])) { foreach ($urlArray as $pingurl) { if ($trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt)) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "Pingback to {$pingurl} failed ..."; $emessage->add("Pingback to {$pingurl} failed ...", E_MESSAGE_ERROR, $smessages); } } } else { $message .= "<br />No pingback addresses were discovered"; $emessage->add("No pingback addresses were discovered", E_MESSAGE_INFO, $smessages); } } } /* end trackback */ //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
function ping($xml_rpc_server, $xml_rpc_port, $xml_rpc_path, $weblog_name, $weblog_url, $changes_url, $cat_or_rss = '', $extended = false) { $mes = e107::getMessage(); $log = e107::getAdminLog(); $mes->addDebug("Attempting to ping: " . $xml_rpc_server, 'default', true); $name_param = new xmlrpcval($weblog_name, 'string'); $url_param = new xmlrpcval($weblog_url, 'string'); $changes_param = new xmlrpcval($changes_url, 'string'); $cat_or_rss_param = new xmlrpcval($cat_or_rss, 'string'); $method_name = $extended ? "weblogUpdates.extendedPing" : "weblogUpdates.ping"; if ($cat_or_rss != "") { $params = array($name_param, $url_param, $changes_param, $cat_or_rss_param); $call_text = "{$method_name}(\"{$weblog_name}\", \"{$weblog_url}\", \"{$changes_url}\", \"{$cat_or_rss}\")"; } else { if ($changes_url != "") { $params = array($name_param, $url_param, $changes_param); $call_text = "{$method_name}(\"{$weblog_name}\", \"{$weblog_url}\", \"{$changes_url}\")"; } else { $params = array($name_param, $url_param); $call_text = "{$method_name}(\"{$weblog_name}\", \"{$weblog_url}\")"; } } // create the message $message = new xmlrpcmsg($method_name, $params); $client = new xmlrpc_client($xml_rpc_path, $xml_rpc_server, $xml_rpc_port); $response = $client->send($message); $this->log_ping("Request: " . $call_text); $this->log_ping($message->serialize(), true); if ($response == 0) { $error_text = "Error: " . $xml_rpc_server . ": " . $client->errno . " " . $client->errstring; $this->report_error($error_text); $this->log_ping($error_text); $log->addArray(array('status' => LAN_ERROR, 'service' => $xml_rpc_server, 'url' => $changes_url, 'response' => $client->errstring))->save('PING_01'); return false; } if ($response->faultCode() != 0) { $error_text = "Error: " . $xml_rpc_server . ": " . $response->faultCode() . " " . $response->faultString(); $this->report_error($error_text); $log->addArray(array('status' => LAN_ERROR, 'service' => $xml_rpc_server, 'url' => $changes_url, 'response' => $response->faultString()))->save('PING_01'); return false; } $response_value = $response->value(); if ($this->debug) { $this->report_error($response_value->serialize()); } $this->log_ping($response_value->serialize(), true); $fl_error = $response_value->structmem('flerror'); $message = $response_value->structmem('message'); // read the response if ($fl_error->scalarval() != false) { $error_text = "Error: " . $xml_rpc_server . ": " . $message->scalarval(); $this->report_error($error_text); $log->addArray(array('status' => LAN_ERROR, 'service' => $xml_rpc_server, 'url' => $changes_url, 'response' => $message->scalarval()))->save('PING_01'); // $this->log_ping($error_text); return false; } $log->addArray(array('status' => LAN_OK, 'service' => $xml_rpc_server, 'url' => $changes_url, 'response' => $message->scalarval()))->save('PING_01'); return true; }
function delete_extended($_name) { $ue = e107::getUserExt(); $log = e107::getAdminLog(); $mes = e107::getMessage(); if ($ue->user_extended_remove($_name, $_name)) { $log->add('EUF_07', $_name, E_LOG_INFORMATIVE); $mes->addSuccess(LAN_DELETED . " [" . $_name . "]"); e107::getCache()->clear_sys('user_extended_struct', true); } else { $mes->addError(LAN_ERROR . " [" . $_name . "]"); } }
function importLink() { $sql = e107::getDb(); $tp = e107::getParser(); $log = e107::getAdminLog(); foreach ($_POST['importid'] as $import) { list($name, $url, $type) = explode("^", $import); $name = $tp->toDB($name); $url = $tp->toDB($url); $sql->db_Insert("gsitemap", "0, '{$name}', '{$url}', '" . time() . "', '" . $_POST['import_freq'] . "', '" . $_POST['import_priority'] . "', '{$type}', '0', '', '0' "); } $this->message = count($_POST['importid']) . " link(s) imported."; $log->log_event('GSMAP_01', $this->message, E_LOG_INFORMATIVE, ''); }
/** * Log event to admin log * * @param string $msg_num - exactly two numeric characters corresponding to a log message * @param string $woffle - information for the body of the log entre * * @return none */ function frontpage_adminlog($msg_num = '00', $woffle = '') { e107::getAdminLog()->log_event('FRONTPG_' . $msg_num, $woffle, E_LOG_INFORMATIVE, ''); }
break; // used in standard page output and internal JS includes // used in standard page output and internal JS includes case 'empty_browsercache': e107::getCache()->clearAll('browser'); e107::getAdminLog()->flushMessages(CACLAN_25); break; // all // all default: e107::getCache()->clearAll('content'); e107::getCache()->clearAll('system'); e107::getCache()->clearAll('db'); e107::getCache()->clearAll('image'); e107::getCache()->clearAll('browser'); e107::getAdminLog()->flushMessages(CACLAN_26); break; } } $syscache_files = glob(e_CACHE_CONTENT . 'S_*.*'); $cache_files = glob(e_CACHE_CONTENT . 'C_*.*'); $imgcache_files = glob(e_CACHE_IMAGE . '*.cache.bin'); $dbcache_files = glob(e_CACHE_DB . '*.php'); $syscache_files_num = count($syscache_files); $cache_files_num = count($cache_files); $imgcache_files_num = count($imgcache_files); $dbcache_files_num = count($dbcache_files); $syscache_label = $syscache_files_num . ' ' . ($syscache_files_num != 1 ? CACLAN_19 : CACLAN_18); $contentcache_label = $cache_files_num . ' ' . ($cache_files_num != 1 ? CACLAN_19 : CACLAN_18); $imgcache_label = $imgcache_files_num . ' ' . ($imgcache_files_num != 1 ? CACLAN_19 : CACLAN_18); $dbcache_label = $dbcache_files_num . ' ' . ($dbcache_files_num != 1 ? CACLAN_19 : CACLAN_18);
/** * @param $file * @param array $parm legacy|w|h * @return string * @example $tp->toImage('welcome.png', array('legacy'=>{e_IMAGE}newspost_images/','w'=>200)); */ public function toImage($file, $parm = array()) { if (!vartrue($file)) { return ''; } $file = trim($file); $ext = pathinfo($file, PATHINFO_EXTENSION); if ($ext != 'jpg' && $ext != 'gif' && $ext != 'png') { return ''; } $tp = e107::getParser(); if (!empty($parm['w'])) { $tp->setThumbSize($parm['w']); } if (!empty($parm['h'])) { $tp->setThumbSize(null, $parm['h']); } if (strpos($file, 'e_MEDIA') !== false || strpos($file, 'e_THEME') !== false) { $path = $tp->thumbUrl($file, null, null, true); } elseif ($file[0] == '{') { $path = $tp->replaceConstants($file, 'full'); } elseif (!empty($parm['legacy'])) { $legacyPath = $parm['legacy'] . $file; $filePath = $tp->replaceConstants($legacyPath, 'rel'); if (is_readable($filePath)) { $path = $tp->replaceConstants($legacyPath, 'full'); } else { $log = e107::getAdminLog(); $log->addDebug('Broken Icon Path: ' . $legacyPath . "\n" . print_r(debug_backtrace(null, 2), true), false)->save('IMALAN_00'); } } else { $path = $file; } if (empty($style)) { $insertStyle = ''; } else { $insertStyle = "style='"; } $alt = !empty($parm['alt']) ? $tp->toAttribute($parm['alt']) : basename($path); return "<img class='img-responsive' src='" . $path . "' alt=\"" . $alt . "\" {$insertStyle} />"; }
/** * Log event to admin log * * @param string $msg_num - exactly two numeric characters corresponding to a log message * @param string $woffle - information for the body of the log entre * * @return none */ function banlist_adminlog($msg_num = '00', $woffle = '') { e107::getAdminLog()->log_event('BANLIST_' . $msg_num, $woffle, E_LOG_INFORMATIVE, ''); }
/** * Login as another user account * @param integer $user_id * @return boolean success */ public final function loginAs($user_id) { // TODO - set session data required for loadAs() if ($this->getParentId() || !$this->isMainAdmin() || empty($user_id) || $this->getSessionDataAs() || $user_id == $this->getId()) { return false; } $key = $this->_session_key . '_as'; if ('session' == $this->_session_type) { $_SESSION[$key] = $user_id; } elseif ('cookie' == $this->_session_type) { $_COOKIE[$key] = $user_id; cookie($key, $user_id); } // TODO - lan e107::getAdminLog()->log_event('Head Admin used Login As feature', 'Head Admin [#' . $this->getId() . '] ' . $this->getName() . ' logged in user account #' . $user_id); //$this->loadAs(); - shouldn't be called here - loginAs should be called in Admin area only, loadAs - front-end return true; }
function pluginUpgrade() { $pref = e107::getPref(); $admin_log = e107::getAdminLog(); $plugin = e107::getPlugin(); $sql = e107::getDb(); $mes = e107::getMessage(); $plug = $plugin->getinfo($this->id); $_path = e_PLUGIN . $plug['plugin_path'] . '/'; if (file_exists($_path . 'plugin.xml')) { $plugin->install_plugin_xml($this->id, 'upgrade'); } else { include e_PLUGIN . $plug['plugin_path'] . '/plugin.php'; $func = $eplug_folder . '_upgrade'; if (function_exists($func)) { $text .= call_user_func($func); } if (is_array($upgrade_alter_tables)) { $result = $plugin->manage_tables('upgrade', $upgrade_alter_tables); if (true !== $result) { //$text .= EPL_ADLAN_9.'<br />'; $mes->addWarning(EPL_ADLAN_9)->addDebug($result); } else { $text .= EPL_ADLAN_7 . "<br />"; } } if (is_array($upgrade_add_prefs)) { $plugin->manage_prefs('add', $upgrade_add_prefs); $text .= EPL_ADLAN_8 . '<br />'; } if (is_array($upgrade_remove_prefs)) { $plugin->manage_prefs('remove', $upgrade_remove_prefs); } if (is_array($upgrade_add_array_pref)) { foreach ($upgrade_add_array_pref as $key => $val) { $plugin->manage_plugin_prefs('add', $key, $eplug_folder, $val); } } if (is_array($upgrade_remove_array_pref)) { foreach ($upgrade_remove_array_pref as $key => $val) { $plugin->manage_plugin_prefs('remove', $key, $eplug_folder, $val); } } $plugin->manage_search('upgrade', $eplug_folder); $plugin->manage_notify('upgrade', $eplug_folder); $eplug_addons = $plugin->getAddons($eplug_folder); $info = $plugin->getinfo($this->id); $name = deftrue($info['plugin_name'], $info['plugin_name']) . " v" . $eplug_version . "({e_PLUGIN}" . $info['plugin_path'] . ")"; e107::getLog()->add('PLUGMAN_02', $name, E_LOG_INFORMATIVE, ''); $text .= isset($eplug_upgrade_done) ? '<br />' . $eplug_upgrade_done : "<br />" . LAN_UPGRADE_SUCCESSFUL; $sql->update('plugin', "plugin_version ='{$eplug_version}', plugin_addons='{$eplug_addons}' WHERE plugin_id='{$this->id}' "); $pref['plug_installed'][$plug['plugin_path']] = $eplug_version; // Update the version e107::getConfig('core')->setPref($pref); $plugin->rebuildUrlConfig(); e107::getConfig('core')->save(); } $mes->addSuccess($text); $plugin->save_addon_prefs('update'); }
/** * Core CSF protection, see class2.php * Could be adopted by plugins for their own (different) protection logic * @param boolean $die * @return boolean */ public function check($die = true) { // define('e_TOKEN_NAME', 'e107_token_'.md5($_SERVER['HTTP_HOST'].e_HTTP)); // TODO e-token required for all system forms? // only if not disabled and not in 'cli' mod if (e_SECURITY_LEVEL < e_session::SECURITY_LEVEL_BALANCED || e107::getE107('cli')) { return true; } if ($this->getSessionId()) { if (isset($_POST['e-token']) && !$this->checkFormToken($_POST['e-token']) || isset($_GET['e-token']) && !$this->checkFormToken($_GET['e-token']) || isset($_POST['e_token']) && !$this->checkFormToken($_POST['e_token'])) { $details = "USER: "******"\n"; $details = "HOST: " . $_SERVER['HTTP_HOST'] . "\n"; $details .= "REQUEST_URI: " . $_SERVER['REQUEST_URI'] . "\n"; $details .= $_POST['e-token'] ? "e-token (POST): " . $_POST['e-token'] . "\n" : ""; $details .= $_GET['e-token'] ? "e-token (GET): " . $_GET['e-token'] . "\n" : ""; $details .= $_POST['e_token'] ? "AJAX e_token (POST): " . $_POST['e_token'] . "\n" : ""; $details .= "_SESSION:\n"; $details .= print_r($_SESSION, true); // $details .= "\n_POST:\n"; // $details .= print_r($_POST,true); // $details .= "\n_GET:\n"; // $details .= print_r($_GET,true); if ($pref['plug_installed']) { $details .= "\nPlugins:\n"; $details .= print_r($pref['plug_installed'], true); } $details .= "die = " . ($die == true ? 'true' : 'false') . "\n\n---------------------------------\n\n"; $log = e107::getAdminLog(); $log->addDebug($details); $log->toFile('Unauthorized_access', 'Unauthorized access Log', true); $log->add('Unauthorized access!', $details, E_LOG_FATAL); // e107::getAdminLog()->log_event('Unauthorized access!', $details, E_LOG_FATAL); // do not redirect, prevent dead loop, save server resources if ($die == true) { die('Unauthorized access!'); } return false; } } if (!defined('e_TOKEN')) { // FREEZE token regeneration if minimal, ajax or iframe (ajax and iframe not implemented yet) request $_toFreeze = e107::getE107('minimal') || e107::getE107('ajax') || e107::getE107('iframe'); if (!defined('e_TOKEN_FREEZE') && $_toFreeze) { define('e_TOKEN_FREEZE', true); } // __form_token_regenerate set in footer, so if footer is not called, token will be never regenerated! if (e_SECURITY_LEVEL == e_session::SECURITY_LEVEL_INSANE && !deftrue('e_TOKEN_FREEZE') && $this->has('__form_token_regenerate')) { $this->_regenerateFormToken()->clear('__form_token_regenerate'); } define('e_TOKEN', $this->getFormToken()); } return true; }
function update_706_to_800($type = '') { global $pref, $e107info; global $sysprefs, $eArrayStorage; //$mes = new messageLog; // Combined logging and message displaying handler //$mes = e107::getMessage(); $log = e107::getAdminLog(); // Used for combined logging and message displaying $sql = e107::getDb(); $sql2 = e107::getDb('sql2'); $tp = e107::getParser(); $ns = e107::getRender(); e107::getCache()->clearAll('db'); e107::getCache()->clearAll('system'); // List of unwanted $pref values which can go $obs_prefs = array('frontpage_type', 'rss_feeds', 'log_lvcount', 'zone', 'upload_allowedfiletype', 'real', 'forum_user_customtitle', 'utf-compatmode', 'frontpage_method', 'standards_mode', 'image_owner', 'im_quality', 'signup_option_timezone', 'modules', 'plug_sc', 'plug_bb', 'plug_status', 'plug_latest', 'subnews_hide_news', 'upload_storagetype'); // List of DB tables not required (includes a few from 0.6xx) $obs_tables = array('flood', 'headlines', 'stat_info', 'stat_counter', 'stat_last', 'session', 'preset', 'tinymce'); // List of DB tables newly required (defined in core_sql.php) (The existing dblog table gets renamed) // No Longer required. - automatically checked against core_sql.php. // $new_tables = array('audit_log', 'dblog', 'news_rewrite', 'core_media', 'core_media_cat','cron', 'mail_recipients', 'mail_content'); // List of core prefs that need to be converted from serialized to e107ArrayStorage. $serialized_prefs = array("'emote'", "'menu_pref'", "'search_prefs'", "'emote_default'", "'pm_prefs'"); $create_dir = array(e_MEDIA, e_SYSTEM, e_CACHE, e_CACHE_CONTENT, e_CACHE_IMAGE, e_CACHE_DB, e_LOG, e_BACKUP, e_CACHE_URL, e_TEMP, e_IMPORT); foreach ($create_dir as $dr) { if (!is_dir($dr)) { mkdir($dr, 0755); } } // List of changed DB tables (defined in core_sql.php) // No Longer required. - automatically checked against core_sql.php. // (primarily those which have changed significantly; for the odd field write some explicit code - it'll run faster) // $changed_tables = array('user', 'dblog', 'admin_log', 'userclass_classes', 'banlist', 'menus', // 'plugin', 'news', 'news_category', 'online', 'page', 'links', 'comments'); // List of changed DB tables from core plugins (defined in pluginname_sql.php file) // key = plugin directory name. Data = comma-separated list of tables to check // (primarily those which have changed significantly; for the odd field write some explicit code - it'll run faster) // No Longer required. - automatically checked by db-verify /* $pluginChangedTables = array('linkwords' => 'linkwords', 'featurebox' => 'featurebox', 'links_page' => 'links_page', 'poll' => 'polls', 'content' => 'pcontent' ); */ /* $setCorePrefs = array( //modified prefs during upgrade. 'adminstyle' => 'infopanel', 'admintheme' => 'bootstrap', 'admincss' => 'admin_style.css', 'resize_dimensions' => array( 'news-image' => array('w' => 250, 'h' => 250), 'news-bbcode' => array('w' => 250, 'h' => 250), 'page-bbcode' => array('w' => 250, 'h' => 250) ) ); */ $do_save = TRUE; // List of changed menu locations. $changeMenuPaths = array(array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'sitebutton_menu'), array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'compliance_menu'), array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'powered_by_menu'), array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'sitebutton_menu'), array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'counter_menu'), array('oldpath' => 'siteinfo_menu', 'newpath' => 'siteinfo', 'menu' => 'latestnews_menu'), array('oldpath' => 'compliance_menu', 'newpath' => 'siteinfo', 'menu' => 'compliance_menu'), array('oldpath' => 'powered_by_menu', 'newpath' => 'siteinfo', 'menu' => 'powered_by_menu'), array('oldpath' => 'sitebutton_menu', 'newpath' => 'siteinfo', 'menu' => 'sitebutton_menu'), array('oldpath' => 'counter_menu', 'newpath' => 'siteinfo', 'menu' => 'counter_menu'), array('oldpath' => 'usertheme_menu', 'newpath' => 'user', 'menu' => 'usertheme_menu'), array('oldpath' => 'userlanguage_menu', 'newpath' => 'user', 'menu' => 'userlanguage_menu'), array('oldpath' => 'lastseen_menu', 'newpath' => 'online', 'menu' => 'lastseen_menu'), array('oldpath' => 'other_news_menu', 'newpath' => 'news', 'menu' => 'other_news_menu'), array('oldpath' => 'other_news_menu', 'newpath' => 'news', 'menu' => 'other_news2_menu'), array('oldpath' => 'user_menu', 'newpath' => 'user', 'menu' => 'usertheme_menu'), array('oldpath' => 'user_menu', 'newpath' => 'user', 'menu' => 'userlanguage_menu'), array('oldpath' => 'poll_menu', 'newpath' => 'poll', 'menu' => 'poll_menu'), array('oldpath' => 'banner_menu', 'newpath' => 'banner', 'menu' => 'banner_menu'), array('oldpath' => 'online_menu', 'newpath' => 'online', 'menu' => 'online_menu')); // List of DB tables (key) and field (value) which need changing to accommodate IPV6 addresses $ip_upgrade = array('download_requests' => 'download_request_ip', 'submitnews' => 'submitnews_ip', 'tmp' => 'tmp_ip', 'chatbox' => 'cb_ip'); $db_parser = new db_table_admin(); // Class to read table defs and process them $do_save = FALSE; // Set TRUE to update prefs when update complete $updateMessages = array(); // Used to log actions for the admin log - TODO: will go once all converted to new class $just_check = $type == 'do' ? FALSE : TRUE; // TRUE if we're just seeing whether an update is needed // if (!$just_check) // { // foreach(vartrue($setCorePrefs) as $k=>$v) // { // $pref[$k] = $v; // } // } if (!$just_check) { $log->logMessage(LAN_UPDATE_14 . $e107info['e107_version'], E_MESSAGE_NODISPLAY); } $statusTexts = array(E_MESSAGE_SUCCESS => 'Success', E_MESSAGE_ERROR => 'Fail', E_MESSAGE_INFO => 'Info'); if (isset($pref['forum_user_customtitle']) && !isset($pref['signup_option_customtitle'])) { if ($just_check) { return update_needed('pref: forum_user_customtitle needs to be renamed'); } $pref['signup_option_customtitle'] = $pref['forum_user_customtitle']; unset($pref['forum_user_customtitle']); $log->logMessage(LAN_UPDATE_20 . 'customtitle', E_MESSAGE_SUCCESS); $do_save = TRUE; } // convert all serialized core prefs to e107 ArrayStorage; $serialz_qry = "SUBSTRING( e107_value,1,5)!='array' AND e107_value !='' "; $serialz_qry .= "AND e107_name IN (" . implode(",", $serialized_prefs) . ") "; if (e107::getDb()->select("core", "*", $serialz_qry)) { if ($just_check) { return update_needed('Convert serialized core prefs'); } while ($row = e107::getDb()->fetch(MYSQL_ASSOC)) { $status = e107::getDb('sql2')->update('core', "e107_value=\"" . convert_serialized($row['e107_value']) . "\" WHERE e107_name='" . $row['e107_name'] . "'") ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR; $log->addDebug(LAN_UPDATE_22 . $row['e107_name'] . ": " . $status); } } if (e107::getDb()->select("core", "*", "e107_name='pm_prefs' LIMIT 1")) { if ($just_check) { return update_needed('Rename the pm prefs'); } e107::getDb()->update("core", "e107_name='plugin_pm' WHERE e107_name = 'pm_prefs'"); } //@TODO de-serialize the user_prefs also. // Banlist if (!$sql->field('banlist', 'banlist_id')) { if ($just_check) { return update_needed('Banlist table requires updating.'); } $sql->gen("ALTER TABLE #banlist DROP PRIMARY KEY"); $sql->gen("ALTER TABLE `#banlist` ADD `banlist_id` INT( 11 ) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST"); } // Move the maximum online counts from menu prefs to a separate pref - 'history' e107::getCache()->clearAll('system'); $menuConfig = e107::getConfig('menu', true, true); if ($menuConfig->get('most_members_online') || $menuConfig->get('most_guests_online') || $menuConfig->get('most_online_datestamp')) { $status = E_MESSAGE_DEBUG; if ($just_check) { return update_needed('Move online counts from menupref'); } $newPrefs = e107::getConfig('history'); foreach (array('most_members_online', 'most_guests_online', 'most_online_datestamp') as $v) { if (FALSE === $newPrefs->get($v, FALSE)) { if (FALSE !== $menuConfig->get($v, FALSE)) { $newPrefs->set($v, $menuConfig->get($v)); } else { $newPrefs->set($v, 0); } } $menuConfig->remove($v); } $result = $newPrefs->save(false, true, false); if ($result === TRUE) { $resultMessage = 'Historic member counts updated'; $result = $menuConfig->save(false, true, false); // Only re-save if successul. } elseif ($result === FALSE) { $resultMessage = 'moving historic member counts'; $status = E_MESSAGE_ERROR; } else { // No change $resultMessage = 'Historic member counts already updated'; $status = E_MESSAGE_INFO; } // $result = $menuConfig->save(false, true, false); // Save updated menuprefs - without the counts - don't delete them if it fails. //$updateMessages[] = $statusTexts[$status].': '.$resultMessage; // Admin log message $log->logMessage($resultMessage, $status); // User message } // ++++++++ Modify Menu Paths +++++++. if (varset($changeMenuPaths)) { foreach ($changeMenuPaths as $val) { $qry = "SELECT menu_path FROM `#menus` WHERE menu_name = '" . $val['menu'] . "' AND (menu_path='" . $val['oldpath'] . "' || menu_path='" . $val['oldpath'] . "/' ) LIMIT 1"; if ($sql->gen($qry)) { if ($just_check) { return update_needed('Menu path changed required: ' . $val['menu'] . ' '); } $updqry = "menu_path='" . $val['newpath'] . "/' WHERE menu_name = '" . $val['menu'] . "' AND (menu_path='" . $val['oldpath'] . "' || menu_path='" . $val['oldpath'] . "/' ) "; $status = $sql->update('menus', $updqry) ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_23 . '<b>' . $val['menu'] . '</b> : ' . $val['oldpath'] . ' => ' . $val['newpath'], $status); // LAN_UPDATE_25; // catch_error($sql); } } } // Leave this one here.. just in case.. //delete record for online_extended_menu (now only using one online menu) if ($sql->db_Select('menus', '*', "menu_path='online_extended_menu' || menu_path='online_extended_menu/'")) { if ($just_check) { return update_needed("The Menu table needs to have some paths corrected in its data."); } $row = $sql->db_Fetch(); //if online_extended is activated, we need to activate the new 'online' menu, and delete this record if ($row['menu_location'] != 0) { $status = $sql->update('menus', "menu_name='online_menu', menu_path='online/' WHERE menu_path='online_extended_menu' || menu_path='online_extended_menu/' ") ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_23 . "<b>online_menu</b> : online/", $status); } else { //else if the menu is not active //we need to delete the online_extended menu row, and change the online_menu to online $sql->delete('menus', " menu_path='online_extended_menu' || menu_path='online_extended_menu/' "); $log->logMessage(LAN_UPDATE_31, E_MESSAGE_DEBUG); } catch_error($sql); } //change menu_path for online_menu (if it still exists) if ($sql->db_Select('menus', 'menu_path', "menu_path='online_menu' || menu_path='online_menu/'")) { if ($just_check) { return update_needed('change menu_path for online menu'); } $status = $sql->update('menus', "menu_path='online/' WHERE menu_path='online_menu' || menu_path='online_menu/' ") ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_23 . "<b>online_menu</b> : online/", $status); catch_error($sql); } if (!$just_check) { // Alert Admin to delete deprecated menu folders. $chgPath = array(); foreach ($changeMenuPaths as $cgpArray) { if (is_dir(e_PLUGIN . $cgpArray['oldpath'])) { if (!in_array($cgpArray['oldpath'], $chgPath)) { $chgPath[] = $cgpArray['oldpath']; } } } if (count($chgPath)) { $log->addWarning(LAN_UPDATE_57 . ' '); array_unique($chgPath); asort($chgPath); foreach ($chgPath as $cgp) { $log->addWarning(e_PLUGIN_ABS . "<b>" . $cgp . "</b>"); } } } //--------------------------------------------------------- // Comments - split user field //--------------------------------------------------------- if ($sql->db_Field('comments', 'comment_author')) { if ($just_check) { return update_needed('Comment table author field update'); } if (!$sql->db_Field('comments', 'comment_author_id') && !$sql->gen("ALTER TABLE `#comments`\r\n\t\t\t\tADD COLUMN comment_author_id int(10) unsigned NOT NULL default '0' AFTER `comment_author`,\r\n\t\t\t\tADD COLUMN comment_author_name varchar(100) NOT NULL default '' AFTER `comment_author_id`")) { // Flag error // $commentMessage = LAN_UPDAXXTE_34; $log->logMessage(LAN_UPDATE_21 . "comments", E_MESSAGE_ERROR); } else { if (FALSE === $sql->update('comments', "comment_author_id=SUBSTRING_INDEX(`comment_author`,'.',1), comment_author_name=SUBSTRING(`comment_author` FROM POSITION('.' IN `comment_author`)+1)")) { // Flag error $log->logMessage(LAN_UPDATE_21 . 'comments', E_MESSAGE_ERROR); } else { // Delete superceded field - comment_author if (!$sql->gen("ALTER TABLE `#comments` DROP COLUMN `comment_author`")) { // Flag error $log->logMessage(LAN_UPDATE_24 . 'comments - comment_author', E_MESSAGE_ERROR); } } } $log->logMessage(LAN_UPDATE_21 . 'comments', E_MESSAGE_DEBUG); } // Add index to download history // Deprecated by db-verify-class // if (FALSE !== ($temp = addIndexToTable('download_requests', 'download_request_datestamp', $just_check, $updateMessages))) // { // if ($just_check) // { // return update_needed($temp); // } // } // Extra index to tmp table // Deprecated by db-verify-class // if (FALSE !== ($temp = addIndexToTable('tmp', 'tmp_time', $just_check, $updateMessages))) // { // if ($just_check) // { // return update_needed($temp); // } // } // Extra index to rss table (if used) // Deprecated by db-verify-class // if (FALSE !== ($temp = addIndexToTable('rss', 'rss_name', $just_check, $updateMessages, TRUE))) // { // if ($just_check) // { // return update_needed($temp); // } // } // Front page prefs (logic has changed) if (!isset($pref['frontpage_force'])) { if ($just_check) { return update_needed('Change front page prefs'); } $pref['frontpage_force'] = array(e_UC_PUBLIC => ''); $fpdef = vartrue($pref['frontpage']['all']) == 'index.php' ? 'index.php' : 'news.php'; $pref['frontpage'] = array(e_UC_PUBLIC => $fpdef); // $_pdateMessages[] = LAN_UPDATE_38; //FIXME $log->logMessage(LAN_UPDATE_20 . "frontpage", E_MESSAGE_DEBUG); $do_save = TRUE; } // Check need for user timezone before we delete the field if (vartrue($pref['signup_option_timezone'])) { if ($sql->db_Field('user', 'user_timezone', '', TRUE) && !$sql->db_Field('user_extended', 'user_timezone', '', TRUE)) { if ($just_check) { return update_needed('Move user timezone info'); } if (!copy_user_timezone()) { // Error doing the transfer //$updateMessages[] = LAN_UPDATE_42; $log->logMessage(LAN_UPDATE_42, E_MESSAGE_ERROR); return FALSE; } //$updateMessages[] = LAN_UPDATE_41; $log->logMessage(LAN_UPDATE_41, E_MESSAGE_DEBUG); } } // Tables defined in core_sql.php to be RENAMED. // Next bit will be needed only by the brave souls who used an early CVS - probably delete before release if ($sql->isTable('rl_history') && !$sql->isTable('dblog')) { if ($just_check) { return update_needed('Rename rl_history to dblog'); } $sql->gen('ALTER TABLE `' . MPREFIX . 'rl_history` RENAME `' . MPREFIX . 'dblog`'); //$updateMessages[] = LAN_UPDATE_44; $log->logMessage(LAN_UPDATE_44, E_MESSAGE_DEBUG); catch_error($sql); } //--------------------------------- if ($sql->isTable('dblog') && !$sql->isTable('admin_log')) { if ($just_check) { return update_needed('Rename dblog to admin_log'); } $sql->gen('ALTER TABLE `' . MPREFIX . 'dblog` RENAME `' . MPREFIX . 'admin_log`'); catch_error($sql); //$updateMessages[] = LAN_UPDATE_43; $log->logMessage(LAN_UPDATE_43, E_MESSAGE_DEBUG); } // New tables required (list at top. Definitions in core_sql.php) // ALL DEPRECATED by db_verify class.. see below. /* foreach ($new_tables as $nt) { if (!$sql->isTable($nt)) { if ($just_check) return update_needed('Add table: '.$nt); // Get the definition $defs = $db_parser->get_table_def($nt,e_ADMIN.'sql/core_sql.php'); if (count($defs)) // **** Add in table here { $status = $sql->gen('CREATE TABLE `'.MPREFIX.$defs[0][1].'` ('.$defs[0][2].') TYPE='.$defs[0][3]) ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR; // $updateMessages[] = LAN_UPDATE_45.$defs[0][1]; $log->logMessage(LAN_UPDATE_27.$defs[0][1], $status); // catch_error($sql); } else { // error parsing defs file $log->logMessage(LAN_UPDATE_46.$defs[0][1], E_MESSAGE_ERROR); } unset($defs); } } // Tables whose definition needs changing significantly $debugLevel = E107_DBG_SQLDETAILS; foreach ($changed_tables as $ct) { $req_defs = $db_parser->get_table_def($ct,e_ADMIN."sql/core_sql.php"); $req_fields = $db_parser->parse_field_defs($req_defs[0][2]); // Required definitions if ($debugLevel) { $log->logMessage("Required table structure: <br />".$db_parser->make_field_list($req_fields), E_MESSAGE_DEBUG); } if ((($actual_defs = $db_parser->get_current_table($ct)) === FALSE) || !is_array($actual_defs)) // Adds current default prefix { $log->logMessage("Couldn't get table structure: ".$ct, E_MESSAGE_DEBUG); } else { // echo $db_parser->make_table_list($actual_defs); $actual_fields = $db_parser->parse_field_defs($actual_defs[0][2]); if ($debugLevel) { $log->logMessage("Actual table structure: <br />".$db_parser->make_field_list($actual_fields), E_MESSAGE_DEBUG); } $diffs = $db_parser->compare_field_lists($req_fields,$actual_fields); if (count($diffs[0])) { // Changes needed if ($just_check) return update_needed("Field changes rqd; table: ".$ct); // Do the changes here if ($debugLevel) { $log->logMessage("List of changes found:<br />".$db_parser->make_changes_list($diffs), E_MESSAGE_DEBUG); } $qry = 'ALTER TABLE '.MPREFIX.$ct.' '.implode(', ',$diffs[1]); if ($debugLevel) { $log->logMessage("Update Query used: ".$qry, E_MESSAGE_DEBUG); } $status = $sql->gen($qry) ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_21.$ct, $status); catch_error($sql); } } } // Plugin tables whose definition needs changing significantly foreach ($pluginChangedTables as $plugName => $plugList) { if (e107::isInstalled($plugName)) { $ttc = explode(',',$plugList); foreach ($ttc as $ct) { $sqlDefs = e_PLUGIN.$plugName.'/'.str_replace('_menu','',$plugName).'_sql.php'; // Filename containing definitions // echo "Looking at file: {$sqlDefs}, table {$ct}<br />"; $req_defs = $db_parser->get_table_def($ct,$sqlDefs); if (!is_array($req_defs)) { echo "Couldn't get definitions from file {$sqlDefs}<br />"; continue; } $req_fields = $db_parser->parse_field_defs($req_defs[0][2]); // Required definitions if (E107_DBG_SQLDETAILS) { $message = "Required plugin table structure: <br />".$db_parser->make_field_list($req_fields); $log->logMessage($message, E_MESSAGE_DEBUG); } if ((($actual_defs = $db_parser->get_current_table($ct)) === FALSE) || !is_array($actual_defs)) // Adds current default prefix { // echo "Couldn't get table structure: {$ct}<br />"; } else { // echo $db_parser->make_table_list($actual_defs); $actual_fields = $db_parser->parse_field_defs($actual_defs[0][2]); if (E107_DBG_SQLDETAILS) { $message= "Actual table structure: <br />".$db_parser->make_field_list($actual_fields); $log->logMessage($message, E_MESSAGE_DEBUG); } $diffs = $db_parser->compare_field_lists($req_fields,$actual_fields); if (count($diffs[0])) { // Changes needed if (E107_DBG_SQLDETAILS) { $message = "List of changes found:<br />".$db_parser->make_changes_list($diffs); $log->logMessage($message, E_MESSAGE_DEBUG); } if ($just_check) return update_needed("Field changes rqd; plugin table: ".$ct); // Do the changes here $qry = 'ALTER TABLE '.MPREFIX.$ct.' '.implode(', ',$diffs[1]); if (E107_DBG_SQLDETAILS) { $message = "Update Query used: ".$qry."<br />"; $log->logMessage($message, E_MESSAGE_DEBUG); } $sql->gen($qry); $updateMessages[] = LAN_UPDATE_51.$ct; $log->logMessage(LAN_UPDATE_51.$ct, E_MESSAGE_SUCCESS); catch_error($sql); } } } } } */ // Obsolete tables (list at top) $sql->mySQLtableList = false; // clear the cached table list. foreach ($obs_tables as $ot) { if ($sql->isTable($ot)) { if ($just_check) { return update_needed("Delete table: " . $ot); } $status = $sql->gen('DROP TABLE `' . MPREFIX . $ot . '`') ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_25 . $ot, $status); } } // Tables where IP address field needs updating to accommodate IPV6 // Set to varchar(45) - just in case something uses the IPV4 subnet (see http://en.wikipedia.org/wiki/IPV6#Notation) foreach ($ip_upgrade as $t => $f) { if ($sql->isTable($t)) { // Check for table - might add some core plugin tables in here if ($field_info = $sql->db_Field($t, $f, '', TRUE)) { if (strtolower($field_info['Type']) != 'varchar(45)') { if ($just_check) { return update_needed('Update IP address field ' . $f . ' in table ' . $t); } $status = $sql->gen("ALTER TABLE `" . MPREFIX . $t . "` MODIFY `{$f}` VARCHAR(45) NOT NULL DEFAULT '';") ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $log->logMessage(LAN_UPDATE_26 . $t . ' - ' . $f, $status); // catch_error($sql); } } else { // Got a strange error here } } } // Obsolete prefs (list at top) // Intentionally do this last - we may check some of them during the update $accum = array(); foreach ($obs_prefs as $p) { if (isset($pref[$p])) { if ($just_check) { return update_needed('Remove obsolete prefs'); } unset($pref[$p]); $do_save = TRUE; $log->addDebug('Removed obsolete pref: ' . $p); // $accum[] = $p; } } /* -------------- Upgrade Entire Table Structure - Multi-Language Supported ----------------- */ // ONLY ever add fields, never deletes. require_once e_HANDLER . "db_verify_class.php"; $dbv = new db_verify(); if ($plugUpgradeReq = e107::getPlugin()->updateRequired()) { $exclude = array_keys($plugUpgradeReq); // search xxxxx_setup.php and check for 'upgrade_required()' == true. asort($exclude); } else { $exclude = false; } $dbv->compareAll($exclude); // core & plugins, but not plugins calling for an update with xxxxx_setup.php if (count($dbv->errors)) { if ($just_check) { $mes = e107::getMessage(); $log->addDebug(print_a($dbv->errors, true)); return update_needed("Database Tables require updating."); } $dbv->compileResults(); $dbv->runFix(); // Fix entire core database structure and plugins too. } // print_a($dbv->results); // print_a($dbv->fixList); //TODO - send notification messages to Log. if ($sql->field('page', 'page_theme') && $sql->gen("SELECT * FROM `#page` WHERE page_theme != '' AND menu_title = '' LIMIT 1")) { if ($just_check) { return update_needed("Pages/Menus Table requires updating."); } if ($sql->update('page', "menu_name = page_theme, menu_title = page_title, menu_text = page_text, menu_template='default', page_title = '', page_text = '' WHERE page_theme !='' AND menu_title = '' AND menu_text = '' ")) { $sql->gen("ALTER TABLE `#page` DROP page_theme "); $mes = e107::getMessage(); $log->addDebug("Successfully updated pages/menus table to new format. "); } } if ($sql->field('plugin', 'plugin_releaseUrl')) { if ($just_check) { return update_needed('plugin_releaseUrl is deprecated and needs to be removed. '); } if ($sql->gen("ALTER TABLE `#plugin` DROP `plugin_releaseUrl`")) { $log->addDebug("Successfully removed plugin_releaseUrl. "); } } // --- Notify Prefs // $notify_prefs = $sysprefs -> get('notify_prefs'); // $notify_prefs = $eArrayStorage -> ReadArray($notify_prefs); e107::getCache()->clearAll('system'); $notify_prefs = e107::getConfig('notify', true, true)->getPref(); $nt_changed = 0; if (vartrue($notify_prefs['event'])) { foreach ($notify_prefs['event'] as $e => $d) { if (isset($d['type'])) { if ($just_check) { return update_needed('Notify pref: ' . $e . ' outdated'); } switch ($d['type']) { case 'main': $notify_prefs['event'][$e]['class'] = e_UC_MAINADMIN; break; case 'class': // Should already have class defined break; case 'email': $notify_prefs['event'][$e]['class'] = 'email'; break; case 'off': // Need to disable // Need to disable default: $notify_prefs['event'][$e]['class'] = e_UC_NOBODY; // Just disable if we don't know what else to do } $nt_changed++; $notify_prefs['event'][$e]['legacy'] = 1; unset($notify_prefs['event'][$e]['type']); } } } if ($nt_changed) { $s_prefs = $tp->toDB($notify_prefs); $s_prefs = $eArrayStorage->WriteArray($s_prefs); // Could we use $sysprefs->set($s_prefs,'notify_prefs') instead - avoids caching problems ???? $status = $sql->update("core", "e107_value='" . $s_prefs . "' WHERE e107_name='notify_prefs'") !== FALSE ? E_MESSAGE_DEBUG : E_MESSAGE_ERROR; $message = str_replace('--COUNT--', $nt_changed, LAN_UPDATE_20); $log->logMessage($message, $status); } // --------------- Saved emails - copy across if (!$just_check && $sql->db_Select('generic', '*', "gen_type='massmail'")) { if ($just_check) { return update_needed('Copy across saved emails'); } require_once e_HANDLER . 'mail_manager_class.php'; $mailHandler = new e107MailManager(); $i = 0; while ($row = $sql->db_Fetch(MYSQL_ASSOC)) { $mailRecord = array('mail_create_date' => $row['gen_datestamp'], 'mail_creator' => $row['gen_user_id'], 'mail_title' => $row['gen_ip'], 'mail_subject' => $row['gen_ip'], 'mail_body' => $row['gen_chardata'], 'mail_content_status' => MAIL_STATUS_SAVED); $mailHandler->mailtoDb($mailRecord, TRUE); $mailHandler->saveEmail($mailRecord, TRUE); $sql2->delete('generic', 'gen_id=' . intval($row['gen_id'])); // Delete as we go in case operation fails part way through $i++; } unset($mailHandler); $log->logMessage(str_replace('--COUNT--', $i, LAN_UPDATE_28)); } // ------------------- Populate Plugin Table With Changes ------------------ if (!isset($pref['shortcode_legacy_list'])) { if ($just_check) { return update_needed('Legacy shortcode conversion'); } // Reset, legacy and new shortcode list will be generated in plugin update routine $pref['shortcode_legacy_list'] = array(); $pref['shortcode_list'] = array(); save_prefs(); $ep = e107::getPlugin(); $ep->update_plugins_table($mode); // scan for e_xxx changes and save to plugin table. $ep->save_addon_prefs($mode); // generate global e_xxx_list prefs from plugin table. } // This has to be done after the table is upgraded if ($sql->select('plugin', 'plugin_category', "plugin_category = ''")) { if ($just_check) { return update_needed('Update plugin table'); } require_once e_HANDLER . 'plugin_class.php'; $ep = new e107plugin(); $ep->update_plugins_table('update'); // $_pdateMessages[] = LAN_UPDATE_XX24; // catch_error($sql); } //-- Media-manger import -------------------------------------------------- // Autogenerate filetypes.xml if not found. if (!is_readable(e_SYSTEM . "filetypes.xml")) { $data = '<?xml version="1.0" encoding="utf-8"?> <e107Filetypes> <class name="253" type="zip,gz,jpg,jpeg,png,gif,xml" maxupload="2M" /> </e107Filetypes>'; file_put_contents(e_SYSTEM . "filetypes.xml", $data); } $root_media = str_replace(basename(e_MEDIA) . "/", "", e_MEDIA); $user_media_dirs = array("images", "avatars", "avatars/default", "avatars/upload", "files", "temp", "videos", "icons"); // check for old paths and rename. if (is_dir($root_media . "images") || is_dir($root_media . "temp")) { foreach ($user_media_dirs as $md) { @rename($root_media . $md, e_MEDIA . $md); } } // create sub-directories if they do not exist. if (!is_dir(e_MEDIA . "images") || !is_dir(e_MEDIA . "temp") || !is_dir(e_AVATAR_UPLOAD) || !is_dir(e_AVATAR_DEFAULT)) { foreach ($user_media_dirs as $md) { if (!is_dir(e_MEDIA . $md)) { mkdir(e_MEDIA . $md); } } } // Move Avatars to new location $av1 = e107::getFile()->get_files(e_FILE . 'public/avatars', '.jpg|.gif|.png|.GIF|.jpeg|.JPG|.PNG'); $av2 = e107::getFile()->get_files(e_IMAGE . 'avatars', '.jpg|.gif|.png|.GIF|.jpeg|.JPG|.PNG'); $avatar_images = array_merge($av1, $av2); if (count($avatar_images)) { if ($just_check) { return update_needed('Avatar paths require updating.'); } foreach ($avatar_images as $av) { $apath = strstr($av['path'], 'public/') ? e_AVATAR_UPLOAD : e_AVATAR_DEFAULT; @rename($av['path'] . $av['fname'], $apath . $av['fname']); } } // ------------------------------- if (!e107::isInstalled('download') && $sql->gen("SELECT * FROM #links WHERE link_url LIKE 'download.php%' AND link_class != '" . e_UC_NOBODY . "' LIMIT 1")) { if ($just_check) { return update_needed('Download Plugin needs to be installed.'); } // e107::getSingleton('e107plugin')->install('download',array('nolinks'=>true)); e107::getSingleton('e107plugin')->refresh('download'); } if (!e107::isInstalled('banner') && $sql->isTable('banner')) { if ($just_check) { return update_needed('Banner Table found, but plugin not installed. Needs to be refreshed.'); } e107::getSingleton('e107plugin')->refresh('banner'); } // --------------------------------- $med = e107::getMedia(); // Media Category Update if ($sql->db_Field("core_media_cat", "media_cat_nick")) { $count = $sql->gen("SELECT * FROM `#core_media_cat` WHERE media_cat_nick = '_common' "); if ($count == 1) { if ($just_check) { return update_needed('Media-Manager Categories needs to be updated.'); } $sql->update('core_media_cat', "media_cat_owner = media_cat_nick, media_cat_category = media_cat_nick WHERE media_cat_nick REGEXP '_common|news|page|_icon_16|_icon_32|_icon_48|_icon_64' "); $sql->update('core_media_cat', "media_cat_owner = '_icon', media_cat_category = media_cat_nick WHERE media_cat_nick REGEXP '_icon_16|_icon_32|_icon_48|_icon_64' "); $sql->update('core_media_cat', "media_cat_owner = 'download', media_cat_category='download_image' WHERE media_cat_nick = 'download' "); $sql->update('core_media_cat', "media_cat_owner = 'download', media_cat_category='download_thumb' WHERE media_cat_nick = 'downloadthumb' "); $sql->update('core_media_cat', "media_cat_owner = 'news', media_cat_category='news_thumb' WHERE media_cat_nick = 'newsthumb' "); $log->addDebug("core-media-cat Categories and Ownership updated"); if ($sql->gen("ALTER TABLE `" . MPREFIX . "core_media_cat` DROP `media_cat_nick`")) { $log->addDebug("core-media-cat `media_cat_nick` field removed."); } // $query = "INSERT INTO `".MPREFIX."core_media_cat` (`media_cat_id`, `media_cat_owner`, `media_cat_category`, `media_cat_title`, `media_cat_diz`, `media_cat_class`, `media_cat_image`, `media_cat_order`) VALUES // (0, 'gallery', 'gallery_1', 'Gallery 1', 'Visible to the public at /gallery.php', 0, '', 0); /// "; // // if(mysql_query($query)) // { // $log->addDebug("Added core-media-cat Gallery."); // } } } // Media Update $count = $sql->gen("SELECT * FROM `#core_media` WHERE media_category = 'newsthumb' OR media_category = 'downloadthumb' LIMIT 1 "); if ($count == 1) { if ($just_check) { return update_needed('Media-Manager Data needs to be updated.'); } $sql->update('core_media', "media_category='download_image' WHERE media_category = 'download' "); $sql->update('core_media', "media_category='download_thumb' WHERE media_category = 'downloadthumb' "); $sql->update('core_media', "media_category='news_thumb' WHERE media_category = 'newsthumb' "); $log->addDebug("core-media Category names updated"); } // Media Update - core media and core-file. $count = $sql->gen("SELECT * FROM `#core_media` WHERE media_category = '_common' LIMIT 1 "); if ($count == 1) { if ($just_check) { return update_needed('Media-Manager Category Data needs to be updated.'); } $sql->update('core_media', "media_category='_common_image' WHERE media_category = '_common' "); $log->addDebug("core-media _common Category updated"); } // Media Update - core media and core-file. CATEGORY $count = $sql->gen("SELECT * FROM `#core_media_cat` WHERE media_cat_category = '_common' LIMIT 1 "); if ($count == 1) { if ($just_check) { return update_needed('Media-Manager Category Data needs to be updated.'); } $sql->update('core_media_cat', "media_cat_category='_common_image' WHERE media_cat_category = '_common' "); $sql->gen("INSERT INTO `" . MPREFIX . "core_media_cat` VALUES(0, '_common', '_common_file', '(Common Area)', 'Media in this category will be available in all areas of admin. ', 253, '', 0);"); $sql->gen("INSERT INTO `" . MPREFIX . "core_media_cat` VALUES(0, 'download', 'download_file', 'Download Files', '', 253, '', 0);"); $log->addDebug("core-media-cat _common Category updated"); } $count = $sql->gen("SELECT * FROM `#core_media_cat` WHERE `media_cat_owner` = '_common' LIMIT 1 "); if ($count != 1) { if ($just_check) { return update_needed('Add Media-Manager Categories and Import existing images.'); } $e107_core_media_cat = array(array('media_cat_id' => 0, 'media_cat_owner' => '_common', 'media_cat_category' => '_common_image', 'media_cat_title' => '(Common Images)', 'media_cat_sef' => '', 'media_cat_diz' => 'Media in this category will be available in all areas of admin.', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => '_common', 'media_cat_category' => '_common_file', 'media_cat_title' => '(Common Files)', 'media_cat_sef' => '', 'media_cat_diz' => 'Media in this category will be available in all areas of admin.', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => 'news', 'media_cat_category' => 'news', 'media_cat_title' => 'News', 'media_cat_sef' => '', 'media_cat_diz' => 'Will be available in the news area.', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '1'), array('media_cat_id' => 0, 'media_cat_owner' => 'page', 'media_cat_category' => 'page', 'media_cat_title' => 'Custom Pages', 'media_cat_sef' => '', 'media_cat_diz' => 'Will be available in the custom pages area of admin.', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => 'download', 'media_cat_category' => 'download_image', 'media_cat_title' => 'Download Images', 'media_cat_sef' => '', 'media_cat_diz' => '', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => 'download', 'media_cat_category' => 'download_thumb', 'media_cat_title' => 'Download Thumbnails', 'media_cat_sef' => '', 'media_cat_diz' => '', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => 'download', 'media_cat_category' => 'download_file', 'media_cat_title' => 'Download Files', 'media_cat_sef' => '', 'media_cat_diz' => '', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '0'), array('media_cat_id' => 0, 'media_cat_owner' => 'news', 'media_cat_category' => 'news_thumb', 'media_cat_title' => 'News Thumbnails (Legacy)', 'media_cat_sef' => '', 'media_cat_diz' => 'Legacy news thumbnails.', 'media_cat_class' => '253', 'media_cat_image' => '', 'media_cat_order' => '1')); foreach ($e107_core_media_cat as $insert) { $sql->insert('core_media_cat', $insert); } // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, '_common', '_common_image', '(Common Images)', '', 'Media in this category will be available in all areas of admin. ', 253, '', 1);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, '_common', '_common_file', '(Common Files)', '', 'Media in this category will be available in all areas of admin. ', 253, '', 2);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'news', 'news', 'News', '', 'Will be available in the news area. ', 253, '', 3);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'page', 'page', 'Custom Pages', '', 'Will be available in the custom pages area of admin. ', 253, '', 4);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'download', 'download_image','', 'Download Images', '', 253, '', 5);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'download', 'download_thumb', '', 'Download Thumbnails', '', 253, '', 6);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'download', 'download_file', '', 'Download Files', '', 253, '', 7);"); // mysql_query("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'gallery', 'gallery_1', 'Gallery', 'Visible to the public at /gallery.php', 0, '', 0);"); // $sql->gen("INSERT INTO `".MPREFIX."core_media_cat` VALUES(0, 'news', 'news_thumb', 'News Thumbnails (Legacy)', '', 'Legacy news thumbnails. ', 253, '', 8);"); $med->import('news_thumb', e_IMAGE . 'newspost_images', "^thumb_"); $med->import('news', e_IMAGE . 'newspost_images'); $med->import('page', e_IMAGE . 'custom'); } else { // $log->addDebug("Media COUNT was ".$count. " LINE: ".__LINE__); } // Check for Legacy Download Images. $fl = e107::getFile(); $dl_images = $fl->get_files(e_FILE . 'downloadimages'); if (count($dl_images) && !$sql->gen("SELECT * FROM `#core_media` WHERE `media_category` = 'download_image' ")) { if ($just_check) { return update_needed('Import Download Images into Media Manager'); } $med->import('download_image', e_FILE . 'downloadimages'); $med->import('download_thumb', e_FILE . 'downloadthumbs'); } $dl_files = $fl->get_files(e_FILE . 'downloads', "", "standard", 5); // don't use e_DOWNLOAD or a loop may occur. $publicFilter = array('_FT', '^thumbs\\.db$', '^Thumbs\\.db$', '.*\\._$', '^\\.htaccess$', '^\\.cvsignore$', '^\\.ftpquota$', '^index\\.html$', '^null\\.txt$', '\\.bak$', '^.tmp'); // Default file filter (regex format) // $publicFilter = array(1); $public_files = $fl->get_files(e_FILE . 'public', '', $publicFilter); if ((count($dl_files) || count($public_files)) && !$sql->gen("SELECT * FROM `#core_media` WHERE `media_category` = 'download_file' ")) { if ($just_check) { return update_needed('Import ' . count($dl_files) . ' Download File(s) and ' . count($public_files) . ' Public File(s) into Media Manager'); } if ($sql->gen("SELECT download_url FROM `#download` ")) { $allowed_types = array(); while ($row = $sql->fetch()) { $ext = strrchr($row['download_url'], "."); $suffix = ltrim($ext, "."); if (!isset($allowed_types[$suffix])) { $allowed_types[$suffix] = $suffix; } } $allowed_types = array_unique($allowed_types); } else { $allowed_types = array('zip', 'gz', 'pdf'); } $fmask = '[a-zA-z0-9_-]+\\.(' . implode('|', $allowed_types) . ')$'; $med->import('download_file', e_DOWNLOAD, $fmask); $med->import('_common_file', e_FILE . 'public', $fmask); } $count = $sql->gen("SELECT * FROM `#core_media_cat` WHERE media_cat_owner='_icon' "); if (!$count) { if ($just_check) { return update_needed('Add icons to media-manager'); } $query = "INSERT INTO `" . MPREFIX . "core_media_cat` (`media_cat_id`, `media_cat_owner`, `media_cat_category`, `media_cat_title`, `media_cat_diz`, `media_cat_class`, `media_cat_image`, `media_cat_order`) VALUES\r\n\t\t(0, '_icon', '_icon_16', 'Icons 16px', 'Available where icons are used in admin. ', 253, '', 0),\r\n\t\t(0, '_icon', '_icon_32', 'Icons 32px', 'Available where icons are used in admin. ', 253, '', 0),\r\n\t\t(0, '_icon', '_icon_48', 'Icons 48px', 'Available where icons are used in admin. ', 253, '', 0),\r\n\t\t(0, '_icon', '_icon_64', 'Icons 64px', 'Available where icons are used in admin. ', 253, '', 0);\r\n\t\t"; if (!$sql->gen($query)) { // echo "mysyql error"; // error or already exists. } $med->importIcons(e_PLUGIN); $med->importIcons(e_IMAGE . "icons/"); $med->importIcons(e_THEME . $pref['sitetheme'] . "/images/"); $log->addDebug("Icon category added"); } // Search Clean up ---------------------------------- $searchPref = e107::getConfig('search'); if ($searchPref->getPref('core_handlers/news')) { if ($just_check) { return update_needed('Core search handlers need to be updated.'); } $searchPref->removePref('core_handlers/news')->save(false, true, false); } if ($searchPref->getPref('core_handlers/downloads')) { if ($just_check) { return update_needed('Core search handlers need to be updated.'); } $searchPref->removePref('core_handlers/downloads')->save(false, true, false); } if ($searchPref->getPref('core_handlers/pages')) { if ($just_check) { return update_needed('Core search handlers need to be updated.'); } $searchPref->removePref('core_handlers/pages')->save(false, true, false); e107::getSingleton('e107plugin')->refresh('page'); } // Clean up news keywords. - remove spaces between commas. if ($sql->select('news', 'news_id', "news_meta_keywords LIKE '%, %' LIMIT 1")) { if ($just_check) { return update_needed('News keywords contain spaces between commas and needs to be updated. '); } $sql->update('news', "news_meta_keywords = REPLACE(news_meta_keywords, ', ', ',')"); } // Any other images should be imported manually via Media Manager batch-import. // ------------------------------------------------------------------ // Check that custompages have been imported from current theme.php file if (!$just_check) { if (!is_array($pref['sitetheme_layouts']) || !vartrue($pref['sitetheme_deflayout'])) { $th = e107::getSingleton('themeHandler'); $tmp = $th->getThemeInfo($pref['sitetheme']); if ($th->setTheme($pref['sitetheme'], false)) { $log->addDebug("Updated SiteTheme prefs"); } else { $log->addDebug("Couldn't update SiteTheme prefs"); } } $log->toFile('upgrade_v1_to_v2'); if ($do_save) { save_prefs(); $log->logMessage(LAN_UPDATE_50); // $log->logMessage(implode(', ', $accum), E_MESSAGE_NODISPLAY); //$updateMessages[] = LAN_UPDATE_50.implode(', ',$accum); // Note for admin log } $log->flushMessages('UPDATE_01'); // Write admin log entry, update message handler } else { $log->toFile('upgrade_v1_to_v2_check'); } //FIXME grab message-stack from $log for the log. //if ($just_check) return TRUE; //e107::getLog()->add('UPDATE_01',LAN_UPDATE_14.$e107info['e107_version'].'[!br!]'.implode('[!br!]',$updateMessages),E_LOG_INFORMATIVE,''); // Log result of actual update return $just_check; }
$logVals .= "&ip=" . USERIP; $logVals .= "&iphost=" . @gethostbyaddr(USERIP); $logVals .= "&lan=" . e_LAN; $logVals .= "&agent=" . $_SERVER['HTTP_USER_AGENT']; parse_str($logVals, $vals); $vals['referer'] = urldecode($vals['referer']); $vals['eself'] = urldecode($vals['eself']); if (empty($_SESSION['log_userLoggedPages']) || !in_array($vals['eself'], $_SESSION['log_userLoggedPages'])) { $_SESSION['log_userLoggedPages'][] = $vals['eself']; $logVals .= "&unique=1"; } else { $logVals .= "&unique=0"; } $logVals = str_replace('%3A', ':', $logVals); // make the URLs a bit cleaner, while keeping any urlqueries encoded. $lg = e107::getAdminLog(); $lg->addDebug(print_r($logVals, true)); $lg->toFile('SiteStats', 'Statistics Log', true); e107::getEvent()->trigger('user_log_stats', $vals); // ------------------------------------ --------------------- // We MUST have a timezone set in PHP >= 5.3. This should work for PHP >= 5.1: // @todo may be able to remove this check once minimum PHP version finalised if (function_exists('date_default_timezone_get')) { date_default_timezone_set(@date_default_timezone_get()); // Just set a default - it should default to UTC if no timezone set } //$logfp = fopen(e_LOG.'rcvstring.txt', 'a+'); fwrite($logfp, $logVals."\n"); fclose($logfp); //$logfp = fopen(e_LOG.'rcvstring.txt', 'a+'); fwrite($logfp, print_r($vals, TRUE)."\n"); fclose($logfp); $colour = strip_tags(isset($vals['colour']) ? $vals['colour'] : ''); $res = strip_tags(isset($vals['res']) ? $vals['res'] : ''); $self = strip_tags(isset($vals['eself']) ? $vals['eself'] : '');
/** * Log event to admin log * * @param string $msg_num - 2-digit event number (MUST be as a string) * @param string $woffle - log detail * * @return none */ function userclass2_adminlog($msg_num = '00', $woffle = '') { e107::getAdminLog()->log_event('UCLASS_' . $msg_num, $woffle, E_LOG_INFORMATIVE, ''); }
// list($user_id, $user_name, $userpass) = $sql->db_Fetch(); // Calculate class membership - needed for a couple of things // Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point $class_list = explode(',', $row['user_class']); if ($row['user_admin'] && strlen($row['user_perms'])) { $class_list[] = e_UC_ADMIN; if (strpos($row['user_perms'], '0') === 0) { $class_list[] = e_UC_MAINADMIN; } } $class_list[] = e_UC_MEMBER; $class_list[] = e_UC_PUBLIC; $user_logging_opts = array_flip(explode(',', varset($pref['user_audit_opts'], ''))); if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'], ''), $class_list)) { // Need to note in user audit trail e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, '', $user_id, $user_name); } $edata_li = array("user_id" => $row['user_id'], "user_name" => $row['user_name'], 'class_list' => implode(',', $class_list), 'user_admin' => $row['user_admin']); // Fix - set cookie before login trigger session_set(e_COOKIE, $cookieval, time() + 3600 * 24 * 30); e107::getEvent()->trigger("login", $edata_li); e107::getRedirect()->redirect(e_ADMIN_ABS . 'admin.php'); //echo "<script type='text/javascript'>document.location.href='admin.php'</script>\n"; } } $e_sub_cat = 'logout'; if (ADMIN == FALSE) { define("e_IFRAME", TRUE); } if (!defset('NO_HEADER')) { require_once e_ADMIN . "header.php";
/** * Check the banlist table. $query is used to determine the match. * If $do_return, will always return with ban status - TRUE for OK, FALSE for banned. * If return permitted, will never display a message for a banned user; otherwise will display any message then exit * @todo consider whether can be simplified * * @param string $query - the 'WHERE' part of the DB query to be executed * @param boolean $show_error - if true, adds a '403 Forbidden' header for a banned user * @param boolean $do_return - if TRUE, returns regardless without displaying anything. if FALSE, for a banned user displays any message and exits * @return boolean TRUE for OK, FALSE for banned. */ public function checkBan($query, $show_error = TRUE, $do_return = FALSE) { $sql = e107::getDb(); $pref = e107::getPref(); $tp = e107::getParser(); $admin_log = e107::getAdminLog(); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Check for Ban",$query,FALSE,LOG_TO_ROLLING); if ($sql->select('banlist', '*', $query . ' ORDER BY `banlist_bantype` DESC')) { // Any whitelist entries will be first, because they are positive numbers - so we can answer based on the first DB record read $row = $sql->fetch(); if ($row['banlist_bantype'] >= eIPHandler::BAN_TYPE_WHITELIST) { //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING); return TRUE; // Whitelisted entry } // Found banlist entry in table here if ($row['banlist_banexpires'] > 0 && $row['banlist_banexpires'] < time()) { // Ban has expired - delete from DB $sql->delete('banlist', $query); $this->regenerateFiles(); return TRUE; } // User is banned hereafter - just need to sort out the details. if (vartrue($pref['ban_retrigger']) && vartrue($pref['ban_durations'][$row['banlist_bantype']])) { // May need to retrigger ban period $sql->update('banlist', "`banlist_banexpires`=" . intval(time() + $pref['ban_durations'][$row['banlist_bantype']] * 60 * 60), "WHERE `banlist_ip`='{$row['banlist_ip']}'"); $this->regenerateFiles(); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING); } //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Active Ban",$query,FALSE,LOG_TO_ROLLING); if ($show_error) { header('HTTP/1.1 403 Forbidden', true); } if (isset($pref['ban_messages'])) { // May want to display a message // Ban still current here if ($do_return) { return FALSE; } echo $tp->toHTML(varset($pref['ban_messages'][$row['banlist_bantype']])); // Show message if one set } //$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, 'BAN_03', 'LAN_AUDIT_LOG_003', $query, FALSE, LOG_TO_ROLLING); exit; } //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING); return TRUE; // Email address OK }
/** * Batch Delete records * @param mixed $ids * @param boolean $destroy [optional] destroy object instance after db delete * @param boolean $session_messages [optional] * @return integer deleted records number or false on DB error */ public function delete($ids, $destroy = true, $session_messages = false) { if (!$ids) { return 0; } if (!is_array($ids)) { $ids = explode(',', $ids); } $tp = e107::getParser(); $ids = array_map(array($tp, 'toDB'), $ids); $idstr = implode(', ', $ids); $sql = e107::getDb(); $table = $this->getModelTable(); $sqlQry = $this->getFieldIdName() . ' IN (\'' . $idstr . '\')'; $res = $sql->db_Delete($table, $sqlQry); $this->_db_errno = $sql->getLastErrorNumber(); $this->_db_errmsg = $sql->getLastErrorText(); $this->_db_qry = $sql->getLastQuery(); $modelCacheCheck = $this->getParam('clearModelCache'); if (!$res) { if ($sql->getLastErrorNumber()) { $this->addMessageError('SQL Delete Error: ' . $sql->getLastQuery(), $session_messages); //TODO - Lan $this->addMessageDebug('SQL Error #' . $sql->getLastErrorNumber() . ': ' . $sql->getLastErrorText()); } } elseif ($destroy || $modelCacheCheck) { foreach ($ids as $id) { if ($this->hasNode($id)) { $this->getNode($id)->clearCache()->setMessages($session_messages); if ($destroy) { call_user_func(array($this->getNode(trim($id)), 'destroy')); // first call model destroy method if any $this->setNode($id, null); } } } } $logData = array('TABLE' => $table, 'WHERE' => $sqlQry); e107::getAdminLog()->addArray($logData)->save('ADMINUI_03'); return $res; }