  * Save a user's new password
 function ChangePass()
     global $langmessage, $config;
     $fields = 0;
     if (!empty($_POST['oldpassword'])) {
     if (!empty($_POST['password'])) {
     if (!empty($_POST['password1'])) {
     if ($fields < 2) {
         //assume user didn't try to reset password
     //make sure password and password1 match
     if (!$this->CheckPasswords()) {
         return false;
     //check the old password
     $pass_hash = gpsession::PassAlgo($this->user_info);
     $oldpass = common::hash($_POST['oldpassword'], $pass_hash);
     if ($this->user_info['password'] != $oldpass) {
         return false;
     self::SetUserPass($this->users[$this->username], $_POST['password']);
Exemple #2
  * Save changes made to an existing user's permissions
 function SaveChanges()
     global $langmessage, $dataDir, $gpAdmin;
     $username =& $_REQUEST['username'];
     if (!isset($this->users[$username])) {
         return false;
     if (!empty($_POST['email'])) {
         $this->users[$username]['email'] = $_POST['email'];
     $this->users[$username]['granted'] = $this->GetPostedPermissions($username);
     $this->users[$username]['editing'] = $this->GetEditingPermissions();
     //this needs to happen before SaveUserFile();
     //update the /_session file
     $userinfo =& $this->users[$username];
     $userinfo = gpsession::SetSessionFileName($userinfo, $username);
     //make sure $userinfo['file_name'] is set
     if (!$this->SaveUserFile()) {
         return false;
     // update the $user_file_name file
     $is_curr_user = $gpAdmin['username'] == $username;
     $this->UserFileDetails($username, $is_curr_user);
     return true;
 function DoChange()
     global $gpAdmin;
Exemple #4
 public function SessionStart()
     $username = '******';
     $users = gpFiles::Get('_site/users');
     $userinfo = $users[$username];
     $session_id = gpsession::create($userinfo, $username, $sessions);
     $logged_in = gpsession::start($session_id, $sessions);
     self::AssertTrue($logged_in, 'Not Logged In');
  * Save a user's new password
 function ResetPass()
     global $langmessage, $config;
     if (!$this->CheckPasswords()) {
         return false;
     $username = $_POST['username'];
     if (!isset($this->users[$username])) {
         return false;
     $pass_hash = gpsession::PassAlgo($this->users[$username]);
     $this->users[$username]['password'] = common::hash($_POST['password'], $pass_hash);
     return $this->SaveUserFile();
Exemple #6
  * Prepare and output any inline Javascript for the current page
  * @static
 static function GetHead_InlineJS()
     global $page, $linkPrefix, $GP_INLINE_VARS;
     if (gpdebugjs) {
         if (is_string(gpdebugjs)) {
             $GP_INLINE_VARS['debugjs'] = 'send';
         } else {
             $GP_INLINE_VARS['debugjs'] = true;
     if (common::LoggedIn()) {
         $GP_INLINE_VARS += array('isadmin' => true, 'gpBLink' => common::HrefEncode($linkPrefix, false), 'post_nonce' => common::new_nonce('post', true));
     if (count($GP_INLINE_VARS) > 0) {
         echo 'var ';
         $comma = '';
         foreach ($GP_INLINE_VARS as $key => $value) {
             echo $comma . $key . '=' . json_encode($value);
             $comma = ',';
         echo ';';
     $inline = ob_get_clean();
     if (!empty($inline)) {
         echo "\n<script>\n" . $inline . "\n</script>";
     echo $page->head_script;
     if (!empty($page->jQueryCode)) {
         echo '$(function(){';
         echo $page->jQueryCode;
         echo '});';
     $inline = ob_get_clean();
     $inline = ltrim($inline);
     if (!empty($inline)) {
         echo "\n<script>\n" . $inline . "\n</script>\n";
  * Make sure the current user stays logged in after a revert is completed
 function TransferSession()
     global $gpAdmin, $dataDir;
     $username = $gpAdmin['username'];
     // get user info
     include $dataDir . '/data/_site/users.php';
     $userinfo =& $users[$username];
     $session_id = gpsession::create($userinfo, $username);
     if (!$session_id) {
     //set the cookie for the new data
     $config = gpFiles::Get('_site/config');
     $session_cookie = 'gpEasy_' . substr(sha1($config['gpuniq']), 12, 12);
     gpsession::cookie($session_cookie, $session_id);
     //set the update gpuniq value for the post_nonce
     $GLOBALS['config']['gpuniq'] = $config['gpuniq'];
Exemple #8
    static function Install_DataFiles_New($destination = false, $config = array(), $base_install = true)
        global $langmessage;
        if ($destination === false) {
            $destination = $GLOBALS['dataDir'];
        //set config variables
        //$config = array(); //because of ftp values
        $gpLayouts = array();
        //use bootswatch theme if server has enough memory
        $gpLayouts['default']['theme'] = 'Bootswatch_Flatly/4_Sticky_Footer';
        $gpLayouts['default']['label'] = 'Bootswatch_Flatly/4_Sticky_Footer';
        if (@ini_set('memory_limit', '96M') === false) {
            $limit = ini_get('memory_limit');
            $limit = common::getByteValue($limit);
            if ($limit < 100663296) {
                $gpLayouts['default']['theme'] = 'Three_point_5/Shore';
                $gpLayouts['default']['label'] = 'Three_point_5/Shore';
        $gpLayouts['default']['color'] = '#93c47d';
        $_config['toemail'] = $_POST['email'];
        $_config['gpLayout'] = 'default';
        $_config['title'] = Install_Tools::Install_Title();
        $_config['keywords'] = CMS_NAME . ' , Easy CMS, Content Management, PHP, Free CMS, Website builder, Open Source';
        $_config['desc'] = 'A new ' . CMS_NAME . ' installation. You can change your site\'s description in the configuration.';
        $_config['timeoffset'] = '0';
        $_config['langeditor'] = 'inherit';
        $_config['dateformat'] = '%m/%d/%y - %I:%M %p';
        $_config['gpversion'] = gpversion;
        $_config['passhash'] = 'sha512';
        $_config['gpuniq'] = common::RandomString(20);
        $_config['combinecss'] = Install_Tools::BooleanValue('combinecss', true);
        $_config['combinejs'] = Install_Tools::BooleanValue('combinejs', true);
        $_config['etag_headers'] = Install_Tools::BooleanValue('etag_headers', true);
        $_config['language'] = 'en';
        $config += $_config;
        gpFiles::CheckDir($destination . '/data/_uploaded/image');
        gpFiles::CheckDir($destination . '/data/_uploaded/media');
        gpFiles::CheckDir($destination . '/data/_uploaded/file');
        gpFiles::CheckDir($destination . '/data/_uploaded/flash');
        gpFiles::CheckDir($destination . '/data/_sessions');
        // gp_index
        $new_index = array();
        $new_index['Home'] = 'a';
        $new_index['Heading_Page'] = 'b';
        $new_index['Help_Videos'] = 'c';
        $new_index['Child_Page'] = 'd';
        $new_index['More'] = 'e';
        $new_index['About'] = 'f';
        $new_index['Contact'] = 'special_contact';
        $new_index['Site_Map'] = 'special_site_map';
        $new_index['Galleries'] = 'special_galleries';
        $new_index['Missing'] = 'special_missing';
        $new_index['Search'] = 'special_gpsearch';
        //	gpmenu
        $new_menu = array();
        $new_menu['a'] = array('level' => 0);
        $new_menu['b'] = array('level' => 0);
        $new_menu['c'] = array('level' => 1);
        $new_menu['d'] = array('level' => 1);
        $new_menu['e'] = array('level' => 0);
        $new_menu['f'] = array('level' => 1);
        $new_menu['special_contact'] = array('level' => 1);
        //	links
        $new_titles = array();
        $new_titles['a']['label'] = 'Home';
        $new_titles['a']['type'] = 'text';
        $new_titles['b']['label'] = 'Heading Page';
        $new_titles['b']['type'] = 'text';
        $new_titles['c']['label'] = 'Help Videos';
        $new_titles['c']['type'] = 'text';
        $new_titles['d']['label'] = 'Child Page';
        $new_titles['d']['type'] = 'text';
        $new_titles['e']['label'] = 'More';
        $new_titles['e']['type'] = 'text';
        $new_titles['f']['label'] = 'About';
        $new_titles['f']['type'] = 'text';
        $new_titles['special_contact']['lang_index'] = 'contact';
        $new_titles['special_contact']['type'] = 'special';
        $new_titles['special_site_map']['lang_index'] = 'site_map';
        $new_titles['special_site_map']['type'] = 'special';
        $new_titles['special_galleries']['lang_index'] = 'galleries';
        $new_titles['special_galleries']['type'] = 'special';
        $new_titles['special_missing']['label'] = 'Missing';
        $new_titles['special_missing']['type'] = 'special';
        $new_titles['special_gpsearch']['label'] = 'Search';
        $new_titles['special_gpsearch']['type'] = 'special';
        $pages = array();
        $pages['gp_index'] = $new_index;
        $pages['gp_menu'] = $new_menu;
        $pages['gp_titles'] = $new_titles;
        $pages['gpLayouts'] = $gpLayouts;
        echo '<li>';
        if (!gpFiles::SaveData($destination . '/data/_site/pages.php', 'pages', $pages)) {
            echo '<span class="failed">';
            //echo 'Could not save pages.php';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'pages.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        //echo 'Pages.php saved.';
        echo sprintf($langmessage['_SAVED'], 'pages.php');
        echo '</span>';
        echo '</li>';
        // Home
        $content = '<h2>Welcome!</h2>
		<p>Welcome to your new ' . CMS_NAME . ' powered website. Now that ' . CMS_NAME . ' is installed, you can start editing the content and customizing your site.</p>
		<h3>Getting Started</h3>
		<p>You are currently viewing the default home page of your website. Here\'s a quick description of how to edit this page.</p>
		<li>First make sure you&#39;re ' . Install_Tools::Install_Link_Content('Admin', 'logged in', 'file=Home') . '.</li>
		<li>Then, to edit this page, click the &quot;Edit&quot; link that appears when you move your mouse over the content.</li>
		<li>Make your edits, click &quot;Save&quot; and you&#39;re done!</li>
		<h3>More Options</h3>
		<li>Adding, renaming, deleting and organising your pages can all be done in the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</li>
		<li>Choose from a ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'variety of themes') . ' to give your site a custom look.</li>
		<li>Then, you can ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'add, remove and rearrange', 'cmd=editlayout') . ' the content of your site without editing the html.</li>
		<li>Take a look at the Administrator Toolbar to access all the features of ' . CMS_NAME . '.</li>
		<h3>Online Resources</h3>
		<p>' . CMS_READABLE_DOMAIN . ' has a number of resources to help you do even more.</p>
		<li>Find more community developed <a href="' . CMS_DOMAIN . '/Themes" title="' . CMS_NAME . ' Themes">themes</a> and <a href="' . CMS_DOMAIN . '/Plugins" title="' . CMS_NAME . ' Plugin">plugins</a> to enhance your site.</li>
		<li>Get help in the <a href="' . CMS_DOMAIN . '/Forum" title="' . CMS_NAME . ' Forum">' . CMS_NAME . ' forum</a>.</li>
		<li>Show off your <a href="' . CMS_DOMAIN . '/Powered_by" title="Sites Using ' . CMS_NAME . '">' . CMS_NAME . ' powered site</a> or list your <a href="' . CMS_DOMAIN . '/Service_Provider" title="Businesses Using ' . CMS_NAME . '">' . CMS_NAME . ' related business</a>.</li>
        self::NewTitle($destination, 'Home', $content, $config, $new_index);
        // Heading Page
        $content = '<h1>A Heading Page</h1>
		<ul><li>' . Install_Tools::Install_Link_Content('Help_Videos', 'Help Videos') . '</li>
		<li>' . Install_Tools::Install_Link_Content('Child_Page', 'Child Page') . '</li>
        self::NewTitle($destination, 'Heading_Page', $content, $config, $new_index);
        // Help Videos
        $content = '<h1>Help Videos</h1>
		<p>Video tutorials are often a fast and easy way to learn new things quickly.
		We now have an English version and Deutsch (German) available below.
		If you make a video tutorial for ' . CMS_NAME . ', <a href="' . CMS_DOMAIN . '/Contact">let us know</a>, and we\'ll make sure it\'s included in our list.
		<p>And as always, to edit this page, just click the "Edit" button while logged in.</p>

		<p><iframe width="640" height="360" src="http://www.youtube.com/embed/KCnGpUzYTbQ" frameborder="0" allowfullscreen></iframe></p>

		<p>Created by <a href="' . CMS_DOMAIN . '/Service_Provider?id=57" title="IT Ricther on ' . CMS_READABLE_DOMAIN . '">IT Richter</a></p>
		<p><iframe width="640" height="360" src="http://www.youtube.com/embed/04cNgR1EiFY" frameborder="0" allowfullscreen></iframe></p>';
        self::NewTitle($destination, 'Help_Videos', $content, $config, $new_index);
        // Child Page
        $content = '<h1>A Child Page</h1><p>This was created as a subpage of your <em>Help Videos</em> . You can easily change the arrangement of all your pages using the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</p>';
        self::NewTitle($destination, 'Child_Page', $content, $config, $new_index);
        // More
        $content = '<h1>More</h1>
		<ul><li>' . Install_Tools::Install_Link_Content('About', 'About') . '</li>
		<li>' . Install_Tools::Install_Link_Content('Contact', 'Contact') . '</li>
        self::NewTitle($destination, 'More', $content, $config, $new_index);
        // About
        $content = '<h1>About ' . CMS_NAME . '</h1><p><a href="' . CMS_DOMAIN . '" title="' . CMS_READABLE_DOMAIN . '">' . CMS_NAME . '</a> is a complete Content Management System (CMS) that can help you create rich and flexible web sites with a simple and easy to use interface.</p>
		<h2>' . CMS_NAME . ' How To</h2>
		<p>Learn how to <a href="' . CMS_DOMAIN . '/Docs/Main/Admin" title="' . CMS_NAME . ' File Management">manage your files</a>,
		<a href="' . CMS_DOMAIN . '/Docs/Main/Creating%20Galleries" title="Creating Galleries in ' . CMS_NAME . '">create galleries</a> and more in the
		<a href="' . CMS_DOMAIN . '/Docs/index.php/" title="' . CMS_NAME . ' Documentation">' . CMS_NAME . ' Documentation</a>.

		<h2>' . CMS_NAME . ' Features</h2>
		<li>True WYSIWYG (Using CKEditor)</li>
		<li>Galleries (Using ColorBox)</li>
		<li>SEO Friendly Links</li>
		<li>Free and Open Source (GPL)</li>
		<li>Runs on PHP</li>
		<li>File Upload Manager</li>
		<li>Drag \'n Drop Theme Content</li>
		<li>Deleted File Trash Can</li>
		<li>Multiple User Administration</li>
		<li>Flat File Storage</li>
		<li>Fast Page Loading</li>
		<li>Fast and Easy Installation</li>
		<li>reCaptcha for Contact Form</li>
		<li>HTML Tidy (when available)</li>
        self::NewTitle($destination, 'About', $content, $config, $new_index);
        $file = $destination . '/data/_extra/Side_Menu.php';
        $content = '<h3>Join the ' . CMS_NAME . ' Community</h3>
		<p>Visit ' . CMS_READABLE_DOMAIN . ' to access the many <a href="' . CMS_DOMAIN . '/Resources" title="' . CMS_NAME . ' Community Resources">available resources</a> to help you get the most out of our CMS.</p>
		<li><a href="' . CMS_DOMAIN . '/Themes" title="' . CMS_NAME . ' Themes">Download Themes</a></li>
		<li><a href="' . CMS_DOMAIN . '/Plugins" title="' . CMS_NAME . ' Plugin">Download Plugins</a></li>
		<li><a href="' . CMS_DOMAIN . '/Forum" title="' . CMS_NAME . ' Forum">Get Help in the Forum</a></li>
		<li><a href="' . CMS_DOMAIN . '/Powered_by" title="Sites using ' . CMS_NAME . '">Show off Your Site</a></li>
		<li><a href="' . CMS_DOMAIN . '/Resources" title="' . CMS_NAME . ' Community Resources">And Much More...</a></li>
		<p class="sm">(Edit this content by clicking &quot;Edit&quot;, it&#39;s that easy!)</p>';
        self::NewExtra($file, $content);
        $file = $destination . '/data/_extra/Header.php';
        $content = '<h1>' . $config['title'] . '</h1>
		<h4>' . 'The Fast and Easy CMS' . '</h4>';
        self::NewExtra($file, $content);
        $file = $destination . '/data/_extra/Footer.php';
        $content = '<h3><a href="' . CMS_DOMAIN . '/Our_CMS" title="Features of Our CMS">' . CMS_NAME . ' Features</a></h3>
		<p>Easy to use True WYSIWYG Editing.</p>
		<p>Flat-file data storage and advanced resource management for fast websites.</p>
		<p>Community driven development</p>
		<p><a href="' . CMS_DOMAIN . '/Our_CMS" title="Features of Our CMS">And More...</a></p>
		<p>If you like ' . CMS_NAME . ', then you might also like
		<a href="http://lessphp.gpeasy.com" title="A Less to CSS compiler based on the official lesscss project">Less.php</a>,
		<a href="http://whatcms.org" title="What CMS? Find out what CMS a site is using">WhatCMS.org</a> and
		<a href="http://whichcms.org" title="Which CMS? Find out which CMS has the features you\'re looking for.">WhichCMS.org</a>.
        self::NewExtra($file, $content);
        //Another example area
        $file = $destination . '/data/_extra/Lorem.php';
        $content = '<h3>Heading</h3>
		<p>Donec sed odio dui. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Vestibulum id ligula porta felis euismod semper. Fusce dapibus, tellus ac cursus commodo, tortor mauris condimentum nibh, ut fermentum massa justo sit amet risus.</p>';
        self::NewExtra($file, $content);
        //contact html
        $file = $destination . '/data/_extra/Contact.php';
        self::NewExtra($file, '<h2>Contact Us</h2><p>Use the form below to contact us, and be sure to enter a valid email address if you want to hear back from us.</p>');
        echo '<li>';
        $user_info = array();
        $user_info['password'] = common::hash($_POST['password'], 'sha512');
        $user_info['passhash'] = 'sha512';
        $user_info['granted'] = 'all';
        $user_info['editing'] = 'all';
        $user_info['email'] = $_POST['email'];
        $users = array();
        $username = $_POST['username'];
        //log user in here to finish user_info
        if ($base_install) {
            gp_defined('gp_session_cookie', gpsession::SessionCookie($config['gpuniq']));
            gpsession::create($user_info, $username, $sessions);
        $users[$username] = $user_info;
        if (!gpFiles::SaveData($destination . '/data/_site/users.php', 'users', $users)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'users.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'users.php');
        echo '</span>';
        echo '</li>';
        //save config
        //not using SaveConfig() because $config is not global here
        echo '<li>';
        $config['file_count'] = self::$file_count;
        if (!gpFiles::SaveData($destination . '/data/_site/config.php', 'config', $config)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'config.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'config.php');
        echo '</span>';
        echo '</li>';
        if ($base_install) {
            Install_Tools::InstallHtaccess($destination, $config);
        gpFiles::Unlock('write', gp_random);
        return true;
Exemple #9
  * Display the password algorithm being used for the user
 function PassAlgo($userinfo)
     $algo = gpsession::PassAlgo($userinfo);
     switch ($algo) {
         case 'md5':
         case 'sha1':
             $this->has_weak_pass = true;
             echo '<span style="color:red">' . $algo . '</span>';
     echo $algo;
Exemple #10
  * Handle admin login/logout/session_start if admin session parameters exist
 static function sessions()
     //alternate sessions
     if (defined('gpcom_sessions')) {
         include gpcom_sessions;
     $cmd = '';
     if (isset($_GET['cmd']) && $_GET['cmd'] == 'logout') {
         $cmd = 'logout';
     } elseif (isset($_POST['cmd']) && $_POST['cmd'] == 'login') {
         $cmd = $_POST['cmd'];
     } elseif (count($_COOKIE)) {
         foreach ($_COOKIE as $key => $value) {
             if (strpos($key, 'gpEasy_') === 0) {
                 $cmd = 'start';
     if (empty($cmd)) {
Exemple #11
 function LoginForm()
     global $langmessage, $gp_index, $page;
     $page->head .= "\n<script type=\"text/javascript\">var IE_LT_8 = false;</script><!--[if lt IE 8]>\n<script type=\"text/javascript\">IE_LT_8=true;</script>\n<![endif]-->";
     $page->head_js[] = '/include/js/login.js';
     $page->head_js[] = '/include/js/md5_sha.js';
     $page->css_admin[] = '/include/css/login.css';
     $_POST += array('username' => '');
     $page->admin_js = true;
     gpsession::cookie('g', 2);
     $action = 'Admin_Main';
     if (isset($_REQUEST['file']) && isset($gp_index[$_REQUEST['file']])) {
         $action = $_REQUEST['file'];
     echo '<div class="req_script nodisplay" id="login_container">';
     echo '<div id="browser_warning" class="nodisplay">';
     echo '<div><b>' . $langmessage['Browser Warning'] . '</b></div>';
     echo '<p>';
     echo $langmessage['Browser !Supported'];
     echo '</p>';
     echo '<p>';
     echo '<a href="http://www.mozilla.com/">Firefox</a>';
     echo '<a href="http://www.google.com/chrome">Chrome</a>';
     echo '<a href="http://www.apple.com/safari">Safari</a>';
     echo '<a href="http://www.microsoft.com/windows/internet-explorer/default.aspx">Explorer</a>';
     echo '</p>';
     echo '</div>';
     echo '<div id="loginform">';
     echo '<p><b>' . $langmessage['LOGIN_REQUIRED'] . '</b></p>';
     echo '<div id="login_timeout" class="nodisplay">Log in Timeout: ' . common::Link('Admin_Main', 'Reload to continue...') . '</div>';
     echo '<form action="' . common::GetUrl($action) . '" method="post" id="login_form">';
     echo '<div>';
     echo '<input type="hidden" name="cmd" value="login" />';
     if (isset($_REQUEST['file']) && isset($gp_index[$_REQUEST['file']])) {
         echo '<input type="hidden" name="file" value="' . htmlspecialchars($_REQUEST['file']) . '" />';
     echo '<input type="hidden" name="login_nonce" value="' . htmlspecialchars(common::new_nonce('login_nonce', true, 300)) . '" />';
     echo '</div>';
     echo '<label>';
     echo $langmessage['username'];
     echo '<input type="text" class="login_text" name="username" value="' . htmlspecialchars($_POST['username']) . '" />';
     echo '<input type="hidden" name="user_sha" value="" />';
     echo '</label>';
     echo '<label>';
     echo $langmessage['password'];
     echo '<input type="password" class="login_text password" name="password" value="" />';
     echo '<input type="hidden" name="pass_md5" value="" />';
     echo '<input type="hidden" name="pass_sha" value="" />';
     echo '</label>';
     echo '<input type="submit" class="login_submit" name="aa" value="' . $langmessage['login'] . '" />';
     echo '<p>';
     echo '<label>';
     echo '<input type="checkbox" name="remember" ' . $this->checked('remember') . '/> ';
     echo '<span>' . $langmessage['remember_me'] . '</span>';
     echo '</label> ';
     echo '<label>';
     echo '<input type="checkbox" name="encrypted" ' . $this->checked('encrypted') . '/> ';
     echo '<span>' . $langmessage['send_encrypted'] . '</span>';
     echo '</label>';
     echo '</p>';
     echo '<p>';
     echo '<label>';
     $url = common::GetUrl('Admin', 'cmd=forgotten');
     echo sprintf($langmessage['forgotten_password'], $url);
     echo '</label>';
     echo '</p>';
     echo '</form>';
     echo '</div>';
     echo '</div>';
     echo '<div class="without_script" id="javascript_warning">';
     echo '<p><b>' . $langmessage['JAVASCRIPT_REQ'] . '</b></p>';
     echo '<p>';
     echo $langmessage['INCOMPAT_BROWSER'];
     echo ' ';
     echo $langmessage['MODERN_BROWSER'];
     echo '</p>';
     echo '</div>';
Exemple #12
  * Code modified from dokuwiki
  * /dokuwiki/inc/auth.php
  * Builds a pseudo UID from browser and IP data
  * This is neither unique nor unfakable - still it adds some
  * security. Using the first part of the IP makes sure
  * proxy farms like AOLs are stil okay.
  * @author  Andreas Gohr <*****@*****.**>
  * @return  string  a MD5 sum of various browser headers
 function auth_browseruid($legacy = false)
     $uid = '';
     if (isset($_SERVER['HTTP_USER_AGENT'])) {
         $uid .= $_SERVER['HTTP_USER_AGENT'];
     if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
         $uid .= $_SERVER['HTTP_ACCEPT_ENCODING'];
     // IE does not report ACCEPT_LANGUAGE consistently
     //if( $legacy && isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ){
     //	$uid .= $_SERVER['HTTP_ACCEPT_LANGUAGE'];
     if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) {
         $uid .= $_SERVER['HTTP_ACCEPT_CHARSET'];
     if ($legacy) {
         if (isset($_SERVER['REMOTE_ADDR'])) {
             $ip = $_SERVER['REMOTE_ADDR'];
             if (strpos($ip, '.') !== false) {
                 $uid .= substr($ip, 0, strpos($ip, '.'));
             } elseif (strpos($ip, ':') !== false) {
                 $uid .= substr($ip, 0, strpos($ip, ':'));
     } else {
         $ip = gpsession::clientIP(true);
         $uid .= substr($ip, 0, strpos($ip, '.'));
     //ie8 will report ACCEPT_LANGUAGE as en-us and en-US depending on the type of request (normal, ajax)
     $uid = strtolower($uid);
     return md5($uid);
     * Generate rewrite rules for the apache server
    public static function Rewrite_RulesApache($hide_index, $home_root, $contents, $www)
        // Apache
        if (!$hide_index && is_null($www)) {
            return $contents;
        $home_root = rtrim($home_root, '/') . '/';
        $new_lines = array();
        $server_name = gpsession::ServerName();
        // with www
        if ($www) {
            $new_lines[] = '# with www';
            $new_lines[] = 'RewriteCond %{HTTPS} off';
            $new_lines[] = 'RewriteCond %{HTTP_HOST} "^' . $server_name . '"';
            $new_lines[] = 'RewriteRule (.*) "http://www.' . $server_name . '/$1" [R=301,L]';
            $new_lines[] = '';
            $new_lines[] = '# with www and https';
            $new_lines[] = 'RewriteCond %{HTTPS} on';
            $new_lines[] = 'RewriteCond %{HTTP_HOST} "^' . $server_name . '"';
            $new_lines[] = 'RewriteRule (.*) "https://www.' . $server_name . '/$1" [R=301,L]';
            // without www
        } elseif ($www === false) {
            $new_lines[] = '# without www';
            $new_lines[] = 'RewriteCond %{HTTPS} off';
            $new_lines[] = 'RewriteCond %{HTTP_HOST} "^www.' . $server_name . '"';
            $new_lines[] = 'RewriteRule (.*) "http://' . $server_name . '/$1" [R=301,L]';
            $new_lines[] = '';
            $new_lines[] = '# without www and https';
            $new_lines[] = 'RewriteCond %{HTTPS} on';
            $new_lines[] = 'RewriteCond %{HTTP_HOST} "^www.' . $server_name . '"';
            $new_lines[] = 'RewriteRule (.*) "https://' . $server_name . '/$1" [R=301,L]';
        $new_lines[] = "\n";
        // hide index.php
        if ($hide_index) {
            $new_lines[] = 'RewriteBase "' . $home_root . '"';
            $new_lines[] = '';
            $new_lines[] = '# Don\'t rewrite multiple times';
            $new_lines[] = 'RewriteCond %{QUERY_STRING} gp_rewrite';
            $new_lines[] = 'RewriteRule .* - [L]';
            $new_lines[] = '';
            $new_lines[] = '# Redirect away from requests with index.php';
            $new_lines[] = 'RewriteRule index\\.php(.*) "' . rtrim($home_root, '/') . '$1" [R=302,L]';
            $new_lines[] = '';
            $new_lines[] = '# Add gp_rewrite to root requests';
            $new_lines[] = 'RewriteRule ^$ "' . $home_root . 'index.php?gp_rewrite" [qsa,L]';
            $new_lines[] = '';
            $new_lines[] = '# Don\'t rewrite for static files';
            $new_lines[] = 'RewriteCond %{REQUEST_FILENAME} -f [OR]';
            $new_lines[] = 'RewriteCond %{REQUEST_FILENAME} -d [OR]';
            $new_lines[] = 'RewriteCond %{REQUEST_URI} \\.(js|css|jpe?g|jpe|gif|png|ico)$ [NC]';
            $new_lines[] = 'RewriteRule .* - [L]';
            $new_lines[] = '';
            $new_lines[] = '# Send all other requests to index.php';
            $new_lines[] = '# Append the gp_rewrite argument to tell gpEasy not to use index.php and to prevent multiple rewrites';
            $new_lines[] = 'RewriteRule /?(.*) "' . $home_root . 'index.php?gp_rewrite=$1" [qsa,L]';
            $new_lines[] = '';
        return $contents . '

# BEGIN gpEasy
<IfModule mod_rewrite.c>
	RewriteEngine On

	' . implode("\n\t", $new_lines) . '
# END gpEasy';
Exemple #14
  * Prepare and output any inline Javascript for the current page
  * @static
 function GetHead_InlineJS()
     global $page, $linkPrefix;
     if (gpdebugjs) {
         echo 'var debugjs=true;';
     if (common::LoggedIn()) {
         echo 'var isadmin=true';
         echo ',gpBLink="' . common::HrefEncode($linkPrefix) . '"';
         //here because of index.php
         if (!admin_tools::CanRemoteInstall()) {
             echo ',gpRem=false';
         echo ',post_nonce="' . common::new_nonce('post', true) . '"';
         echo ';';
     echo $page->head_script;
     if (!empty($page->jQueryCode)) {
         echo '$(function(){';
         echo $page->jQueryCode;
         echo '});';
     $inline = ob_get_clean();
     if (!empty($inline)) {
         echo "\n<script type=\"text/javascript\">/* <![CDATA[ */\n";
         echo $inline;
         echo "\n/* ]]> */</script>";
Exemple #15
    function Install_DataFiles_New($destination = false, $config, $base_install = true)
        global $langmessage;
        if ($destination === false) {
            $destination = $GLOBALS['dataDir'];
        //set config variables
        //$config = array(); //because of ftp values
        $gpLayouts = array();
        $gpLayouts['default']['theme'] = 'Light_Texture/Blue';
        $gpLayouts['default']['color'] = '#93c47d';
        $gpLayouts['default']['label'] = $langmessage['default'];
        $config['toemail'] = $_POST['email'];
        $config['gpLayout'] = 'default';
        $config['title'] = Install_Tools::Install_Title();
        $config['keywords'] = 'gpEasy CMS, Easy CMS, Content Management, PHP, Free CMS, Website builder, Open Source';
        $config['desc'] = 'A new gpEasy CMS installation. You can change your site\'s description in the configuration.';
        $config['timeoffset'] = '0';
        $config['langeditor'] = 'inherit';
        $config['dateformat'] = '%m/%d/%y - %I:%M %p';
        $config['gpversion'] = $GLOBALS['gpversion'];
        $config['shahash'] = function_exists('sha1');
        if (!isset($config['gpuniq'])) {
            $config['gpuniq'] = common::RandomString(20);
        $config['combinecss'] = Install_Tools::BooleanValue('combinecss', true);
        $config['combinejs'] = Install_Tools::BooleanValue('combinejs', true);
        $config['etag_headers'] = Install_Tools::BooleanValue('etag_headers', true);
        gpFiles::CheckDir($destination . '/data/_uploaded/image');
        gpFiles::CheckDir($destination . '/data/_uploaded/media');
        gpFiles::CheckDir($destination . '/data/_uploaded/file');
        gpFiles::CheckDir($destination . '/data/_uploaded/flash');
        gpFiles::CheckDir($destination . '/data/_sessions');
        $content = '<h2>Welcome!</h2>
		<p>Welcome to your new gpEasy powered website. Now that gpEasy is installed, you can start editing the content and customising your site.</p>
		<h3>Getting Started</h3>
		<p>You are currently viewing the default home page of your website. Here\'s a quick description of how to edit this page.</p>
		<li>First make sure you&#39;re ' . Install_Tools::Install_Link_Content('Admin_Main', 'logged in', 'file=Home') . '.</li>
		<li>Then, to edit this page, click the &quot;Edit&quot; link that appears when you move your mouse over the content.</li>
		<li>Make your edits, click &quot;Save&quot; and you&#39;re done!</li>
		<h3>More Options</h3>
		<li>Adding, renaming, deleting and organising your pages can all be done in the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</li>
		<li>Choose from a ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'variety of themes') . ' to give your site a custom look.</li>
		<li>Then, you can ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'add, remove and rearrange', 'cmd=editlayout') . ' the content of your site without editing the html.</li>
		<li>Take a look at the Administrator Toolbar to access all the features of gpEasy.</li>
		<h3>Online Resources</h3>
		<p>gpEasy.com has a number of resources to help you do even more with gpEasy.</p>
		<li>Find more community developed <a href="http://gpeasy.com/Special_Addon_Themes" title="gpEasy CMS Themes">themes</a> and <a href="http://gpeasy.com/Special_Addon_Plugins" title="gpEasy CMS Plugin">plugins</a> to enhance your site.</li>
		<li>Get help in the <a href="http://gpeasy.com/Special_Forum" title="gpEasy CMS Forum">gpEasy forum</a>.</li>
		<li>Show off your <a href="http://gpeasy.com/Special_Powered_by" title="Sites Using gpEasy CMS">gpEasy powered site</a> or list your <a href="http://gpeasy.com/Special_Service_Provider" title="Businesses Using gpEasy CMS">gpEasy related business</a>.</li>
        gpFiles::NewTitle('Home', $content);
        gpFiles::NewTitle('Help_Videos', "<h1>Help Videos</h1>\n\t\t<p>Video tutorials are often a fast and easy way to learn new things quickly.\n\t\tSo far, we only have one in Deutsch (German) made by <a href=\"http://gpeasy.com/Special_Service_Provider?id=57\" title=\"IT Ricther on gpEasy.com\">IT Richter</a>.\n\t\tIf you make a video tutorial for gpEasy, <a href=\"http://gpeasy.com/Contact\">let us know</a>, and we'll make sure it's included in our list.\n\t\t</p>\n\t\t<p>And as always, to edit this page, just click the \"Edit\" button while logged in.</p>\n\t\t<h2>Deutsch</h2>\n\t\t<p><iframe width=\"560\" height=\"315\" src=\"http://www.youtube.com/embed/04cNgR1EiFY\" frameborder=\"0\" allowfullscreen></iframe></p>\n\t\t");
        gpFiles::NewTitle('Child_Page', '<h1>A Child Page</h1><p>This was created as a subpage of your <em>Help Videos</em> . You can easily change the arrangement of all your pages using the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</p>');
        gpFiles::NewTitle('About', '<h1>About gpEasy CMS</h1><p><a href="http://gpEasy.com" title="gpEasy.com">gp|Easy</a> is a complete Content Management System (CMS) that can help you create rich and flexible web sites with a simple and easy to use interface.</p>
		<h2>gpEasy CMS How To</h2>
		<p>Learn how to <a href="http://docs.gpeasy.com/Main/Admin" title="gpEasy File Management">manage your files</a>,
		<a href="http://docs.gpeasy.com/Main/Creating%20Galleries" title="Creating Galleries in gpEasy CMS">create galleries</a> and more in the
		<a href="http://docs.gpeasy.org/index.php/" title="gpEasy CMS Documentation">gpEasy Documentation</a>.

		<h2>gpEasy CMS Features</h2>
		<li>True WYSIWYG (Using CKEditor)</li>
		<li>Galleries (Using ColorBox)</li>
		<li>SEO Friendly Links</li>
		<li>Free and Open Source (GPL)</li>
		<li>Runs on PHP</li>
		<li>File Upload Manager</li>
		<li>Drag \'n Drop Theme Content</li>
		<li>Deleted File Trash Can</li>
		<li>Multiple User Administration</li>
		<li>Flat File Storage</li>
		<li>Fast Page Loading</li>
		<li>Fast and Easy Installation</li>
		<li>reCaptcha for Contact Form</li>
		<li>HTML Tidy (when available)</li>
		<h2>If You Like gpEasy...</h2>
		<p>If you like gpEasy, then you might also like:</p>
		<li><a href="http://phpeasymin.com" title="Minimize JavaScript and CSS files easily">phpEasyMin.com</a> - Minimize multiple JavaScript and CSS files in one sweep.</li>
        $file = $destination . '/data/_extra/Side_Menu.php';
        $content = '<h3>Join the gpEasy Community</h3>
		<p>Visit gpEasy.com to access the many <a href="http://gpeasy.com/Special_Resources" title="gpEasy Community Resources">available resources</a> to help you get the most out of our CMS.</p>
		<li><a href="http://gpeasy.com/Special_Addon_Themes" title="gpEasy CMS Themes">Download Themes</a></li>
		<li><a href="http://gpeasy.com/Special_Addon_Plugins" title="gpEasy CMS Plugin">Download Plugins</a></li>
		<li><a href="http://gpeasy.com/Special_Forum" title="gpEasy CMS Forum">Get Help in the Forum</a></li>
		<li><a href="http://gpeasy.com/Special_Powered_by" title="Sites using gpEasy CMS">Show off Your Site</a></li>
		<li><a href="http://gpeasy.com/Special_Resources" title="gpEasy Community Resources">And Much More...</a></li>
		<p class="sm">(Edit this content by clicking &quot;Edit&quot;, it&#39;s that easy!)</p>';
        gpFiles::SaveFile($file, $content);
        $file = $destination . '/data/_extra/Header.php';
        $contents = '<h1>' . Install_Tools::Install_Link('', $config['title']) . '</h1>';
        $contents .= '<h4>' . 'The Fast and Easy CMS' . '</h4>';
        gpFiles::SaveFile($file, $contents);
        $file = $destination . '/data/_extra/Footer.php';
        $content = '<h3><a href="http://gpeasy.com/Our_CMS" title="Features of Our CMS">gpEasy CMS Features</a></h3>
		<p>Easy to use True WYSIWYG Editing.</p>
		<p>Flat-file data storage and advanced resource management for fast websites.</p>
		<p>Community driven development</p>
		<p><a href="http://gpeasy.com/Our_CMS" title="Features of Our CMS">And More...</a></p>
		<p>If you like gpEasy, then you might also like <a href="http://phpeasymin.com" title="Minimize JavaScript and CSS files easily">phpEasyMin.com</a></p>
        gpFiles::SaveFile($file, $content);
        //contact html
        $file = $destination . '/data/_extra/Contact.php';
        gpFiles::SaveFile($file, '<h2>Contact Us</h2><p>Use the form below to contact us, and be sure to enter a valid email address if you want to hear back from us.</p>');
        // gp_index
        $new_index = array();
        $new_index['Home'] = 'a';
        $new_index['Help_Videos'] = 'b';
        $new_index['Child_Page'] = 'c';
        $new_index['About'] = 'd';
        $new_index['Contact'] = 'special_contact';
        $new_index['Site_Map'] = 'special_site_map';
        $new_index['Galleries'] = 'special_galleries';
        $new_index['Missing'] = 'special_missing';
        //	gpmenu
        $new_menu = array();
        $new_menu['a'] = array('level' => 0);
        $new_menu['b'] = array('level' => 0);
        $new_menu['c'] = array('level' => 1);
        $new_menu['d'] = array('level' => 0);
        $new_menu['special_contact'] = array('level' => 1);
        //	links
        $new_titles = array();
        $new_titles['a']['label'] = 'Home';
        $new_titles['a']['type'] = 'text';
        $new_titles['b']['label'] = 'Help Videos';
        $new_titles['b']['type'] = 'text';
        $new_titles['c']['label'] = 'Child Page';
        $new_titles['c']['type'] = 'text';
        $new_titles['d']['label'] = 'About';
        $new_titles['d']['type'] = 'text';
        $new_titles['special_contact']['lang_index'] = 'contact';
        $new_titles['special_contact']['type'] = 'special';
        $new_titles['special_site_map']['lang_index'] = 'site_map';
        $new_titles['special_site_map']['type'] = 'special';
        $new_titles['special_galleries']['lang_index'] = 'galleries';
        $new_titles['special_galleries']['type'] = 'special';
        $new_titles['special_missing']['label'] = 'Missing';
        $new_titles['special_missing']['type'] = 'special';
        $pages = array();
        $pages['gp_index'] = $new_index;
        $pages['gp_menu'] = $new_menu;
        $pages['gp_titles'] = $new_titles;
        $pages['gpLayouts'] = $gpLayouts;
        echo '<li>';
        if (!gpFiles::SaveArray($destination . '/data/_site/pages.php', 'pages', $pages)) {
            echo '<span class="failed">';
            //echo 'Could not save pages.php';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'pages.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        //echo 'Pages.php saved.';
        echo sprintf($langmessage['_SAVED'], 'pages.php');
        echo '</span>';
        echo '</li>';
        echo '<li>';
        $user_info = array();
        $user_info['password'] = sha1(trim($_POST['password']));
        $user_info['granted'] = 'all';
        $user_info['editing'] = 'all';
        $user_info['email'] = $_POST['email'];
        $users = array();
        $username = $_POST['username'];
        //log user in here to finish user_info
        if ($base_install) {
            define('gp_session_cookie', common::SessionCookie($config['gpuniq']));
            gpsession::create($user_info, $username);
        $users[$username] = $user_info;
        if (!gpFiles::SaveArray($destination . '/data/_site/users.php', 'users', $users)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'users.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'users.php');
        echo '</span>';
        echo '</li>';
        //save config
        //not using SaveConfig() because $config is not global here
        echo '<li>';
        if (!gpFiles::SaveArray($destination . '/data/_site/config.php', 'config', $config)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'config.php');
            echo '</span>';
            echo '</li>';
            return false;
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'config.php');
        echo '</span>';
        echo '</li>';
        if ($base_install) {
            Install_Tools::InstallHtaccess($destination, $config);
        return true;
Exemple #16
  * Handle admin login/logout/session_start if admin session parameters exist
 function sessions()
     $update_cookies = false;
     $cmd = '';
     if (isset($_GET['cmd']) && $_GET['cmd'] == 'logout') {
         $cmd = 'logout';
     } elseif (isset($_POST['cmd']) && $_POST['cmd'] == 'login') {
         $cmd = $_POST['cmd'];
     } elseif (isset($_COOKIE[gp_session_cookie])) {
         $cmd = 'start';
     } elseif (isset($_COOKIE['gpEasy'])) {
         $_COOKIE[gp_session_cookie] = $_COOKIE['gpEasy'];
         $update_cookies = true;
         $cmd = 'start';
     if (empty($cmd)) {
     if ($update_cookies) {
         gpsession::cookie(gp_session_cookie, $_COOKIE['gpEasy']);
         gpsession::cookie('gpEasy', '', time() - 42000);
     switch ($cmd) {
         case 'logout':
         case 'login':
     if (isset($_COOKIE[gp_session_cookie])) {
Exemple #17
 function SendPassword()
     global $langmessage, $gp_mailer, $config;
     $users = gpFiles::Get('_site/users');
     $username = $_POST['username'];
     if (!isset($users[$username])) {
         return false;
     $userinfo = $users[$username];
     if (empty($userinfo['email'])) {
         return false;
     $passwordChars = str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', 3);
     $newpass = str_shuffle($passwordChars);
     $newpass = substr($newpass, 0, 8);
     $pass_hash = gpsession::PassAlgo($userinfo);
     $users[$username]['newpass'] = common::hash($newpass, $pass_hash);
     if (!gpFiles::SaveData('_site/users', 'users', $users)) {
         return false;
     if (isset($_SERVER['HTTP_HOST'])) {
         $server = $_SERVER['HTTP_HOST'];
     } else {
         $server = $_SERVER['SERVER_NAME'];
     $link = common::AbsoluteLink('Admin', $langmessage['login']);
     $message = sprintf($langmessage['passwordremindertext'], $server, $link, $username, $newpass);
     if ($gp_mailer->SendEmail($userinfo['email'], $langmessage['new_password'], $message)) {
         list($namepart, $sitepart) = explode('@', $userinfo['email']);
         $showemail = substr($namepart, 0, 3) . '...@' . $sitepart;
         message(sprintf($langmessage['password_sent'], $username, $showemail));
         return true;
     message($langmessage['OOPS'] . ' (Email not sent)');
     return false;