<?php define('OFFSET_PATH', 3); require_once "../../admin-globals.php"; require_once SERVERPATH . '/' . ZENFOLDER . '/template-functions.php'; admin_securityChecks(ALBUM_RIGHTS, currentRelativeURL()); function unpublishSubalbums($album) { global $_zp_gallery; $albums = $album->getAlbums(); foreach ($albums as $albumname) { $subalbum = newAlbum($albumname); $subalbum->setShow(false); $subalbum->save(); unpublishSubalbums($subalbum); } } $report = false; $publish_albums_list = array(); $publish_images_list = array(); if (isset($_POST['set_defaults'])) { XSRFdefender('publishContent'); $_zp_gallery->setAlbumPublish((int) isset($_POST['album_default'])); $_zp_gallery->setImagePublish((int) isset($_POST['image_default'])); $_zp_gallery->save(); $report = 'defaults'; } else { if (isset($_POST['publish'])) { $action = sanitize($_POST['publish']); unset($_POST['publish']); XSRFdefender('publishContent');
<?php /** * Bulk enable/disable of plugins * @package core */ // force UTF-8 Ø define('OFFSET_PATH', 3); require_once dirname(dirname(dirname($_SERVER['SCRIPT_FILENAME']))) . "/zp-core/admin-globals.php"; admin_securityChecks(ADMIN_RIGHTS, $return = currentRelativeURL()); XSRFdefender('pluginEnabler'); if (isset($_GET['pluginsRemember'])) { setOption('pluginEnabler_currentset', serialize(array_keys(getEnabledPlugins()))); $report = gettext('Current enabled plugins remembered'); } if (isset($_GET['pluginsEnable'])) { $paths = getPluginFiles('*.php'); $pluginlist = array_keys($paths); switch ($setting = sanitize_numeric($_GET['pluginsEnable'])) { case 0: $report = gettext('Plugins disabled'); break; case 1: $report = gettext('Zenphoto plugins enabled'); break; case 2: $report = gettext('Remembered plugins enabled'); $savedlist = getSerializedArray(getOption('pluginEnabler_currentset')); break; case 3: $report = gettext('All plugins enabled');
<?php define('OFFSET_PATH', 3); require_once dirname(dirname(__FILE__)) . '/admin-functions.php'; $_zp_loggedin = NULL; if (isset($_POST['auth'])) { $hash = sanitize($_POST['auth']); $id = sanitize($_POST['id']); $_zp_loggedin = $_zp_authority->checkAuthorization($hash, $id); } admin_securityChecks(UPLOAD_RIGHTS, $return = currentRelativeURL(__FILE__)); if (!empty($_FILES)) { $gallery = new Gallery(); $name = trim(basename(sanitize($_FILES['file']['name'], 3))); if (isset($_FILES['Filedata']['error']) && $_FILES['file']['error']) { $error = $_FILES['Filedata']['error']; debugLogArray('Uploadify error:', $_FILES); trigger_error(sprintf(gettext('Uploadify error on %1$s. Review your debug log.'), $name)); } else { $tempFile = sanitize($_FILES['file']['tmp_name'], 3); $folder = trim(sanitize($_POST['http_folder'], 3)); if (substr($folder, 0, 1) == '/') { $folder = substr($folder, 1); } if (substr($folder, 0, 1) == '/') { $folder = substr($folder, 1); } if (substr($folder, -1) == '/') { $folder = substr($folder, 0, -1); } $folder = zp_apply_filter('admin_upload_process', $folder);
* zenpage admin-edit.php * * @author Malte Müller (acrylian) * @package plugins * @subpackage zenpage */ define("OFFSET_PATH", 4); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; require_once "admin-functions.php"; require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/tag_suggest.php'; if (is_AdminEditPage('page')) { $rights = ZENPAGE_PAGES_RIGHTS; } else { $rights = ZENPAGE_NEWS_RIGHTS; } admin_securityChecks($rights, currentRelativeURL()); updatePublished('news'); updatePublished('pages'); $saveitem = ''; $reports = array(); if (is_AdminEditPage('page')) { $_GET['tab'] = $tab = 'pages'; $new = 'newPage'; $update = 'updatePage'; } else { if (is_AdminEditPage('newsarticle')) { $_GET['tab'] = $tab = 'news'; $new = 'newArticle'; $update = 'updateArticle'; } else { if (is_AdminEditPage('newscategory')) {
<?php /** */ define('OFFSET_PATH', 1); require_once dirname(__FILE__) . '/admin-globals.php'; admin_securityChecks(FILES_RIGHTS, currentRelativeURL(__FILE__)); printAdminHeader('upload', 'files'); echo "\n</head>"; ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs(); ?> <div id="content"> <div id="container"> <?php $subtab = printSubtabs(); ?> <div class="tabbox"> <?php zp_apply_filter('admin_note', 'upload', $subtab); ?> <h1><?php echo gettext('File Manager');
<?php // force UTF-8 Ø define('OFFSET_PATH', 3); require_once dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/admin-globals.php"; admin_securityChecks(ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS, ''); if (extensionEnabled('zenpage')) { require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . "/zenpage/zenpage-template-functions.php"; } header('Last-Modified: ' . ZP_LAST_MODIFIED); header('Content-Type: text/html; charset=' . LOCAL_CHARSET); ?> <!-- tinyZenpage - A TinyMCE plugin for Zenphoto with Zenpage Version: 1.4.6 Author: Malte Müller (acrylian), Stephen Billard (sbillard) inspired by Alessandro "Simbul" Morandi's ZenphotoPress (http://simbul.bzaar.net/zenphotopress) License: GPL v2 or later http://www.gnu.org/licenses/gpl.html --> <!DOCTYPE html> <html> <head> <title>tinyZenpage</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <script type="text/javascript" src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /js/htmlencoder.js"></script> <script type="text/javascript" src="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /js/jquery.js"></script>
<?php /** * provides the Comments tab of admin * @package admin */ // force UTF-8 Ø define('OFFSET_PATH', 1); require_once '../../admin-globals.php'; admin_securityChecks(COMMENT_RIGHTS, currentRelativeURL()); if (isset($_GET['page'])) { $page = sanitize($_GET['page']); } else { $page = ''; } if (isset($_GET['fulltext']) && $_GET['fulltext']) { $fulltext = true; } else { $fulltext = false; } if (isset($_GET['viewall'])) { $viewall = true; } else { $viewall = false; } /* handle posts */ if (isset($_GET['action'])) { switch ($_GET['action']) { case "spam": XSRFdefender('comment_update'); $comment = new Comment(sanitize_numeric($_GET['id']));
<?php /** * provides the Options tab of admin * @package admin */ // force UTF-8 Ø define('OFFSET_PATH', 1); require_once dirname(__FILE__) . '/admin-globals.php'; require_once SERVERPATH . '/' . ZENFOLDER . '/functions-config.php'; admin_securityChecks(OPTIONS_RIGHTS, currentRelativeURL()); define('PLUGINS_PER_PAGE', max(1, getOption('plugins_per_page'))); if (isset($_GET['subpage'])) { $subpage = sanitize_numeric($_GET['subpage']); } else { if (isset($_POST['subpage'])) { $subpage = sanitize_numeric($_POST['subpage']); } else { $subpage = 0; } } if (!isset($_GET['page'])) { if (array_key_exists('options', $zenphoto_tabs)) { $_GET['page'] = 'options'; } else { $_GET['page'] = 'users'; // must be a user with no options rights } } $_current_tab = sanitize($_GET['page'], 3); /* handle posts */
<?php /** * Use this utility to reset your album thumbnails to either "random" or from an ordered field query * * @package admin */ define('OFFSET_PATH', 3); require_once dirname(dirname(__FILE__)) . '/admin-globals.php'; require_once dirname(dirname(__FILE__)) . '/template-functions.php'; $buttonlist[] = array('category' => gettext('Database'), 'enable' => true, 'button_text' => gettext('Reset album thumbs'), 'formname' => 'reset_albumthumbs.php', 'action' => 'utilities/reset_albumthumbs.php', 'icon' => 'images/reset.png', 'title' => gettext('Reset album thumbnails to either random or most recent'), 'alt' => '', 'hidden' => '', 'rights' => MANAGE_ALL_ALBUM_RIGHTS | ADMIN_RIGHTS); admin_securityChecks(MANAGE_ALL_ALBUM_RIGHTS, $return = currentRelativeURL()); if (isset($_REQUEST['thumbtype']) || isset($_REQUEST['thumbselector'])) { XSRFdefender('reset_thumbs'); } $buffer = ''; $webpath = WEBPATH . '/' . ZENFOLDER . '/'; $zenphoto_tabs['overview']['subtabs'] = array(gettext('Thumbs') => ''); printAdminHeader('overview', 'thumbs'); echo '</head>'; ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs(); ?> <div id="content">
/** * zenpage admin-edit.php * * @author Malte Müller (acrylian) * @package plugins * @subpackage zenpage */ define("OFFSET_PATH", 4); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; require_once "zenpage-admin-functions.php"; if (is_AdminEditPage('newsarticle')) { $rights = ZENPAGE_NEWS_RIGHTS; } else { $rights = ZENPAGE_PAGES_RIGHTS; } admin_securityChecks($rights, currentRelativeURL(__FILE__)); $saveitem = ''; $reports = array(); if (is_AdminEditPage('page')) { $tab = 'pages'; if (isset($_GET['titlelink'])) { $result = new ZenpagePage(urldecode($_GET['titlelink'])); } else { if (isset($_GET['update'])) { XSRFdefender('update'); $result = updatePage($reports); if (getCheckboxState('copy_delete_object')) { switch (sanitize($_POST['copy_delete_object'])) { case 'copy': $as = trim(sanitize(sanitize($_POST['copy_object_as']))); if (empty($as)) {
<?php /** * This template is used to generate cache images. Running it will process the entire gallery, * supplying an album name (ex: loadAlbums.php?album=newalbum) will only process the album named. * Passing clear=on will purge the designated cache before generating cache images * @package plugins */ // force UTF-8 Ø define('OFFSET_PATH', 3); require_once "../../admin-globals.php"; require_once SERVERPATH . '/' . ZENFOLDER . '/template-functions.php'; require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/cacheManager/functions.php'; admin_securityChecks(NULL, $return = currentRelativeURL()); XSRFdefender('cacheDBImages'); $zenphoto_tabs['overview']['subtabs'] = array(gettext('Cache images') => PLUGIN_FOLDER . '/cacheManager/cacheImages.php?page=overview&tab=images', gettext('Cache stored images') => PLUGIN_FOLDER . '/cacheManager/cacheDBImages.php?page=overview&tab=DB&XSRFToken=' . getXSRFToken('cacheDBImages')); printAdminHeader('overview', 'DB'); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs(); echo "\n" . '<div id="content">'; printSubtabs('Cache'); ?> <div class="tabbox"> <?php zp_apply_filter('admin_note', 'cache', ''); ?> <p class="notebox"> <?php
<?php /** * provides the Upload tab of admin * * @author Stephen Billard (sbillard) * * @package admin */ // force UTF-8 Ø define('OFFSET_PATH', 1); require_once dirname(__FILE__) . '/admin-globals.php'; admin_securityChecks(UPLOAD_RIGHTS | FILES_RIGHTS, $return = currentRelativeURL()); if (isset($_GET['page'])) { $page = sanitize($_GET['page']); } else { $link = $zenphoto_tabs['upload']['link']; if (strpos($link, 'admin-upload.php') == false) { header('location: ' . $link); exitZP(); } $page = "upload"; $_GET['page'] = 'upload'; } if (isset($_GET['type'])) { $uploadtype = sanitize($_GET['tab']); zp_setCookie('uploadtype', $uploadtype); } else { $uploadtype = zp_getcookie('uploadtype'); $_GET['tab'] = $uploadtype; }
<?php /** * ZenPhoto20 object paster for tinyMCE * * @author Stephen Billard (sbillard) * * Copyright 2014 by Stephen L Billard for use in {@link https://github.com/ZenPhoto20/ZenPhoto20 ZenPhoto20} * */ // force UTF-8 Ø define('OFFSET_PATH', 3); require_once dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/admin-globals.php"; admin_securityChecks(ALBUM_RIGHTS | ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS, NULL); header('Last-Modified: ' . ZP_LAST_MODIFIED); header('Content-Type: text/html; charset=' . LOCAL_CHARSET); function getIPSizedImage($size, $image) { $wmt = getWatermarkParam($image, WATERMARK_IMAGE); $args = getImageParameters(array($size, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, $wmt), $image->album->name); return getImageProcessorURI($args, $image->album->name, $image->filename); } ?> <!DOCTYPE html> <html> <head> <?php printStandardMeta(); ?> <title>tinyMCE:obj</title> <script type="text/javascript" src="<?php
<?php /** * Theme file editor * * @package admin * @author Ozh */ // force UTF-8 Ø define('OFFSET_PATH', 1); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; admin_securityChecks(THEMES_RIGHTS, currentRelativeURL()); if (!isset($_GET['theme'])) { header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-themes.php"); exitZP(); } $ok_extensions = array('css', 'php', 'js', 'txt', 'inc'); function isTextFile($file) { global $ok_extensions; $ext = strtolower(getSuffix($file)); return in_array($ext, $ok_extensions); } $messages = $file_to_edit = $file_content = null; $what = 'edit'; $themes = $_zp_gallery->getThemes(); $theme = basename(sanitize($_GET['theme'])); $themedir = SERVERPATH . '/themes/' . internalToFilesystem($theme); $themefiles = listDirectoryFiles($themedir); $themefiles_to_ext = array(); if (themeIsEditable($theme)) {
* This plugin shows statistical graphs and info about your gallery\'s images and albums * * @package admin */ define('OFFSET_PATH', 3); chdir(dirname(dirname(__FILE__))); require_once dirname(dirname(__FILE__)) . '/admin-globals.php'; require_once dirname(dirname(__FILE__)) . '/' . PLUGIN_FOLDER . '/image_album_statistics.php'; if (getOption('zp_plugin_zenpage')) { require_once dirname(dirname(__FILE__)) . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-admin-functions.php'; } $button_text = gettext('Gallery Statistics'); $button_hint = gettext('Shows statistical graphs and info about your gallery\'s images and albums.'); $button_icon = 'images/bar_graph.png'; $button_rights = OVERVIEW_RIGHTS; admin_securityChecks(OVERVIEW_RIGHTS, currentRelativeURL(__FILE__)); $gallery = new Gallery(); $gallery->garbageCollect(); $webpath = WEBPATH . '/' . ZENFOLDER . '/'; printAdminHeader(gettext('utilities'), gettext('statistics')); ?> <link rel="stylesheet" href="../admin-statistics.css" type="text/css" media="screen" /> <?php /* * http://php.net/manual/de/function.filesize.php * * @author Jonas Sweden */ function gallerystats_filesize_r($path) { if (!file_exists($path)) {
define('OFFSET_PATH', -2); // we don't want plugins loaded but we are not setup require_once dirname(__FILE__) . '/admin-globals.php'; // need the class plugins to handle video, etc. foreach (getEnabledPlugins() as $extension => $plugin) { if ($plugin['priority'] & CLASS_PLUGIN) { require_once $plugin['path']; } } require_once dirname(__FILE__) . '/template-functions.php'; if (isset($_REQUEST['album'])) { $localrights = ALBUM_RIGHTS; } else { $localrights = NULL; } admin_securityChecks($localrights, $return = currentRelativeURL()); XSRFdefender('refresh'); $imageid = ''; if (isset($_GET['refresh'])) { if (isset($_GET['id'])) { $imageid = sanitize_numeric($_GET['id']); } $imageid = $_zp_gallery->garbageCollect(true, true, $imageid); } if (isset($_GET['prune'])) { $type = 'prune&'; $title = gettext('Refresh Database'); $finished = gettext('Finished refreshing the database'); $incomplete = gettext('Database refresh is incomplete'); $allset = gettext("We are all set to refresh the database"); $continue = gettext('Continue refreshing the database.');
<?php /** * zenpage admin-categories.php * * @author Malte Müller (acrylian) * @package plugins * @subpackage zenpage */ define("OFFSET_PATH", 4); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; require_once "zenpage-admin-functions.php"; admin_securityChecks(ZENPAGE_NEWS_RIGHTS, currentRelativeURL(__FILE__)); $reports = array(); if (isset($_POST['processcheckeditems'])) { XSRFdefender('checkeditems'); processZenpageBulkActions('Category', $reports); updateItemSortorder('categories', $reports); } if (isset($_GET['delete'])) { XSRFdefender('delete_category'); $reports[] = deleteCategory($_GET['delete']); } if (isset($_GET['hitcounter'])) { XSRFdefender('hitcounter'); $x = $_zp_zenpage->getCategory(sanitize_numeric($_GET['id'])); $obj = new ZenpageCategory($x['titlelink']); $obj->set('hitcounter', 0); $obj->save(); } if (isset($_GET['publish'])) {
<?php /** * user_groups plugin--tabs * @author Stephen Billard (sbillard) * @package plugins * @subpackage usermanagement */ define('OFFSET_PATH', 4); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; admin_securityChecks(NULL, currentRelativeURL(__FILE__)); $admins = $_zp_authority->getAdministrators('all'); $ordered = array(); foreach ($admins as $key => $admin) { if ($admin['valid']) { $ordered[$key] = $admin['date']; } } asort($ordered); $adminordered = array(); foreach ($ordered as $key => $user) { $adminordered[] = $admins[$key]; } $msg = NULL; if (isset($_GET['action'])) { $action = sanitize($_GET['action']); XSRFdefender($action); if ($action == 'expiry') { foreach ($_POST as $key => $action) { if (strpos($key, 'r_') === 0) { $userobj = $_zp_authority->getAnAdmin(array('`id`=' => str_replace('r_', '', postIndexDecode($key))));
<?php /** * This is the "files" upload tab * * @package plugins * @subpackage development */ define('OFFSET_PATH', 3); require_once dirname(dirname(dirname($_SERVER['SCRIPT_FILENAME']))) . "/zp-core/admin-globals.php"; admin_securityChecks(DEBUG_RIGHTS, $return = currentRelativeURL()); printAdminHeader('development', gettext('rewriteTokens')); ?> </head> <body> <link <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs(); ?> <div id="content"> <?php zp_apply_filter('admin_note', 'development', ''); ?> <div id="container"> <?php
$admins = $_zp_authority->getAdministrators(); foreach ($admins as $admin) { if (!empty($admin['email']) && $currentadminuser != $admin['user']) { $button['enable'] = true; $button['title'] = gettext('A tool to send e-mails to all registered users who have provided an e-mail address.'); break; } } $buttons[] = $button; return $buttons; } } else { define('OFFSET_PATH', 3); chdir(dirname(dirname(__FILE__))); require_once dirname(dirname(__FILE__)) . '/admin-globals.php'; admin_securityChecks(NULL, currentRelativeURL()); if (isset($_GET['sendmail'])) { XSRFdefender('mailing_list'); } $admins = $_zp_authority->getAdministrators(); $zenphoto_tabs['overview']['subtabs'] = array(gettext('Mailing') => ''); printAdminHeader('overview', 'Mailing'); ?> </head> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs();
<?php /** * zenpage admin-pages.php * * @author Malte Müller (acrylian) * @package plugins * @subpackage zenpage */ define("OFFSET_PATH", 4); require_once dirname(dirname(dirname(__FILE__))) . '/admin-globals.php'; require_once "zenpage-admin-functions.php"; admin_securityChecks(ZENPAGE_PAGES_RIGHTS, currentRelativeURL()); $reports = array(); if (isset($_GET['bulkaction'])) { $reports[] = zenpageBulkActionMessage(sanitize($_GET['bulkaction'])); } if (isset($_GET['deleted'])) { $reports[] = "<p class='messagebox fade-message'>" . gettext("Article successfully deleted!") . "</p>"; } if (isset($_POST['update'])) { XSRFdefender('update'); if ($_POST['checkallaction'] == 'noaction') { if (updateItemSortorder('pages')) { $reports[] = "<p class='messagebox fade-message'>" . gettext("Sort order saved.") . "</p>"; } else { $reports[] = "<p class='notebox fade-message'>" . gettext("Nothing changed.") . "</p>"; } } else { $action = processZenpageBulkActions('Page'); bulkActionRedirect($action);