Esempio n. 1
0
/**
 * Get affected paths
 * @param mixed path
 * @return string
 */
function get_affected_paths($path)
{
    global $basepath;
    $affected_paths = T_('Affected paths:') . ' ';
    if (is_array($path)) {
        $paths = array();
        foreach ($path as $p) {
            $paths[] = no_trailing_slash($p);
        }
        $affected_paths .= implode(', ', $paths);
    } elseif ($path == '*') {
        $filename_params = array('inc_files' => false, 'recurse' => false, 'basename' => true);
        $affected_paths .= implode(', ', get_filenames($basepath, $filename_params));
    } else {
        $affected_paths .= no_trailing_slash($path);
    }
    return $affected_paths;
}
Esempio n. 2
0
    /**
     * Load data from Request form fields.
     *
     * @param array groups of params to load
     * @return boolean true if loaded data seems valid.
     */
    function load_from_Request($groups = array())
    {
        global $Messages, $default_locale, $DB;
        /**
         * @var User
         */
        global $current_User;
        // Load collection settings and clear update cascade array
        $this->load_CollectionSettings();
        $this->CollectionSettings->clear_update_cascade();
        if (param('blog_name', 'string', NULL) !== NULL) {
            // General params:
            $this->set_from_Request('name');
            $this->set('shortname', param('blog_shortname', 'string', true));
            $this->set('locale', param('blog_locale', 'string', $default_locale));
        }
        if (param('archive_links', 'string', NULL) !== NULL) {
            // Archive link type:
            $this->set_setting('archive_links', get_param('archive_links'));
            $this->set_setting('archive_posts_per_page', param('archive_posts_per_page', 'integer', NULL), true);
        }
        if (param('chapter_links', 'string', NULL) !== NULL) {
            // Chapter link type:
            $this->set_setting('chapter_links', get_param('chapter_links'));
        }
        if (param('category_prefix', 'string', NULL) !== NULL) {
            $category_prefix = get_param('category_prefix');
            if (!preg_match('|^([A-Za-z0-9\\-_]+(/[A-Za-z0-9\\-_]+)*)?$|', $category_prefix)) {
                param_error('category_prefix', T_('Invalid category prefix.'));
            }
            $this->set_setting('category_prefix', $category_prefix);
        }
        if (param('atom_redirect', 'string', NULL) !== NULL) {
            param_check_url('atom_redirect', 'commenting');
            $this->set_setting('atom_redirect', get_param('atom_redirect'));
            param('rss2_redirect', 'string', NULL);
            param_check_url('rss2_redirect', 'commenting');
            $this->set_setting('rss2_redirect', get_param('rss2_redirect'));
        }
        if (param('image_size', 'string', NULL) !== NULL) {
            $this->set_setting('image_size', get_param('image_size'));
        }
        if (param('tag_links', 'string', NULL) !== NULL) {
            // Tag page link type:
            $this->set_setting('tag_links', get_param('tag_links'));
        }
        if (param('tag_prefix', 'string', NULL) !== NULL) {
            $tag_prefix = get_param('tag_prefix');
            if (!preg_match('|^([A-Za-z0-9\\-_]+(/[A-Za-z0-9\\-_]+)*)?$|', $tag_prefix)) {
                param_error('tag_prefix', T_('Invalid tag prefix.'));
            }
            $this->set_setting('tag_prefix', $tag_prefix);
        }
        // Default to "tag", if "prefix-only" is used, but no tag_prefix was provided.
        if (get_param('tag_links') == 'prefix-only' && !strlen(param('tag_prefix', 'string', NULL))) {
            $this->set_setting('tag_prefix', 'tag');
        }
        // Use rel="tag" attribute? (checkbox)
        $this->set_setting('tag_rel_attib', param('tag_rel_attib', 'integer', 0));
        if (param('chapter_content', 'string', NULL) !== NULL) {
            // What kind of content on chapter pages?
            $this->set_setting('chapter_content', get_param('chapter_content'));
        }
        if (param('tag_content', 'string', NULL) !== NULL) {
            // What kind of content on tags pages?
            $this->set_setting('tag_content', get_param('tag_content'));
        }
        if (param('archive_content', 'string', NULL) !== NULL) {
            // What kind of content on archive pages?
            $this->set_setting('archive_content', get_param('archive_content'));
        }
        if (param('filtered_content', 'string', NULL) !== NULL) {
            // What kind of content on filtered pages?
            $this->set_setting('filtered_content', get_param('filtered_content'));
        }
        if (param('main_content', 'string', NULL) !== NULL) {
            // What kind of content on main pages?
            $this->set_setting('main_content', get_param('main_content'));
        }
        // Chapter posts per page:
        $this->set_setting('chapter_posts_per_page', param('chapter_posts_per_page', 'integer', NULL), true);
        // Tag posts per page:
        $this->set_setting('tag_posts_per_page', param('tag_posts_per_page', 'integer', NULL), true);
        if (param('single_links', 'string', NULL) !== NULL) {
            // Single post link type:
            $this->set_setting('single_links', get_param('single_links'));
        }
        if (param('slug_limit', 'integer', NULL) !== NULL) {
            // Limit slug length:
            $this->set_setting('slug_limit', get_param('slug_limit'));
        }
        if (param('normal_skin_ID', 'integer', NULL) !== NULL) {
            // Default blog:
            $this->set_setting('normal_skin_ID', get_param('normal_skin_ID'));
        }
        if (param('mobile_skin_ID', 'integer', NULL) !== NULL) {
            // Default blog:
            $this->set_setting('mobile_skin_ID', get_param('mobile_skin_ID'));
        }
        if (param('tablet_skin_ID', 'integer', NULL) !== NULL) {
            // Default blog:
            $this->set_setting('tablet_skin_ID', get_param('tablet_skin_ID'));
        }
        if (param('archives_sort_order', 'string', NULL) !== NULL) {
            $this->set_setting('archives_sort_order', param('archives_sort_order', 'string', false));
        }
        if (param('feed_content', 'string', NULL) !== NULL) {
            // How much content in feeds?
            $this->set_setting('feed_content', get_param('feed_content'));
            param_integer_range('posts_per_feed', 1, 9999, T_('Items per feed must be between %d and %d.'));
            $this->set_setting('posts_per_feed', get_param('posts_per_feed'));
        }
        if (param('comment_feed_content', 'string', NULL) !== NULL) {
            // How much content in comment feeds?
            $this->set_setting('comment_feed_content', get_param('comment_feed_content'));
            param_integer_range('comments_per_feed', 1, 9999, T_('Comments per feed must be between %d and %d.'));
            $this->set_setting('comments_per_feed', get_param('comments_per_feed'));
        }
        if (param('require_title', 'string', NULL) !== NULL) {
            // Title for items required?
            $this->set_setting('require_title', get_param('require_title'));
        }
        if (param('blog_description', 'string', NULL) !== NULL) {
            // Description:
            $this->set_from_Request('shortdesc', 'blog_description');
        }
        if (param('blog_keywords', 'string', NULL) !== NULL) {
            // Keywords:
            $this->set_from_Request('keywords');
        }
        if (param('blog_tagline', 'html', NULL) !== NULL) {
            // HTML tagline:
            param_check_html('blog_tagline', T_('Invalid tagline'));
            $this->set('tagline', get_param('blog_tagline'));
        }
        if (param('blog_longdesc', 'html', NULL) !== NULL) {
            // HTML long description:
            param_check_html('blog_longdesc', T_('Invalid long description'));
            $this->set('longdesc', get_param('blog_longdesc'));
        }
        if (param('blog_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('blog_footer_text', T_('Invalid blog footer'));
            $this->set_setting('blog_footer_text', get_param('blog_footer_text'));
        }
        if (param('single_item_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('single_item_footer_text', T_('Invalid single post footer'));
            $this->set_setting('single_item_footer_text', get_param('single_item_footer_text'));
        }
        if (param('xml_item_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('xml_item_footer_text', T_('Invalid RSS footer'));
            $this->set_setting('xml_item_footer_text', get_param('xml_item_footer_text'));
        }
        if (param('blog_notes', 'html', NULL) !== NULL) {
            // HTML notes:
            param_check_html('blog_notes', T_('Invalid Blog Notes'));
            $this->set('notes', get_param('blog_notes'));
            param_integer_range('max_footer_credits', 0, 3, T_('Max credits must be between %d and %d.'));
            $this->set_setting('max_footer_credits', get_param('max_footer_credits'));
        }
        if (in_array('pings', $groups)) {
            // we want to load the ping checkboxes:
            $blog_ping_plugins = param('blog_ping_plugins', 'array/string', array());
            $blog_ping_plugins = array_unique($blog_ping_plugins);
            $this->set_setting('ping_plugins', implode(',', $blog_ping_plugins));
        }
        if (in_array('authors', $groups)) {
            // we want to load the multiple authors params
            $this->set('advanced_perms', param('advanced_perms', 'integer', 0));
            $this->set_setting('use_workflow', param('blog_use_workflow', 'integer', 0));
        }
        if (in_array('features', $groups)) {
            // we want to load the workflow checkboxes:
            $this->set_setting('allow_html_post', param('allow_html_post', 'integer', 0));
            $this->set_setting('enable_goto_blog', param('enable_goto_blog', 'string', NULL));
            $this->set_setting('editing_goto_blog', param('editing_goto_blog', 'string', NULL));
            $this->set_setting('default_post_status', param('default_post_status', 'string', NULL));
            $this->set_setting('post_categories', param('post_categories', 'string', NULL));
            $this->set_setting('post_navigation', param('post_navigation', 'string', NULL));
            // Show x days or x posts?:
            $this->set_setting('what_to_show', param('what_to_show', 'string', ''));
            param_integer_range('posts_per_page', 1, 9999, T_('Items/days per page must be between %d and %d.'));
            $this->set_setting('posts_per_page', get_param('posts_per_page'));
            $this->set_setting('orderby', param('orderby', 'string', true));
            $this->set_setting('orderdir', param('orderdir', 'string', true));
            // Time frame
            $this->set_setting('timestamp_min', param('timestamp_min', 'string', ''));
            $this->set_setting('timestamp_min_duration', param_duration('timestamp_min_duration'));
            $this->set_setting('timestamp_max', param('timestamp_max', 'string', ''));
            $this->set_setting('timestamp_max_duration', param_duration('timestamp_max_duration'));
            // Location
            $location_country = param('location_country', 'string', 'hidden');
            $location_region = param('location_region', 'string', 'hidden');
            $location_subregion = param('location_subregion', 'string', 'hidden');
            $location_city = param('location_city', 'string', 'hidden');
            if ($location_city == 'required') {
                // If city is required - all location fields also are required
                $location_country = $location_region = $location_subregion = 'required';
            } else {
                if ($location_subregion == 'required') {
                    // If subregion is required - country & region fields also are required
                    $location_country = $location_region = 'required';
                } else {
                    if ($location_region == 'required') {
                        // If region is required - country field also is required
                        $location_country = 'required';
                    }
                }
            }
            $this->set_setting('location_country', $location_country);
            $this->set_setting('location_region', $location_region);
            $this->set_setting('location_subregion', $location_subregion);
            $this->set_setting('location_city', $location_city);
            // Set to show Latitude & Longitude params for this blog items
            $this->set_setting('show_location_coordinates', param('show_location_coordinates', 'integer', 0));
            // Load custom double & varchar fields
            $custom_field_names = array();
            $this->load_custom_fields('double', $update_cascade_query, $custom_field_names);
            $this->load_custom_fields('varchar', $update_cascade_query, $custom_field_names);
            if (!empty($update_cascade_query)) {
                // Some custom fields were deleted and these fields must be deleted from the item settings table also. Add required query.
                $this->CollectionSettings->add_update_cascade($update_cascade_query);
            }
            // call modules update_collection_features on this blog
            modules_call_method('update_collection_features', array('edited_Blog' => &$this));
        }
        if (in_array('comments', $groups)) {
            // we want to load the workflow checkboxes:
            // load moderation statuses
            $moderation_statuses = get_visibility_statuses('moderation');
            $blog_moderation_statuses = array();
            foreach ($moderation_statuses as $status) {
                if (param('notif_' . $status, 'integer', 0)) {
                    $blog_moderation_statuses[] = $status;
                }
            }
            $this->set_setting('moderation_statuses', implode(',', $blog_moderation_statuses));
            $this->set_setting('comment_quick_moderation', param('comment_quick_moderation', 'string', 'expire'));
            $this->set_setting('allow_item_subscriptions', param('allow_item_subscriptions', 'integer', 0));
            $this->set_setting('comments_detect_email', param('comments_detect_email', 'integer', 0));
            $this->set_setting('comments_register', param('comments_register', 'integer', 0));
        }
        if (in_array('other', $groups)) {
            // we want to load the workflow checkboxes:
            $this->set_setting('enable_sitemaps', param('enable_sitemaps', 'integer', 0));
            $this->set_setting('allow_subscriptions', param('allow_subscriptions', 'integer', 0));
            $this->set_setting('allow_item_subscriptions', param('allow_item_subscriptions', 'integer', 0));
            // Public blog list
            $this->set('in_bloglist', param('blog_in_bloglist', 'integer', 0));
            $this->set_setting('image_size_user_list', param('image_size_user_list', 'string'));
            $this->set_setting('image_size_messaging', param('image_size_messaging', 'string'));
            $this->set_setting('archive_mode', param('archive_mode', 'string', true));
        }
        if (param('allow_comments', 'string', NULL) !== NULL) {
            // Feedback options:
            $this->set_setting('allow_comments', param('allow_comments', 'string', 'any'));
            $this->set_setting('allow_view_comments', param('allow_view_comments', 'string', 'any'));
            $new_feedback_status = param('new_feedback_status', 'string', 'draft');
            if ($new_feedback_status != $this->get_setting('new_feedback_status') && ($new_feedback_status != 'published' || $current_User->check_perm('blog_admin', 'edit', false, $this->ID))) {
                // Only admin can set this setting to 'Public'
                $this->set_setting('new_feedback_status', $new_feedback_status);
            }
            $this->set_setting('disable_comments_bypost', param('disable_comments_bypost', 'string', '0'));
            $this->set_setting('allow_anon_url', param('allow_anon_url', 'string', '0'));
            $this->set_setting('allow_html_comment', param('allow_html_comment', 'string', '0'));
            $this->set_setting('allow_attachments', param('allow_attachments', 'string', 'registered'));
            $this->set_setting('max_attachments', param('max_attachments', 'integer', ''));
            $this->set_setting('allow_rating_items', param('allow_rating_items', 'string', 'never'));
            $this->set_setting('rating_question', param('rating_question', 'text'));
            $this->set_setting('allow_rating_comment_helpfulness', param('allow_rating_comment_helpfulness', 'string', '0'));
            $blog_allowtrackbacks = param('blog_allowtrackbacks', 'integer', 0);
            if ($blog_allowtrackbacks != $this->get('allowtrackbacks') && ($blog_allowtrackbacks == 0 || $current_User->check_perm('blog_admin', 'edit', false, $this->ID))) {
                // Only admin can turn ON this setting
                $this->set('allowtrackbacks', $blog_allowtrackbacks);
            }
            $this->set_setting('comments_orderdir', param('comments_orderdir', '/^(?:ASC|DESC)$/', 'ASC'));
            // call modules update_collection_comments on this blog
            modules_call_method('update_collection_comments', array('edited_Blog' => &$this));
            $threaded_comments = param('threaded_comments', 'integer', 0);
            $this->set_setting('threaded_comments', $threaded_comments);
            $this->set_setting('paged_comments', $threaded_comments ? 0 : param('paged_comments', 'integer', 0));
            param_integer_range('comments_per_page', 1, 9999, T_('Comments per page must be between %d and %d.'));
            $this->set_setting('comments_per_page', get_param('comments_per_page'));
            $this->set_setting('comments_avatars', param('comments_avatars', 'integer', 0));
            $this->set_setting('comments_latest', param('comments_latest', 'integer', 0));
        }
        if (in_array('seo', $groups)) {
            // we want to load the workflow checkboxes:
            $this->set_setting('canonical_homepage', param('canonical_homepage', 'integer', 0));
            $this->set_setting('relcanonical_homepage', param('relcanonical_homepage', 'integer', 0));
            $this->set_setting('canonical_item_urls', param('canonical_item_urls', 'integer', 0));
            $this->set_setting('relcanonical_item_urls', param('relcanonical_item_urls', 'integer', 0));
            $this->set_setting('canonical_archive_urls', param('canonical_archive_urls', 'integer', 0));
            $this->set_setting('relcanonical_archive_urls', param('relcanonical_archive_urls', 'integer', 0));
            $this->set_setting('canonical_cat_urls', param('canonical_cat_urls', 'integer', 0));
            $this->set_setting('relcanonical_cat_urls', param('relcanonical_cat_urls', 'integer', 0));
            $this->set_setting('canonical_tag_urls', param('canonical_tag_urls', 'integer', 0));
            $this->set_setting('relcanonical_tag_urls', param('relcanonical_tag_urls', 'integer', 0));
            $this->set_setting('default_noindex', param('default_noindex', 'integer', 0));
            $this->set_setting('paged_noindex', param('paged_noindex', 'integer', 0));
            $this->set_setting('paged_nofollowto', param('paged_nofollowto', 'integer', 0));
            $this->set_setting('archive_noindex', param('archive_noindex', 'integer', 0));
            $this->set_setting('archive_nofollowto', param('archive_nofollowto', 'integer', 0));
            $this->set_setting('chapter_noindex', param('chapter_noindex', 'integer', 0));
            $this->set_setting('tag_noindex', param('tag_noindex', 'integer', 0));
            $this->set_setting('filtered_noindex', param('filtered_noindex', 'integer', 0));
            $this->set_setting('arcdir_noindex', param('arcdir_noindex', 'integer', 0));
            $this->set_setting('catdir_noindex', param('catdir_noindex', 'integer', 0));
            $this->set_setting('feedback-popup_noindex', param('feedback-popup_noindex', 'integer', 0));
            $this->set_setting('msgform_noindex', param('msgform_noindex', 'integer', 0));
            $this->set_setting('special_noindex', param('special_noindex', 'integer', 0));
            $this->set_setting('title_link_type', param('title_link_type', 'string', ''));
            $this->set_setting('permalinks', param('permalinks', 'string', ''));
            $this->set_setting('404_response', param('404_response', 'string', ''));
            $this->set_setting('help_link', param('help_link', 'string', ''));
            $this->set_setting('excerpts_meta_description', param('excerpts_meta_description', 'integer', 0));
            $this->set_setting('categories_meta_description', param('categories_meta_description', 'integer', 0));
            $this->set_setting('tags_meta_keywords', param('tags_meta_keywords', 'integer', 0));
        }
        /*
         * ADVANCED ADMIN SETTINGS
         */
        if ($current_User->check_perm('blog_admin', 'edit', false, $this->ID)) {
            // We have permission to edit advanced admin settings:
            if (in_array('cache', $groups)) {
                // we want to load the cache params:
                $this->set_setting('ajax_form_enabled', param('ajax_form_enabled', 'integer', 0));
                $this->set_setting('ajax_form_loggedin_enabled', param('ajax_form_loggedin_enabled', 'integer', 0));
                $this->set_setting('cache_enabled_widgets', param('cache_enabled_widgets', 'integer', 0));
            }
            if (in_array('styles', $groups)) {
                // we want to load the styles params:
                $this->set('allowblogcss', param('blog_allowblogcss', 'integer', 0));
                $this->set('allowusercss', param('blog_allowusercss', 'integer', 0));
            }
            if (in_array('login', $groups)) {
                // we want to load the login params:
                $this->set_setting('in_skin_login', param('in_skin_login', 'integer', 0));
                $this->set_setting('in_skin_editing', param('in_skin_editing', 'integer', 0));
            }
            if (param('blog_head_includes', 'html', NULL) !== NULL) {
                // HTML header includes:
                param_check_html('blog_head_includes', T_('Invalid Custom meta section'));
                $this->set_setting('head_includes', get_param('blog_head_includes'));
            }
            if (param('blog_footer_includes', 'html', NULL) !== NULL) {
                // HTML header includes:
                param_check_html('blog_footer_includes', T_('Invalid Custom javascript section'));
                $this->set_setting('footer_includes', get_param('blog_footer_includes'));
            }
            if (param('owner_login', 'string', NULL) !== NULL) {
                // Permissions:
                $UserCache =& get_UserCache();
                $owner_User =& $UserCache->get_by_login(get_param('owner_login'));
                if (empty($owner_User)) {
                    param_error('owner_login', sprintf(T_('User «%s» does not exist!'), get_param('owner_login')));
                } else {
                    $this->set('owner_user_ID', $owner_User->ID);
                    $this->owner_User =& $owner_User;
                }
            }
            if (($blog_urlname = param('blog_urlname', 'string', NULL)) !== NULL) {
                // check urlname
                if (param_check_not_empty('blog_urlname', T_('You must provide an URL blog name!'))) {
                    if (!preg_match('|^[A-Za-z0-9\\-]+$|', $blog_urlname)) {
                        param_error('blog_urlname', sprintf(T_('The url name %s is invalid.'), "«{$blog_urlname}»"));
                        $blog_urlname = NULL;
                    }
                    if (isset($blog_urlname) && $DB->get_var('SELECT COUNT(*)
															FROM T_blogs
															WHERE blog_urlname = ' . $DB->quote($blog_urlname) . '
															AND blog_ID <> ' . $this->ID)) {
                        // urlname is already in use
                        param_error('blog_urlname', sprintf(T_('The URL name %s is already in use by another blog. Please choose another name.'), "&laquo;{$blog_urlname}&raquo;"));
                        $blog_urlname = NULL;
                    }
                    if (isset($blog_urlname)) {
                        $this->set_from_Request('urlname');
                    }
                }
            }
            if (($access_type = param('blog_access_type', 'string', NULL)) !== NULL) {
                // Blog URL parameters:
                $this->set('access_type', $access_type);
                if ($access_type == 'absolute') {
                    $blog_siteurl = param('blog_siteurl_absolute', 'string', true);
                    if (preg_match('#^https?://[^/]+/.*#', $blog_siteurl, $matches)) {
                        // It looks like valid absolute URL, so we may update the blog siteurl
                        $this->set('siteurl', $blog_siteurl);
                    } else {
                        // It is not valid absolute URL, don't update the blog 'siteurl' to avoid errors
                        $Messages->add(T_('Blog Folder URL') . ': ' . sprintf(T_('%s is an invalid absolute URL'), '&laquo;' . htmlspecialchars($blog_siteurl) . '&raquo;') . ' ' . T_('You must provide an absolute URL (starting with <code>http://</code> or <code>https://</code>) and it must contain at least one \'/\' sign after the domain name!'), 'error');
                    }
                } elseif ($access_type == 'relative') {
                    // relative siteurl
                    $blog_siteurl = param('blog_siteurl_relative', 'string', true);
                    if (preg_match('#^https?://#', $blog_siteurl)) {
                        $Messages->add(T_('Blog Folder URL') . ': ' . T_('You must provide a relative URL (without <code>http://</code> or <code>https://</code>)!'), 'error');
                    }
                    $this->set('siteurl', $blog_siteurl);
                } else {
                    $this->set('siteurl', '');
                }
            }
            if (param('aggregate_coll_IDs', 'string', NULL) !== NULL) {
                // Aggregate list: (can be '*')
                $aggregate_coll_IDs = get_param('aggregate_coll_IDs');
                if ($aggregate_coll_IDs != '*') {
                    // Sanitize the string
                    $aggregate_coll_IDs = sanitize_id_list($aggregate_coll_IDs);
                }
                // fp> TODO: check perms on each aggregated blog (if changed)
                // fp> TODO: better interface
                if ($aggregate_coll_IDs != '*' && !preg_match('#^([0-9]+(,[0-9]+)*)?$#', $aggregate_coll_IDs)) {
                    param_error('aggregate_coll_IDs', T_('Invalid aggregate blog ID list!'));
                }
                $this->set_setting('aggregate_coll_IDs', $aggregate_coll_IDs);
            }
            if (param('blog_media_location', 'string', NULL) !== NULL) {
                // Media files location:
                $this->set_from_Request('media_location');
                $this->set_media_subdir(param('blog_media_subdir', 'string', ''));
                $this->set_media_fullpath(param('blog_media_fullpath', 'string', ''));
                $this->set_media_url(param('blog_media_url', 'string', ''));
                // check params
                switch ($this->get('media_location')) {
                    case 'custom':
                        // custom path and URL
                        global $demo_mode, $media_path;
                        if ($this->get('media_fullpath') == '') {
                            param_error('blog_media_fullpath', T_('Media dir location') . ': ' . T_('You must provide the full path of the media directory.'));
                        }
                        if (!preg_match('#^https?://#', $this->get('media_url'))) {
                            param_error('blog_media_url', T_('Media dir location') . ': ' . T_('You must provide an absolute URL (starting with <code>http://</code> or <code>https://</code>)!'));
                        }
                        if ($demo_mode) {
                            $canonical_fullpath = get_canonical_path($this->get('media_fullpath'));
                            if (!$canonical_fullpath || strpos($canonical_fullpath, $media_path) !== 0) {
                                param_error('blog_media_fullpath', T_('Media dir location') . ': in demo mode the path must be inside of $media_path.');
                            }
                        }
                        break;
                    case 'subdir':
                        global $media_path;
                        if ($this->get('media_subdir') == '') {
                            param_error('blog_media_subdir', T_('Media dir location') . ': ' . T_('You must provide the media subdirectory.'));
                        } else {
                            // Test if it's below $media_path (subdir!)
                            $canonical_path = get_canonical_path($media_path . $this->get('media_subdir'));
                            if (!$canonical_path || strpos($canonical_path, $media_path) !== 0) {
                                param_error('blog_media_subdir', T_('Media dir location') . ': ' . sprintf(T_('Invalid subdirectory &laquo;%s&raquo;.'), format_to_output($this->get('media_subdir'))));
                            } else {
                                // Validate if it's a valid directory name:
                                $subdir = no_trailing_slash(substr($canonical_path, strlen($media_path)));
                                if ($error = validate_dirname($subdir)) {
                                    param_error('blog_media_subdir', T_('Media dir location') . ': ' . $error);
                                }
                            }
                        }
                        break;
                }
            }
        }
        return !param_errors_detected();
    }
Esempio n. 3
0
 if ($success && empty($read_only_list)) {
     // We can backup files and database
     // Load Backup class (PHP4) and backup all of the folders and files
     load_class('maintenance/model/_backup.class.php', 'Backup');
     $Backup = new Backup();
     $Backup->include_all();
     if (!function_exists('gzopen')) {
         $Backup->pack_backup_files = false;
     }
     // Start backup
     if ($success = $Backup->start_backup()) {
         // We can upgrade files and database
         // Copying new folders and files
         echo '<h4>' . T_('Copying new folders and files...') . '</h4>';
         evo_flush();
         $success = verify_overwrite($upgrade_folder_path, no_trailing_slash($basepath), 'Copying', true, $read_only_list);
         if (!$success || !empty($read_only_list)) {
             // In case if something was changed before the previous verify_overwrite check
             echo '<p style="color:red"><strong>' . T_('The files and database backup was created successfully but all folders and files could not be overwritten');
             if (empty($read_only_list)) {
                 // There was some error in the verify_overwrite() function, but the corresponding error message was already displayed.
                 echo '.</strong></p>';
             } else {
                 // Some file/folder could not be overwritten, display it
                 echo ':</strong></p>';
                 foreach ($read_only_list as $read_only_file) {
                     echo $read_only_file . '<br/>';
                 }
             }
             echo '<p style="color:red"><strong>' . sprintf(T_('Please restore the backup files from the &laquo;%s&raquo; package. The database was not changed.'), $backup_path) . '</strong></p>';
             evo_flush();
Esempio n. 4
0
 /**
  * Constructor, not meant to be called directly. Use {@link FileCache::get_by_path()}
  * instead, which provides caching and checks that only one object for
  * a unique file exists (references).
  *
  * @param string Root type: 'user', 'group', 'collection' or 'absolute'
  * @param integer ID of the user, the group or the collection the file belongs to...
  * @param string Posix subpath for this file/folder, relative to the associated root (no trailing slash)
  * @param boolean check for meta data?
  * @return mixed false on failure, File object on success
  */
 function File($root_type, $root_ID, $rdfp_rel_path, $load_meta = false)
 {
     global $Debuglog;
     $Debuglog->add("new File( {$root_type}, {$root_ID}, {$rdfp_rel_path}, load_meta={$load_meta})", 'files');
     // Call parent constructor
     parent::DataObject('T_files', 'file_', 'file_ID', '', '', '', '');
     $this->delete_restrictions = array(array('table' => 'T_links', 'fk' => 'link_file_ID', 'msg' => T_('%d linked items')));
     // Memorize filepath:
     $FileRootCache =& get_Cache('FileRootCache');
     $this->_FileRoot =& $FileRootCache->get_by_type_and_ID($root_type, $root_ID);
     $this->_rdfp_rel_path = no_trailing_slash(str_replace('\\', '/', $rdfp_rel_path));
     $this->_adfp_full_path = $this->_FileRoot->ads_path . $this->_rdfp_rel_path;
     $this->_name = basename($this->_adfp_full_path);
     $this->_dir = dirname($this->_adfp_full_path) . '/';
     $this->_md5ID = md5($this->_adfp_full_path);
     // Create the filetype with the extension of the file if the extension exist in database
     if ($ext = $this->get_ext()) {
         // The file has an extension, load filetype object
         $FiletypeCache =& get_Cache('FiletypeCache');
         $this->Filetype =& $FiletypeCache->get_by_extension(strtolower($ext), false);
     }
     // Initializes file properties (type, size, perms...)
     $this->load_properties();
     if ($load_meta) {
         // Try to load DB meta info:
         $this->load_meta();
     }
 }
Esempio n. 5
0
    /**
     * Load data from Request form fields.
     *
     * @param array groups of params to load
     * @return boolean true if loaded data seems valid.
     */
    function load_from_Request($groups = array())
    {
        global $Messages, $default_locale, $DB;
        /**
         * @var User
         */
        global $current_User;
        // Load collection settings and clear update cascade array
        $this->load_CollectionSettings();
        if (param('blog_name', 'string', NULL) !== NULL) {
            // General params:
            $this->set_from_Request('name');
            $this->set('shortname', param('blog_shortname', 'string', true));
            // Language / locale:
            if (param('blog_locale', 'string', NULL) !== NULL) {
                // These settings can be hidden when only one locale is enaled in the system
                $this->set_from_Request('locale');
                $this->set_setting('locale_source', param('blog_locale_source', 'string', 'blog'));
                $this->set_setting('post_locale_source', param('blog_post_locale_source', 'string', 'post'));
            }
            // Collection permissions:
            $this->set('advanced_perms', param('advanced_perms', 'integer', 0));
            $this->set_setting('allow_access', param('blog_allow_access', 'string', ''));
            if ($this->get_setting('allow_access') == 'users' || $this->get_setting('allow_access') == 'members') {
                // Disable site maps, feeds and ping plugins when access is restricted on this blog
                $this->set_setting('enable_sitemaps', 0);
                $this->set_setting('feed_content', 'none');
                $this->set_setting('ping_plugins', '');
            }
            // Lists of collections:
            $this->set('order', param('blog_order', 'integer'));
            $this->set('in_bloglist', param('blog_in_bloglist', 'string', 'public'));
            $this->set('favorite', param('favorite', 'integer', 0));
        }
        if (param('archive_links', 'string', NULL) !== NULL) {
            // Archive link type:
            $this->set_setting('archive_links', get_param('archive_links'));
            $this->set_setting('archive_posts_per_page', param('archive_posts_per_page', 'integer', NULL), true);
        }
        if (param('chapter_links', 'string', NULL) !== NULL) {
            // Chapter link type:
            $this->set_setting('chapter_links', get_param('chapter_links'));
        }
        if (param('category_prefix', 'string', NULL) !== NULL) {
            $category_prefix = get_param('category_prefix');
            if (!preg_match('|^([A-Za-z0-9\\-_]+(/[A-Za-z0-9\\-_]+)*)?$|', $category_prefix)) {
                param_error('category_prefix', T_('Invalid category prefix.'));
            }
            $this->set_setting('category_prefix', $category_prefix);
        }
        if (param('atom_redirect', 'string', NULL) !== NULL) {
            param_check_url('atom_redirect', 'commenting');
            $this->set_setting('atom_redirect', get_param('atom_redirect'));
            param('rss2_redirect', 'string', NULL);
            param_check_url('rss2_redirect', 'commenting');
            $this->set_setting('rss2_redirect', get_param('rss2_redirect'));
        }
        if (param('image_size', 'string', NULL) !== NULL) {
            $this->set_setting('image_size', get_param('image_size'));
        }
        if (param('tag_links', 'string', NULL) !== NULL) {
            // Tag page link type:
            $this->set_setting('tag_links', get_param('tag_links'));
        }
        if (param('tag_prefix', 'string', NULL) !== NULL) {
            $tag_prefix = get_param('tag_prefix');
            if (!preg_match('|^([A-Za-z0-9\\-_]+(/[A-Za-z0-9\\-_]+)*)?$|', $tag_prefix)) {
                param_error('tag_prefix', T_('Invalid tag prefix.'));
            }
            $this->set_setting('tag_prefix', $tag_prefix);
        }
        // Default to "tag", if "prefix-only" is used, but no tag_prefix was provided.
        if (get_param('tag_links') == 'prefix-only' && !strlen(param('tag_prefix', 'string', NULL))) {
            $this->set_setting('tag_prefix', 'tag');
        }
        // Use rel="tag" attribute? (checkbox)
        $this->set_setting('tag_rel_attib', param('tag_rel_attib', 'integer', 0));
        if (param('chapter_content', 'string', NULL) !== NULL) {
            // What kind of content on chapter pages?
            $this->set_setting('chapter_content', get_param('chapter_content'));
        }
        if (param('tag_content', 'string', NULL) !== NULL) {
            // What kind of content on tags pages?
            $this->set_setting('tag_content', get_param('tag_content'));
        }
        if (param('archive_content', 'string', NULL) !== NULL) {
            // What kind of content on archive pages?
            $this->set_setting('archive_content', get_param('archive_content'));
        }
        if (param('filtered_content', 'string', NULL) !== NULL) {
            // What kind of content on filtered pages?
            $this->set_setting('filtered_content', get_param('filtered_content'));
        }
        if (param('main_content', 'string', NULL) !== NULL) {
            // What kind of content on main pages?
            $this->set_setting('main_content', get_param('main_content'));
        }
        // Chapter posts per page:
        $this->set_setting('chapter_posts_per_page', param('chapter_posts_per_page', 'integer', NULL), true);
        // Tag posts per page:
        $this->set_setting('tag_posts_per_page', param('tag_posts_per_page', 'integer', NULL), true);
        if (param('single_links', 'string', NULL) !== NULL) {
            // Single post link type:
            $this->set_setting('single_links', get_param('single_links'));
        }
        if (param('slug_limit', 'integer', NULL) !== NULL) {
            // Limit slug length:
            $this->set_setting('slug_limit', get_param('slug_limit'));
        }
        if (param('normal_skin_ID', 'integer', NULL) !== NULL) {
            // Normal skin ID:
            $this->set_setting('normal_skin_ID', get_param('normal_skin_ID'));
        }
        if (param('mobile_skin_ID', 'integer', NULL) !== NULL) {
            // Mobile skin ID:
            if (get_param('mobile_skin_ID') == 0) {
                // Don't store this empty setting in DB
                $this->delete_setting('mobile_skin_ID');
            } else {
                // Set mobile skin
                $this->set_setting('mobile_skin_ID', get_param('mobile_skin_ID'));
            }
        }
        if (param('tablet_skin_ID', 'integer', NULL) !== NULL) {
            // Tablet skin ID:
            if (get_param('tablet_skin_ID') == 0) {
                // Don't store this empty setting in DB
                $this->delete_setting('tablet_skin_ID');
            } else {
                // Set tablet skin
                $this->set_setting('tablet_skin_ID', get_param('tablet_skin_ID'));
            }
        }
        if (param('archives_sort_order', 'string', NULL) !== NULL) {
            // Archive sorting
            $this->set_setting('archives_sort_order', param('archives_sort_order', 'string', false));
        }
        if (param('download_delay', 'integer', NULL) !== NULL) {
            // Download delay
            param_check_range('download_delay', 0, 10, T_('Download delay must be numeric (0-10).'));
            $this->set_setting('download_delay', get_param('download_delay'));
        }
        if (param('feed_content', 'string', NULL) !== NULL) {
            // How much content in feeds?
            $this->set_setting('feed_content', get_param('feed_content'));
            param_integer_range('posts_per_feed', 1, 9999, T_('Items per feed must be between %d and %d.'));
            $this->set_setting('posts_per_feed', get_param('posts_per_feed'));
        }
        if (param('comment_feed_content', 'string', NULL) !== NULL) {
            // How much content in comment feeds?
            $this->set_setting('comment_feed_content', get_param('comment_feed_content'));
            param_integer_range('comments_per_feed', 1, 9999, T_('Comments per feed must be between %d and %d.'));
            $this->set_setting('comments_per_feed', get_param('comments_per_feed'));
        }
        if (param('blog_shortdesc', 'string', NULL) !== NULL) {
            // Description:
            $this->set_from_Request('shortdesc');
        }
        if (param('blog_keywords', 'string', NULL) !== NULL) {
            // Keywords:
            $this->set_from_Request('keywords');
        }
        if (param('blog_tagline', 'html', NULL) !== NULL) {
            // HTML tagline:
            param_check_html('blog_tagline', T_('Invalid tagline'));
            $this->set('tagline', get_param('blog_tagline'));
        }
        if (param('blog_longdesc', 'html', NULL) !== NULL) {
            // HTML long description:
            param_check_html('blog_longdesc', T_('Invalid long description'));
            $this->set('longdesc', get_param('blog_longdesc'));
        }
        if (param('blog_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('blog_footer_text', T_('Invalid blog footer'));
            $this->set_setting('blog_footer_text', get_param('blog_footer_text'));
        }
        if (param('single_item_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('single_item_footer_text', T_('Invalid single post footer'));
            $this->set_setting('single_item_footer_text', get_param('single_item_footer_text'));
        }
        if (param('xml_item_footer_text', 'html', NULL) !== NULL) {
            // Blog footer:
            param_check_html('xml_item_footer_text', T_('Invalid RSS footer'));
            $this->set_setting('xml_item_footer_text', get_param('xml_item_footer_text'));
        }
        if (param('blog_notes', 'html', NULL) !== NULL) {
            // HTML notes:
            param_check_html('blog_notes', T_('Invalid Blog Notes'));
            $this->set('notes', get_param('blog_notes'));
            param_integer_range('max_footer_credits', 0, 3, T_('Max credits must be between %d and %d.'));
            $this->set_setting('max_footer_credits', get_param('max_footer_credits'));
        }
        if (in_array('pings', $groups)) {
            // we want to load the ping checkboxes:
            $blog_ping_plugins = param('blog_ping_plugins', 'array:string', array());
            $blog_ping_plugins = array_unique($blog_ping_plugins);
            $this->set_setting('ping_plugins', implode(',', $blog_ping_plugins));
        }
        if (in_array('authors', $groups)) {
            // we want to load the workflow & permissions params
            $this->set_setting('use_workflow', param('blog_use_workflow', 'integer', 0));
        }
        if (in_array('home', $groups)) {
            // we want to load the front page params:
            $front_disp = param('front_disp', 'string', '');
            $this->set_setting('front_disp', $front_disp);
            $front_post_ID = param('front_post_ID', 'integer', 0);
            if ($front_disp == 'page') {
                // Post ID must be required
                param_check_not_empty('front_post_ID', T_('Please enter a specific post ID'));
            }
            $this->set_setting('front_post_ID', $front_post_ID);
        }
        if (in_array('features', $groups)) {
            // we want to load the workflow checkboxes:
            $this->set_setting('enable_goto_blog', param('enable_goto_blog', 'string', NULL));
            $this->set_setting('editing_goto_blog', param('editing_goto_blog', 'string', NULL));
            $this->set_setting('default_post_status', param('default_post_status', 'string', NULL));
            $this->set_setting('post_categories', param('post_categories', 'string', NULL));
            $this->set_setting('post_navigation', param('post_navigation', 'string', NULL));
            // Show x days or x posts?:
            $this->set_setting('what_to_show', param('what_to_show', 'string', ''));
            param_integer_range('posts_per_page', 1, 9999, T_('Items/days per page must be between %d and %d.'));
            $this->set_setting('posts_per_page', get_param('posts_per_page'));
            $this->set_setting('orderby', param('orderby', 'string', true));
            $this->set_setting('orderdir', param('orderdir', 'string', true));
            // Front office statuses
            $this->load_inskin_statuses('post');
            // Time frame
            $this->set_setting('timestamp_min', param('timestamp_min', 'string', ''));
            $this->set_setting('timestamp_min_duration', param_duration('timestamp_min_duration'));
            $this->set_setting('timestamp_max', param('timestamp_max', 'string', ''));
            $this->set_setting('timestamp_max_duration', param_duration('timestamp_max_duration'));
            // call modules update_collection_features on this blog
            modules_call_method('update_collection_features', array('edited_Blog' => &$this));
            // load post moderation statuses
            $moderation_statuses = get_visibility_statuses('moderation');
            $post_moderation_statuses = array();
            foreach ($moderation_statuses as $status) {
                if (param('post_notif_' . $status, 'integer', 0)) {
                    $post_moderation_statuses[] = $status;
                }
            }
            $this->set_setting('post_moderation_statuses', implode(',', $post_moderation_statuses));
        }
        if (in_array('comments', $groups)) {
            // we want to load the comments settings:
            // load moderation statuses
            $moderation_statuses = get_visibility_statuses('moderation');
            $blog_moderation_statuses = array();
            foreach ($moderation_statuses as $status) {
                if (param('notif_' . $status, 'integer', 0)) {
                    $blog_moderation_statuses[] = $status;
                }
            }
            $this->set_setting('moderation_statuses', implode(',', $blog_moderation_statuses));
            $this->set_setting('comment_quick_moderation', param('comment_quick_moderation', 'string', 'expire'));
            $this->set_setting('allow_item_subscriptions', param('allow_item_subscriptions', 'integer', 0));
            $this->set_setting('comments_detect_email', param('comments_detect_email', 'integer', 0));
            $this->set_setting('comments_register', param('comments_register', 'integer', 0));
        }
        if (in_array('other', $groups)) {
            // we want to load the other settings:
            // Search results:
            param_integer_range('search_per_page', 1, 9999, T_('Number of search results per page must be between %d and %d.'));
            $this->set_setting('search_per_page', get_param('search_per_page'));
            // Latest comments :
            param_integer_range('latest_comments_num', 1, 9999, T_('Number of shown comments must be between %d and %d.'));
            $this->set_setting('latest_comments_num', get_param('latest_comments_num'));
            // User directory:
            $this->set_setting('image_size_user_list', param('image_size_user_list', 'string'));
            // Messaging pages:
            $this->set_setting('image_size_messaging', param('image_size_messaging', 'string'));
            // Archive pages:
            $this->set_setting('archive_mode', param('archive_mode', 'string', true));
        }
        if (in_array('more', $groups)) {
            // we want to load more settings:
            // Tracking:
            $this->set_setting('track_unread_content', param('track_unread_content', 'integer', 0));
            // Subscriptions:
            $this->set_setting('allow_subscriptions', param('allow_subscriptions', 'integer', 0));
            $this->set_setting('allow_item_subscriptions', param('allow_item_subscriptions', 'integer', 0));
            // Sitemaps:
            $this->set_setting('enable_sitemaps', param('enable_sitemaps', 'integer', 0));
        }
        if (param('allow_comments', 'string', NULL) !== NULL) {
            // Feedback options:
            $this->set_setting('allow_comments', param('allow_comments', 'string', 'any'));
            $this->set_setting('allow_view_comments', param('allow_view_comments', 'string', 'any'));
            $new_feedback_status = param('new_feedback_status', 'string', 'draft');
            if ($new_feedback_status != $this->get_setting('new_feedback_status') && ($new_feedback_status != 'published' || $current_User->check_perm('blog_admin', 'edit', false, $this->ID))) {
                // Only admin can set this setting to 'Public'
                $this->set_setting('new_feedback_status', $new_feedback_status);
            }
            $this->set_setting('allow_anon_url', param('allow_anon_url', 'string', '0'));
            $this->set_setting('allow_html_comment', param('allow_html_comment', 'string', '0'));
            $this->set_setting('allow_attachments', param('allow_attachments', 'string', 'registered'));
            $this->set_setting('max_attachments', param('max_attachments', 'integer', ''));
            $this->set_setting('autocomplete_usernames', param('autocomplete_usernames', 'integer', ''));
            $this->set_setting('display_rating_summary', param('display_rating_summary', 'string', '0'));
            $this->set_setting('allow_rating_items', param('allow_rating_items', 'string', 'never'));
            $this->set_setting('rating_question', param('rating_question', 'text'));
            $this->set_setting('allow_rating_comment_helpfulness', param('allow_rating_comment_helpfulness', 'string', '0'));
            $blog_allowtrackbacks = param('blog_allowtrackbacks', 'integer', 0);
            if ($blog_allowtrackbacks != $this->get('allowtrackbacks') && ($blog_allowtrackbacks == 0 || $current_User->check_perm('blog_admin', 'edit', false, $this->ID))) {
                // Only admin can turn ON this setting
                $this->set('allowtrackbacks', $blog_allowtrackbacks);
            }
            $this->set_setting('comments_orderdir', param('comments_orderdir', '/^(?:ASC|DESC)$/', 'ASC'));
            // call modules update_collection_comments on this blog
            modules_call_method('update_collection_comments', array('edited_Blog' => &$this));
            $threaded_comments = param('threaded_comments', 'integer', 0);
            $this->set_setting('threaded_comments', $threaded_comments);
            $this->set_setting('paged_comments', $threaded_comments ? 0 : param('paged_comments', 'integer', 0));
            param_integer_range('comments_per_page', 1, 9999, T_('Comments per page must be between %d and %d.'));
            $this->set_setting('comments_per_page', get_param('comments_per_page'));
            $this->set_setting('comments_avatars', param('comments_avatars', 'integer', 0));
            $this->set_setting('comments_latest', param('comments_latest', 'integer', 0));
            // load blog front office comment statuses
            $this->load_inskin_statuses('comment');
        }
        if (in_array('seo', $groups)) {
            // we want to load the workflow checkboxes:
            $this->set_setting('canonical_homepage', param('canonical_homepage', 'integer', 0));
            $this->set_setting('relcanonical_homepage', param('relcanonical_homepage', 'integer', 0));
            $this->set_setting('canonical_item_urls', param('canonical_item_urls', 'integer', 0));
            $this->set_setting('relcanonical_item_urls', param('relcanonical_item_urls', 'integer', 0));
            $this->set_setting('canonical_archive_urls', param('canonical_archive_urls', 'integer', 0));
            $this->set_setting('relcanonical_archive_urls', param('relcanonical_archive_urls', 'integer', 0));
            $this->set_setting('canonical_cat_urls', param('canonical_cat_urls', 'integer', 0));
            $this->set_setting('relcanonical_cat_urls', param('relcanonical_cat_urls', 'integer', 0));
            $this->set_setting('canonical_tag_urls', param('canonical_tag_urls', 'integer', 0));
            $this->set_setting('relcanonical_tag_urls', param('relcanonical_tag_urls', 'integer', 0));
            $this->set_setting('default_noindex', param('default_noindex', 'integer', 0));
            $this->set_setting('paged_noindex', param('paged_noindex', 'integer', 0));
            $this->set_setting('paged_nofollowto', param('paged_nofollowto', 'integer', 0));
            $this->set_setting('archive_noindex', param('archive_noindex', 'integer', 0));
            $this->set_setting('archive_nofollowto', param('archive_nofollowto', 'integer', 0));
            $this->set_setting('chapter_noindex', param('chapter_noindex', 'integer', 0));
            $this->set_setting('tag_noindex', param('tag_noindex', 'integer', 0));
            $this->set_setting('filtered_noindex', param('filtered_noindex', 'integer', 0));
            $this->set_setting('arcdir_noindex', param('arcdir_noindex', 'integer', 0));
            $this->set_setting('catdir_noindex', param('catdir_noindex', 'integer', 0));
            $this->set_setting('feedback-popup_noindex', param('feedback-popup_noindex', 'integer', 0));
            $this->set_setting('msgform_noindex', param('msgform_noindex', 'integer', 0));
            $this->set_setting('special_noindex', param('special_noindex', 'integer', 0));
            $this->set_setting('title_link_type', param('title_link_type', 'string', ''));
            $this->set_setting('permalinks', param('permalinks', 'string', ''));
            $this->set_setting('404_response', param('404_response', 'string', ''));
            $this->set_setting('help_link', param('help_link', 'string', ''));
            $this->set_setting('excerpts_meta_description', param('excerpts_meta_description', 'integer', 0));
            $this->set_setting('categories_meta_description', param('categories_meta_description', 'integer', 0));
            $this->set_setting('tags_meta_keywords', param('tags_meta_keywords', 'integer', 0));
            $this->set_setting('tags_open_graph', param('tags_open_graph', 'integer', 0));
            $this->set_setting('download_noindex', param('download_noindex', 'integer', 0));
            $this->set_setting('download_nofollowto', param('download_nofollowto', 'integer', 0));
        }
        /*
         * ADVANCED ADMIN SETTINGS
         */
        if ($current_User->check_perm('blog_admin', 'edit', false, $this->ID)) {
            // We have permission to edit advanced admin settings:
            if (in_array('cache', $groups)) {
                // we want to load the cache params:
                $this->set_setting('ajax_form_enabled', param('ajax_form_enabled', 'integer', 0));
                $this->set_setting('ajax_form_loggedin_enabled', param('ajax_form_loggedin_enabled', 'integer', 0));
                $this->set_setting('cache_enabled_widgets', param('cache_enabled_widgets', 'integer', 0));
            }
            if (in_array('styles', $groups)) {
                // we want to load the styles params:
                $this->set('allowblogcss', param('blog_allowblogcss', 'integer', 0));
                $this->set('allowusercss', param('blog_allowusercss', 'integer', 0));
            }
            if (in_array('login', $groups)) {
                // we want to load the login params:
                if (!get_setting_Blog('login_blog_ID')) {
                    // Update this only when no blog is defined for login/registration
                    $this->set_setting('in_skin_login', param('in_skin_login', 'integer', 0));
                }
                $this->set_setting('in_skin_editing', param('in_skin_editing', 'integer', 0));
            }
            if (param('blog_head_includes', 'html', NULL) !== NULL) {
                // HTML header includes:
                param_check_html('blog_head_includes', T_('Invalid Custom meta tag/css section.'), '#', 'head_extension');
                $this->set_setting('head_includes', get_param('blog_head_includes'));
            }
            if (param('blog_footer_includes', 'html', NULL) !== NULL) {
                // HTML header includes:
                param_check_html('blog_footer_includes', T_('Invalid Custom javascript section'));
                $this->set_setting('footer_includes', get_param('blog_footer_includes'));
            }
            if (param('owner_login', 'string', NULL) !== NULL) {
                // Permissions:
                $UserCache =& get_UserCache();
                $owner_User =& $UserCache->get_by_login(get_param('owner_login'));
                if (empty($owner_User)) {
                    param_error('owner_login', sprintf(T_('User &laquo;%s&raquo; does not exist!'), get_param('owner_login')));
                } else {
                    $this->set('owner_user_ID', $owner_User->ID);
                    $this->owner_User =& $owner_User;
                }
            }
            if (($blog_urlname = param('blog_urlname', 'string', NULL)) !== NULL) {
                // check urlname
                if (param_check_not_empty('blog_urlname', T_('You must provide an URL collection name!'))) {
                    if (!preg_match('|^[A-Za-z0-9\\-]+$|', $blog_urlname)) {
                        param_error('blog_urlname', sprintf(T_('The url name %s is invalid.'), "&laquo;{$blog_urlname}&raquo;"));
                        $blog_urlname = NULL;
                    }
                    if (isset($blog_urlname) && $DB->get_var('SELECT COUNT(*)
															FROM T_blogs
															WHERE blog_urlname = ' . $DB->quote($blog_urlname) . '
															AND blog_ID <> ' . $this->ID)) {
                        // urlname is already in use
                        param_error('blog_urlname', sprintf(T_('The URL name %s is already in use by another collection. Please choose another name.'), "&laquo;{$blog_urlname}&raquo;"));
                        $blog_urlname = NULL;
                    }
                    if (isset($blog_urlname)) {
                        // Set new urlname and save old media dir in order to rename folder to new
                        $old_media_dir = $this->get_media_dir(false);
                        $this->set_from_Request('urlname');
                    }
                }
            }
            if (($access_type = param('blog_access_type', 'string', NULL)) !== NULL) {
                // Blog URL parameters:
                // Note: We must avoid to set an invalid url, because the new blog url will be displayed in the evobar even if it was not saved
                $allow_new_access_type = true;
                if ($access_type == 'absolute') {
                    $blog_siteurl = param('blog_siteurl_absolute', 'string', true);
                    if (preg_match('#^https?://[^/]+/.*#', $blog_siteurl, $matches)) {
                        // It looks like valid absolute URL, so we may update the blog siteurl
                        $this->set('siteurl', $blog_siteurl);
                    } else {
                        // It is not valid absolute URL, don't update the blog 'siteurl' to avoid errors
                        $allow_new_access_type = false;
                        // If site url is not updated do not allow access_type update either
                        $Messages->add(T_('Collection Folder URL') . ': ' . sprintf(T_('%s is an invalid absolute URL'), '&laquo;' . htmlspecialchars($blog_siteurl) . '&raquo;') . '. ' . T_('You must provide an absolute URL (starting with <code>http://</code> or <code>https://</code>) and it must contain at least one \'/\' sign after the domain name!'), 'error');
                    }
                } elseif ($access_type == 'relative') {
                    // relative siteurl
                    $blog_siteurl = param('blog_siteurl_relative', 'string', true);
                    if (preg_match('#^https?://#', $blog_siteurl)) {
                        $Messages->add(T_('Blog Folder URL') . ': ' . T_('You must provide a relative URL (without <code>http://</code> or <code>https://</code>)!'), 'error');
                    }
                    $this->set('siteurl', $blog_siteurl);
                } else {
                    $this->set('siteurl', '');
                }
                if ($allow_new_access_type) {
                    // The received siteurl value was correct, may update the access_type value
                    $this->set('access_type', $access_type);
                }
            }
            if (param('aggregate_coll_IDs', 'string', NULL) !== NULL) {
                // Aggregate list: (can be '*')
                $aggregate_coll_IDs = get_param('aggregate_coll_IDs');
                if ($aggregate_coll_IDs != '*') {
                    // Sanitize the string
                    $aggregate_coll_IDs = sanitize_id_list($aggregate_coll_IDs);
                }
                // fp> TODO: check perms on each aggregated blog (if changed)
                // fp> TODO: better interface
                if ($aggregate_coll_IDs != '*' && !preg_match('#^([0-9]+(,[0-9]+)*)?$#', $aggregate_coll_IDs)) {
                    param_error('aggregate_coll_IDs', T_('Invalid aggregate collection ID list!'));
                }
                $this->set_setting('aggregate_coll_IDs', $aggregate_coll_IDs);
            }
            $media_location = param('blog_media_location', 'string', NULL);
            if ($media_location !== NULL) {
                // Media files location:
                $old_media_dir = $this->get_media_dir(false);
                $old_media_location = $this->get('media_location');
                $this->set_from_Request('media_location');
                $this->set_media_subdir(param('blog_media_subdir', 'string', ''));
                $this->set_media_fullpath(param('blog_media_fullpath', 'string', ''));
                $this->set_media_url(param('blog_media_url', 'string', ''));
                // check params
                switch ($this->get('media_location')) {
                    case 'custom':
                        // custom path and URL
                        global $demo_mode, $media_path;
                        if ($this->get('media_fullpath') == '') {
                            param_error('blog_media_fullpath', T_('Media dir location') . ': ' . T_('You must provide the full path of the media directory.'));
                        }
                        if (!preg_match('#^https?://#', $this->get('media_url'))) {
                            param_error('blog_media_url', T_('Media dir location') . ': ' . T_('You must provide an absolute URL (starting with <code>http://</code> or <code>https://</code>)!'));
                        }
                        if ($demo_mode) {
                            $canonical_fullpath = get_canonical_path($this->get('media_fullpath'));
                            if (!$canonical_fullpath || strpos($canonical_fullpath, $media_path) !== 0) {
                                param_error('blog_media_fullpath', T_('Media dir location') . ': in demo mode the path must be inside of $media_path.');
                            }
                        }
                        break;
                    case 'subdir':
                        global $media_path;
                        if ($this->get('media_subdir') == '') {
                            param_error('blog_media_subdir', T_('Media dir location') . ': ' . T_('You must provide the media subdirectory.'));
                        } else {
                            // Test if it's below $media_path (subdir!)
                            $canonical_path = get_canonical_path($media_path . $this->get('media_subdir'));
                            if (!$canonical_path || strpos($canonical_path, $media_path) !== 0) {
                                param_error('blog_media_subdir', T_('Media dir location') . ': ' . sprintf(T_('Invalid subdirectory &laquo;%s&raquo;.'), format_to_output($this->get('media_subdir'))));
                            } else {
                                // Validate if it's a valid directory name:
                                $subdir = no_trailing_slash(substr($canonical_path, strlen($media_path)));
                                if ($error = validate_dirname($subdir)) {
                                    param_error('blog_media_subdir', T_('Media dir location') . ': ' . $error);
                                    syslog_insert(sprintf('Invalid name is detected for folder %s', '<b>' . $subdir . '</b>'), 'warning', 'file');
                                }
                            }
                        }
                        break;
                }
            }
            if (!param_errors_detected() && !empty($old_media_dir)) {
                // No error were detected before and possibly the media directory path was updated, check if it can be managed
                $this->check_media_dir_change($old_media_dir, isset($old_media_location) ? $old_media_location : NULL);
            }
        }
        return !param_errors_detected();
    }
Esempio n. 6
0
 /**
  * Backup database
  *
  * @param string backup directory path
  */
 function backup_database($backup_dirpath)
 {
     global $DB, $db_config, $backup_tables, $inc_path;
     echo '<h4>' . T_('Creating database backup...') . '</h4>';
     evo_flush();
     // Collect all included tables
     $ready_to_backup = array();
     foreach ($this->backup_tables as $name => $included) {
         if ($included) {
             $tables = aliases_to_tables($backup_tables[$name]['table']);
             if (is_array($tables)) {
                 $ready_to_backup = array_merge($ready_to_backup, $tables);
             } elseif ($tables == '*') {
                 foreach ($DB->get_results('SHOW TABLES', ARRAY_N) as $row) {
                     $ready_to_backup[] = $row[0];
                 }
             } else {
                 $ready_to_backup[] = $tables;
             }
         }
     }
     // Ensure there are no duplicated tables
     $ready_to_backup = array_unique($ready_to_backup);
     // Exclude tables
     foreach ($this->backup_tables as $name => $included) {
         if (!$included) {
             $tables = aliases_to_tables($backup_tables[$name]['table']);
             if (is_array($tables)) {
                 $ready_to_backup = array_diff($ready_to_backup, $tables);
             } elseif ($tables != '*') {
                 $index = array_search($tables, $ready_to_backup);
                 if ($index) {
                     unset($ready_to_backup[$index]);
                 }
             }
         }
     }
     // Create and save created SQL backup script
     $backup_sql_filename = 'db.sql';
     $backup_sql_filepath = $backup_dirpath . $backup_sql_filename;
     // Check if backup file exists
     if (file_exists($backup_sql_filepath)) {
         // Stop tables backup, because backup file exists
         echo '<p style="color:red">' . sprintf(T_('Unable to write database dump. Database dump already exists: &laquo;%s&raquo;'), $backup_sql_filepath) . '</p>';
         evo_flush();
         return false;
     }
     $f = @fopen($backup_sql_filepath, 'w+');
     if ($f == false) {
         // Stop backup, because it can't open backup file for writing
         echo '<p style="color:red">' . sprintf(T_('Unable to write database dump. Could not open &laquo;%s&raquo; for writing.'), $backup_sql_filepath) . '</p>';
         evo_flush();
         return false;
     }
     echo sprintf(T_('Dumping tables to &laquo;<strong>%s</strong>&raquo;...'), $backup_sql_filepath) . '<br/>';
     evo_flush();
     // Create and save created SQL backup script
     foreach ($ready_to_backup as $table) {
         // progressive display of what backup is doing
         echo sprintf(T_('Backing up table &laquo;<strong>%s</strong>&raquo; ...'), $table);
         evo_flush();
         $row_table_data = $DB->get_row('SHOW CREATE TABLE ' . $table, ARRAY_N);
         fwrite($f, $row_table_data[1] . ";\n\n");
         $values_list = array();
         foreach ($DB->get_results('SELECT * FROM ' . $table, ARRAY_N) as $row) {
             $values = '(';
             $num_fields = count($row);
             for ($index = 0; $index < $num_fields; $index++) {
                 if (isset($row[$index])) {
                     $row[$index] = str_replace("\n", "\\n", addslashes($row[$index]));
                     $values .= '\'' . $row[$index] . '\'';
                 } else {
                     // The $row[$index] value is not set or is NULL
                     $values .= 'NULL';
                 }
                 if ($index < $num_fields - 1) {
                     $values .= ',';
                 }
             }
             $values_list[] = $values . ')';
         }
         if (!empty($values_list)) {
             fwrite($f, 'INSERT INTO ' . $table . ' VALUES ' . implode(',', $values_list) . ";\n\n");
         }
         unset($values_list);
         // Flush the output to a file
         if (fflush($f)) {
             echo ' OK.';
         }
         echo '<br />';
         evo_flush();
     }
     // Close backup file input stream
     fclose($f);
     if ($this->pack_backup_files) {
         // Pack created backup SQL script
         // Pack using 'zlib' extension and PclZip wrapper
         // Load PclZip class (PHP4):
         load_class('_ext/pclzip/pclzip.lib.php', 'PclZip');
         $zip_filepath = $backup_dirpath . 'db.zip';
         $PclZip = new PclZip($zip_filepath);
         $file_list = $PclZip->add($backup_dirpath . $backup_sql_filename, PCLZIP_OPT_REMOVE_PATH, no_trailing_slash($backup_dirpath));
         if ($file_list == 0) {
             echo '<p style="color:red">' . sprintf(T_('Unable to create &laquo;%s&raquo;'), $zip_filepath) . '</p>';
             evo_flush();
             return false;
         }
         unlink($backup_sql_filepath);
     }
     return true;
 }
Esempio n. 7
0
 /**
  * Constructor, not meant to be called directly. Use {@link FileCache::get_by_root_and_path()}
  * instead, which provides caching and checks that only one object for
  * a unique file exists (references).
  *
  * @param string Root type: 'user', 'group', 'collection' or 'absolute'
  * @param integer ID of the user, the group or the collection the file belongs to...
  * @param string Posix subpath for this file/folder, relative to the associated root (no trailing slash)
  * @param boolean check for meta data?
  * @return mixed false on failure, File object on success
  */
 function File($root_type, $root_ID, $rdfp_rel_path, $load_meta = false)
 {
     global $Debuglog;
     $Debuglog->add("new File( {$root_type}, {$root_ID}, {$rdfp_rel_path}, load_meta={$load_meta})", 'files');
     // Call parent constructor
     parent::DataObject('T_files', 'file_', 'file_ID', '', '', '', '');
     $this->delete_restrictions = array(array('table' => 'T_links', 'fk' => 'link_file_ID', 'field' => 'link_itm_ID', 'msg' => T_('%d linked items')), array('table' => 'T_links', 'fk' => 'link_file_ID', 'field' => 'link_cmt_ID', 'msg' => T_('%d linked comments')), array('table' => 'T_users', 'fk' => 'user_avatar_file_ID', 'msg' => T_('%d linked users (profile pictures)')));
     $this->delete_cascades = array(array('table' => 'T_files__vote', 'fk' => 'fvot_file_ID', 'msg' => T_('%d votes')));
     // Memorize filepath:
     $FileRootCache =& get_FileRootCache();
     $this->_FileRoot =& $FileRootCache->get_by_type_and_ID($root_type, $root_ID);
     // If there's a valid file root, handle extra stuff. This should not get done when the FileRoot is invalid.
     if ($this->_FileRoot) {
         $this->_rdfp_rel_path = no_trailing_slash(str_replace('\\', '/', $rdfp_rel_path));
         $this->_adfp_full_path = $this->_FileRoot->ads_path . $this->_rdfp_rel_path;
         $this->_name = basename($this->_adfp_full_path);
         $this->_dir = dirname($this->_adfp_full_path) . '/';
         $this->_md5ID = md5($this->_adfp_full_path);
         // Initializes file properties (type, size, perms...)
         $this->load_properties();
         if ($load_meta) {
             // Try to load DB meta info:
             $this->load_meta();
         }
     }
 }