} elseif ((int) $serendipity['GET']['step'] == 3) { $serendipity['dbPrefix'] = $_POST['dbPrefix']; echo CHECK_DATABASE_EXISTS . '...'; $t = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}authors", false, 'both', false, false, false, true); if (is_array($t)) { echo ' <strong>' . THEY_DO . '</strong>, ' . WONT_INSTALL_DB_AGAIN; echo '<br />'; echo '<br />'; } else { echo ' <strong>' . THEY_DONT . '</strong>'; echo '<br />'; echo CREATE_DATABASE; serendipity_installDatabase(); echo ' <strong>' . DONE . '</strong><br />'; echo sprintf(CREATING_PRIMARY_AUTHOR, htmlspecialchars($_POST['user'])) . '...'; $authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN, 1); $mail_comments = serendipity_db_bool($_POST['want_mail']) ? 1 : 0; serendipity_set_user_var('mail_comments', $mail_comments, $authorid); serendipity_set_user_var('mail_trackbacks', $mail_comments, $authorid); serendipity_set_user_var('right_publish', 1, $authorid); serendipity_addDefaultGroup('USERLEVEL_EDITOR_DESC', USERLEVEL_EDITOR); serendipity_addDefaultGroup('USERLEVEL_CHIEF_DESC', USERLEVEL_CHIEF); serendipity_addDefaultGroup('USERLEVEL_ADMIN_DESC', USERLEVEL_ADMIN); echo ' <strong>' . DONE . '</strong><br />'; echo SETTING_DEFAULT_TEMPLATE . '... '; serendipity_set_config_var('template', $serendipity['defaultTemplate']); echo ' <strong>' . DONE . '</strong><br />'; echo INSTALLING_DEFAULT_PLUGINS . '... '; include_once S9Y_INCLUDE_PATH . 'include/plugin_api.inc.php'; serendipity_plugin_api::register_default_plugins(); echo ' <strong>' . DONE . '</strong><br />';
static function checkuser($usergroups = array()) { global $serendipity; static $debug = false; if (!empty($serendipity['GET']['adduser_activation']) && !empty($_GET['r'])) { $string = $serendipity['GET']['adduser_activation']; $q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1"; if ($debug) { echo "[debug] QUERY: {$q}<br />\n"; } $author = serendipity_db_query($q, true); serendipity_common_adduser::sendMail($author['username'], function_exists('serendipity_specialchars') ? serendipity_specialchars($string) : htmlspecialchars($string, ENT_COMPAT, LANG_CHARSET), $author['email'], false, false); echo PLUGIN_ADDUSER_SENTMAIL_APPROVE_ADMIN; return true; } if (!empty($serendipity['GET']['adduser_activation'])) { $string = $serendipity['GET']['adduser_activation']; unset($serendipity['GET']['adduser_activation']); if (strlen($string) != 32) { echo PLUGIN_ADDUSER_WRONG_ACTIVATION . '<hr />'; return false; } $q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1"; if ($debug) { echo "[debug] QUERY: {$q}<br />\n"; } $author = serendipity_db_query($q, true); if ($debug) { echo "[debug] RESULT: " . print_r($author, true) . "<br />\n"; } if (is_array($author)) { $user = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE username = '******'username']) . "'", true); if (is_array($user) && !empty($user['authorid'])) { printf(PLUGIN_ADDUSER_EXISTS . '<hr />', function_exists('serendipity_specialchars') ? serendipity_specialchars($author['username']) : htmlspecialchars($author['username'], ENT_COMPAT, LANG_CHARSET)); return false; } $newID = serendipity_addAuthor($author['username'], '', $author['username'], $author['email'], $author['userlevel']); if ($debug) { echo "[debug] serendipity_addAuthor: {$newID}<br />\n"; } if ($newID) { serendipity_db_query("UPDATE {$serendipity['dbPrefix']}authors\n SET right_publish = '" . ($author['right_publish'] ? '1' : '0') . "',\n password = '******'password'] . "'\n WHERE authorid = " . (int) $newID); serendipity_set_config_var('no_create', $author['no_create'], $newID); serendipity_set_config_var('lang', $serendipity['lang'], $newID); // Fetch default properties for new authors as configured. // Only set values for the keys that are supported (all booleans currently!) $config = serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}config WHERE name LIKE 'serendipity_plugin_adduser:%'"); $pair_config = array('wysiwyg' => '', 'simpleFilters' => '', 'enableBackendPopup' => '', 'moderateCommentsDefault' => '', 'allowCommentsDefault' => '', 'showMediaToolbar' => '', 'use_autosave' => ''); if (is_array($config)) { foreach ($config as $conf) { $names = explode('/', $conf['name']); if (isset($pair_config[$names[1]])) { $pair_config[$names[1]] = serendipity_get_bool($conf['value']); serendipity_set_config_var($names[1], $pair_config['wysiwyg'], $newID); } } } if (is_array($usergroups) && function_exists('serendipity_updateGroups')) { if ($debug) { echo "[debug] update groups: " . print_r($usergroups, true) . "<br />\n"; } serendipity_updateGroups($usergroups, $newID, false); } elseif ($debug) { echo "[debug] no group addition: " . print_r($usergroups, true) . "<br />\n"; } } elseif ($debug) { echo "[debug] serendipity_addAuthor() failed!<br />\n"; } } $q = "SELECT authorid FROM {$serendipity['dbPrefix']}authors\n WHERE username = '******'username'] . "'\n AND password = '******'password'] . "'\n LIMIT 1"; $newauthor = serendipity_db_query($q, true); if (is_array($newauthor) && $newauthor['authorid'] > 0) { echo PLUGIN_ADDUSER_SUCCEED . '<hr />'; serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "'"); return true; } else { if ($debug) { echo "[debug] QUERY: {$q}<br />\n"; echo "[debug] RESULT: " . print_r($newauthor, true) . "<br />\n"; } echo PLUGIN_ADDUSER_FAILED . '<hr />'; return false; } } return false; }
function import_wpxrss() { // TODO: Backtranscoding to NATIVE charset. Currently only works with UTF-8. $dry_run = false; $serendipity['noautodiscovery'] = 1; $uri = $this->data['url']; require_once S9Y_PEAR_PATH . 'HTTP/Request.php'; serendipity_request_start(); $req = new HTTP_Request($uri, array('allowRedirects' => true, 'maxRedirects' => 5)); $res = $req->sendRequest(); if (PEAR::isError($res) || $req->getResponseCode() != '200') { serendipity_request_end(); echo IMPORT_FAILED . ': ' . htmlspecialchars($this->data['url']); echo "<br />\n"; return false; } $fContent = $req->getResponseBody(); serendipity_request_end(); echo strlen($fContent) . " Bytes<br />\n"; if (version_compare(PHP_VERSION, '5.0') === -1) { printf(UNMET_REQUIREMENTS, 'PHP >= 5.0'); echo "<br />\n"; return false; } $xml = simplexml_load_string($fContent); unset($fContent); /* ************* USERS **********************/ $_s9y_users = serendipity_fetchUsers(); $s9y_users = array(); if (is_array($s9y_users)) { foreach ($_s9y_users as $v) { $s9y_users[$v['realname']] = $v; } } /* ************* CATEGORIES **********************/ $_s9y_cat = serendipity_fetchCategories('all'); $s9y_cat = array(); if (is_array($s9y_cat)) { foreach ($_s9y_cat as $v) { $s9y_cat[$v['category_name']] = $v['categoryid']; } } $wp_ns = 'http://wordpress.org/export/1.0/'; $dc_ns = 'http://purl.org/dc/elements/1.1/'; $content_ns = 'http://purl.org/rss/1.0/modules/content/'; $wp_core = $xml->channel->children($wp_ns); foreach ($wp_core->category as $idx => $cat) { //TODO: Parent generation unknown. $cat_name = (string) $cat->cat_name; if (!isset($s9y_cat[$cat_name])) { $cat = array('category_name' => $cat_name, 'category_description' => '', 'parentid' => 0, 'category_left' => 0, 'category_right' => 0); printf(CREATE_CATEGORY, htmlspecialchars($cat_name)); echo "<br />\n"; if ($dry_run) { $s9y_cat[$cat_name] = time(); } else { serendipity_db_insert('category', $cat); $s9y_cat[$cat_name] = serendipity_db_insert_id('category', 'categoryid'); } } } /* ************* ITEMS **********************/ foreach ($xml->channel->item as $idx => $item) { $wp_items = $item->children($wp_ns); $dc_items = $item->children($dc_ns); $content_items = $item->children($content_ns); // TODO: Attachments not handled if ((string) $wp_items->post_type == 'attachment' or (string) $wp_items->post_type == 'page') { continue; } $entry = array('title' => (string) $item->title, 'isdraft' => (string) $wp_items->status == 'publish' ? 'false' : 'true', 'allow_comments' => (string) $wp_items->comment_status == 'open' ? true : false, 'categories' => array(), 'body' => (string) $content_items->encoded); if (preg_match('@^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})$@', (string) $wp_items->post_date, $timematch)) { $entry['timestamp'] = mktime($timematch[4], $timematch[5], $timematch[6], $timematch[2], $timematch[3], $timematch[1]); } else { $entry['timestamp'] = time(); } if (isset($item->category[1])) { foreach ($item->category as $idx => $category) { $cstring = (string) $category; if (!isset($s9y_cat[$cstring])) { echo "WARNING: {$category} unset!<br />\n"; } else { $entry['categories'][] = $s9y_cat[$cstring]; } } } else { $cstring = (string) $item->category; $entry['categories'][] = $s9y_cat[$cstring]; } $wp_user = (string) $dc_items->creator; if (!isset($s9y_users[$wp_user])) { if ($dry_run) { $s9y_users[$wp_user]['authorid'] = time(); } else { $s9y_users[$wp_user]['authorid'] = serendipity_addAuthor($wp_user, md5(time()), $wp_user, '', USERLEVEL_EDITOR); } printf(CREATE_AUTHOR, htmlspecialchars($wp_user)); echo "<br />\n"; } $entry['authorid'] = $s9y_users[$wp_user]['authorid']; if ($dry_run) { $id = time(); } else { $id = serendipity_updertEntry($entry); } $s9y_cid = array(); // Holds comment ids to s9y ids association. $c_i = 0; foreach ($wp_items->comment as $comment) { $c_i++; $c_id = (string) $comment->comment_id; $c_pid = (string) $comment->comment_parent; $c_type = (string) $comment->comment_type; if ($c_type == 'pingback') { $c_type2 = 'PINGBACK'; } elseif ($c_type == 'trackback') { $c_type2 = 'TRACKBACK'; } else { $c_type2 = 'NORMAL'; } $s9y_comment = array('entry_id ' => $id, 'parent_id' => $s9y_cid[$c_pd], 'author' => (string) $comment->comment_author, 'email' => (string) $comment->comment_author_email, 'url' => (string) $comment->comment_author_url, 'ip' => (string) $comment->comment_author_IP, 'status' => empty($comment->comment_approved) || $comment->comment_approved == '1' ? 'approved' : 'pending', 'subscribed' => 'false', 'body' => (string) $comment->comment_content, 'type' => $c_type2); if (preg_match('@^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})$@', (string) $comment->comment_date, $timematch)) { $s9y_comment['timestamp'] = mktime($timematch[4], $timematch[5], $timematch[6], $timematch[2], $timematch[3], $timematch[1]); } else { $s9y_comment['timestamp'] = time(); } if ($dry_run) { $cid = time(); } else { serendipity_db_insert('comments', $s9y_comment); $cid = serendipity_db_insert_id('comments', 'id'); if ($s9y_comment['status'] == 'approved') { serendipity_approveComment($cid, $id, true); } } $s9y_cid[$c_id] = $cid; } echo "Entry '" . htmlspecialchars($entry['title']) . "' ({$c_i} comments) imported.<br />\n"; } return true; }
$group_intersect = serendipity_intersectGroup($user[0]['authorid']); if (serendipity_checkPermission('adminUsersMaintainOthers') || serendipity_checkPermission('adminUsersMaintainSame') && $group_intersect) { serendipity_deleteAuthor($user[0]['authorid']); printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DELETED_USER . '</div>', htmlspecialchars($serendipity['POST']['user']), htmlspecialchars($user[0]['realname'])); serendipity_plugin_api::hook_event('backend_users_delete', $user[0]); } else { echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>'; } } } /* Save new user */ if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) { if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && $_POST['userlevel'] >= $serendipity['serendipityUserlevel'] || !serendipity_checkPermission('adminUsersCreateNew')) { echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED . '</div>'; } else { $serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel'], 1); $valid_groups = serendipity_getGroups($serendipity['authorid'], true); /* Save all the properties */ $config = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE); foreach ($config as $category) { foreach ($category['items'] as $item) { if (in_array('groups', $item['flags'])) { if (serendipity_checkPermission('adminUsersMaintainOthers')) { // Void, no fixing neccessarry } elseif (serendipity_checkPermission('adminUsersMaintainSame')) { // Check that no user may assign groups he's not allowed to. foreach ($_POST[$item['var']] as $groupkey => $groupval) { if (in_array($groupval, $valid_groups)) { continue; } elseif ($groupval == 2 && in_array(3, $valid_groups)) { // Admin is allowed to assign users to chief editors