Esempio n. 1
 public static function Init()
     $setup = \SystemSetting::getByKey("ARC_ISINIT");
     if ($setup->value == "1") {
     \Log::createLog("warning", "Arc", "Initilised default Arc settings");
     // Default system settings
     Helper::arcCheckSettingExists("ARC_ISINIT", "1");
     Helper::arcCheckSettingExists("ARC_KEEP_LOGS", "31");
     Helper::arcCheckSettingExists("ARC_MAIL", "{\"smtp\":\"false\", \"server\":\"localhost\"" . ", \"username\":\"\", \"password\":\"\", \"port\":\"25\", \"sender\":\"Admin <*****@*****.**>\"}");
     Helper::arcCheckSettingExists("ARC_LOGIN_URL", "welcome");
     Helper::arcCheckSettingExists("ARC_FILE_UPLOAD_SIZE_BYTES", "2000000");
     Helper::arcCheckSettingExists("ARC_THUMB_WIDTH", "80");
     Helper::arcCheckSettingExists("ARC_THEME", "default");
     Helper::arcCheckSettingExists("ARC_DEFAULT_PAGE", "welcome");
     Helper::arcCheckSettingExists("ARC_LDAP", "{\"ldap\":\"false\", \"server\":\"localhost\"," . " \"domain\":\"mydomain\", \"base\":\"dc=mydomain,dc=local\"}");
     Helper::arcCheckSettingExists("ARC_PASSWORD_RESET_MESSAGE", htmlentities("You or someone else has requested a password reset.<br />" . "Your new password is '{password}'."));
     Helper::arcCheckSettingExists("ARC_ALLOWREG", "true");
     Helper::arcCheckSettingExists("ARC_LOGO_PATH", "assets/logo-200x48-dark.png");
     Helper::arcCheckSettingExists("ARC_DATEFORMAT", "d-m-Y");
     Helper::arcCheckSettingExists("ARC_TIMEFORMAT", "H:i:s");
     Helper::arcCheckSettingExists("ARC_REQUIRECOMPANY", false);
     Helper::arcCheckSettingExists("ARC_SITETITLE", "Arc Project");
     Helper::arcCheckSettingExists("ARC_MEDIAMANAGERURL", "administration/media-manager");
Esempio n. 2
function doLogin($user)
    Log::createLog("success", "user", "User logged in: " . $user->email);
    system\Helper::arcCheckSettingExists("ARC_LOGIN_URL", "/");
    $url = SystemSetting::getByKey("ARC_LOGIN_URL");
    system\Helper::arcReturnJSON(["redirect" => $url->value]);
    system\Helper::arcAddMessage("success", "Login successful.");
Esempio n. 3
 public static function createLog($type, $module, $message)
     $log = new Log();
     $log->type = $type;
     $log->module = $module;
     $log->message = $message;
     if (system\Helper::arcIsImpersonator()) {
         $log->message = "Impersonated (" . system\Helper::arcGetImpersonator()->getFullname() . "): " . $log->message;
     // get days
     $days = SystemSetting::getByKey("ARC_KEEP_LOGS");
     system\Helper::arcGetDatabase()->query("delete from arc_logs where datediff(now(), arc_logs.event) > " . $days->value);
Esempio n. 4

if (system\Helper::arcIsAjaxRequest()) {
    $apikey = SystemSetting::getByKey("APIKEY", $_POST["userid"]);
    //system\Helper::arcAddMessage("success", "User API key removed");
Esempio n. 5

if (system\Helper::arcIsAjaxRequest()) {
    $user = User::getByEmail($_POST["emailf"]);
    // valid user
    if ($user->id > 0) {
        $password = md5(uniqid($user->email, true));
        $messageS = SystemSetting::getByKey("ARC_PASSWORD_RESET_MESSAGE");
        $message = html_entity_decode($messageS->value);
        $message = str_replace("{password}", $password, $message);
        $mail = new Mail();
        $mail->Send($user->email, "Password Reset Request", $message, true);
        system\Helper::arcAddMessage("success", "Password reset, please check your email.");
        Log::createLog("warning", "user", "Password reset request '" . $_POST["emailf"] . "'.");
    } else {
        system\Helper::arcAddMessage("danger", "Email address is not registered");
        Log::createLog("danger", "user", "Request to reset unknown email address '" . $_POST["emailf"] . "'.");
Esempio n. 6
            $name = $_FILES["file"]["name"];
            $ext = end(explode(".", $name));
            # extra () to prevent notice
            $filename = uniqid() . "." . $ext;
            $path = system\Helper::arcGetPath(true) . "assets/profile";
            $destination = $path . "/" . $filename;
            if (!file_exists($path)) {
            Log::createLog("info", "user", "Destination: '" . $destination . "'");
            $location = $_FILES["file"]["tmp_name"];
            $size = filesize($location);
            if ($size == 0) {
                system\Helper::arcAddMessage("danger", "Invalid file uploaded");
                Log::createLog("danger", "user", "Invalid file size.");
            move_uploaded_file($location, $destination);
            $profileImage = SystemSetting::getByKey("ARC_USER_IMAGE", system\Helper::arcGetUser()->id);
            $profileImage->userid = system\Helper::arcGetUser()->id;
            $profileImage->value = $filename;
            system\Helper::arcAddMessage("success", "File uploaded");
            Log::createLog("success", "user", "Upload complete.");
        } else {
            Log::createLog("danger", "user", "Upload error " . $_FILES['file']['error']);
            system\Helper::arcAddMessage("danger", "Error occured while uploading file");
Esempio n. 7

$ldap = SystemSetting::getByKey("ARC_LDAP");
$ldapData = $ldap->getArrayFromJson();
$login = "******";
if ($ldapData["ldap"] == "true") {
    $login = "******";
$reg = SystemSetting::getByKey("ARC_ALLOWREG");
$company = SystemSetting::getByKey("ARC_REQUIRECOMPANY");
<div class="row">
    <div class="collapse in" id="collapseA">
        <div class="row">
                <div class="col-md-5 col-md-offset-1">
                    <h3>Sign in</h3>
                    <form name="loginForm">
                        <div class="form-group">
                            <input maxlength="100" type="text" class="form-control" id="email" placeholder="<?php 
echo $login;
                        <div class="form-group">
                            <input maxlength="100" type="password" class="form-control" id="password" placeholder="Password">
                <div class="col-md-5">
Esempio n. 8
  * @param string String to decrypt
  * @return string
 public static function arcDecrypt($string)
     $encryption_key = \SystemSetting::getByKey("ARC_PAIR")->value;
     $decrypted = openssl_decrypt($string, "aes-256-cbc", $encryption_key, 0, ARCIVKEYPAIR);
     return $decrypted;
Esempio n. 9

            <div class="panel panel-default">     
                <div class="panel-body">
                    <label for="apiuser">Add user</label>
                    <div class="row">
                        <div class="col-md-8">
                            <select class="form-control" id="apiuser">
$users = User::getAllUsers();
foreach ($users as $user) {
    $apikey = SystemSetting::getByKey("APIKEY", $user->id);
    if ($apikey->id == 0) {
        echo "<option value=\"{$user->id}\">{$user->getFullname()} ({$user->email})</option>";
                        <div class="col-md-4">
                            <a class="btn btn-default btn-block" id="createAPI"><i class="fa fa-plus"></i> Create API key</a>

            <div class="well">
Esempio n. 10

if (system\Helper::arcIsAjaxRequest()) {
    $users = User::getAllUsers();
    $table = "<table class=\"table table-hover table-condensed\">";
    $table .= "<thead><tr><th>Name</th><th>Status</th><th>Email</th><th>Auth</th><th></th></tr></thead><tbody>";
    foreach ($users as $user) {
        $table .= "<tr><td>" . $user->getFullname() . "</td><td>";
        if ($user->enabled == true) {
            $table .= "<div class=\"label label-success\"><i class=\"fa fa-check\"></i> Enabled</div>";
        } else {
            $table .= "<div class=\"label label-danger\"><i class=\"fa fa-remove\"></i> Disabled</div>";
        $table .= "</td><td>" . $user->email . "</td>" . "<td>";
        $ad = SystemSetting::getByKey("ARC_USER_AD", $user->id);
        if ($ad->id == 0) {
            $table .= "<i class=\"fa fa-user\"></i> Local";
        } else {
            $table .= "<i class=\"fa fa-cloud-download\"></i> LDAP";
        $table .= "</td>" . "<td class=\"text-right\">" . "<div class=\"btn-group\" role=\"group\">" . "<a class=\"btn btn-primary btn-xs\" onclick=\"impersonateUser(" . $user->id . ")\"><i class=\"fa fa-user-secret\"></i> Impersonate</a>" . "<a class=\"btn btn-success btn-xs\" onclick=\"editUser(" . $user->id . ")\"><i class=\"fa fa-pencil\"></i> Edit</a>" . "<a class=\"btn btn-danger btn-xs\" onclick=\"removeUser(" . $user->id . ")\"><i class=\"fa fa-remove\"></i> Remove</a>" . "</div>" . "</td></tr>";
    $table .= "</tbody></table>";
    system\Helper::arcReturnJSON(["html" => $table]);
Esempio n. 11

if (system\Helper::arcIsAjaxRequest() && count($_FILES) > 0) {
    Log::createLog("success", "arc", "Detected upload request.");
    if (isset($_FILES['file']['name'])) {
        if (!$_FILES['file']['error']) {
            Log::createLog("success", "arc", "Starting image upload.");
            $filesize = SystemSetting::getByKey("ARC_FILE_UPLOAD_SIZE_BYTES");
            Log::createLog("info", "arc", "Upload size limit: " . $filesize->value);
            if ($_FILES['file']['size'] > $filesize->value) {
                system\Helper::arcAddMessage("danger", "Image file size exceeds limit");
                Log::createLog("danger", "arc", "Image exceeds size limit.");
            $file_type = $_FILES['file']['type'];
            Log::createLog("info", "arc", "Type: " . $_FILES['file']['type']);
            if ($file_type != "image/jpeg" && $file_type != "image/jpg" && $file_type != "image/gif" && $file_type != "image/png") {
                system\Helper::arcAddMessage("danger", "Invalid image type, requires JPEG, JPG, GIF or PNG");
                Log::createLog("danger", "arc", "Invalid image type.");
            Log::createLog("info", "arc", "Valid image type detected.");
            //$name = md5(uniqid(rand(), true));
            //$ext = explode('.', $_FILES['file']['name']);
            //$filename = $name . '.' . $ext[1];
            $filename = $_FILES['file']['name'];
            // force lowercase names
            $filename = strtolower($filename);
            $destination = system\Helper::arcGetPath(true) . "assets/pagemanager/" . $filename;
            if (!file_exists(system\Helper::arcGetPath(true) . "assets/pagemanager")) {
                mkdir(system\Helper::arcGetPath(true) . "assets/pagemanager");
Esempio n. 12
  * @param string $from Sender, left null to use system setting.
  * @param string/array $to To, format as 'Firstname Lastname' <*****@*****.**> or email address only.
  * @param string/array $cc CC, format as 'Firstname Lastname' <*****@*****.**> or email address only.
  * @param string $subject String message subject.
  * @param string $message Message body, html or plain text.
  * @param boolean $html True for html body, false for plain.
  * @return boolean True/False depending is the operation was completed.
 public function Send($to = array(), $subject, $message, $html = true, $from = null, $cc = array())
     if ($html == true) {
         $theme = SystemSetting::getByKey("ARC_THEME");
         if (file_exists(system\Helper::arcGetPath(true) . "themes/" . $theme->value . "/email.php")) {
             $content = file_get_contents(system\Helper::arcGetPath(true) . "themes/" . $theme->value . "/email.php");
             $message = system\Helper::arcParseEmail($content, $message);
     Log::createLog("info", "arcmail", "Send email request, mode: " . $this->mode);
     // Set from details
     if ($from == null) {
         $from = $this->data["sender"];
     // Build to list
     if (!is_array($to)) {
         $list = array();
         $list[] = $to;
         $to = $list;
     // Build to list
     if (!is_array($cc)) {
         $list = array();
         $list[] = $cc;
         $cc = $list;
     // Build Mail Header
     $headers = "MIME-Version: 1.0\r\n";
     if ($html == true) {
         // Html content
         $headers .= "Content-Type: text/html; charset=iso-8859-1\r\n";
     } else {
         // Plain test
         $headers .= "Content-Type: text/plain;\r\n";
     Log::createLog("info", "arcmail", "Mail headers built");
     switch ($this->mode) {
         case "MAIL":
             // Add from header
             $headers .= "From: " . $from . "\r\n";
             // Build recipients list
             $toList = "";
             foreach ($to as $recipient) {
                 $toList .= $recipient . ", ";
             $toList = substr($toList, 0, -2);
             Log::createLog("success", "arcmail", "PHP mail created.");
             // Send mail
             mail($toList, $subject, $message, $headers);
             Log::createLog("success", "arcmail", "PHP mail sent.");
         case "SMTP":
             include system\Helper::arcGetPath(true) . "app/classes/PHPMailer/PHPMailerAutoload.php";
             $mail = new PHPMailer();
             $mail->Host = $this->data["server"];
             if (empty($this->data["username"]) && empty($this->data["password"])) {
                 $mail->SMTPAuth = false;
             } else {
                 $mail->SMTPAuth = true;
                 $mail->Username = $this->data["username"];
                 $smtp_password = system\Helper::arcDecrypt($this->data["password"]);
                 $mail->Password = $smtp_password;
             foreach ($to as $email) {
             foreach ($cc as $email) {
             $mail->Subject = $subject;
             $mail->Body = $message;
             if (!$mail->send()) {
                 Log::createLog("danger", "arcmail", "SMTP: " . $mail->ErrorInfo);
             } else {
                 Log::createLog("success", "arcmail", "SMTP: Message sent");
Esempio n. 13
    $setting->value = $_POST["theme"];
    $setting = SystemSetting::getByKey("ARC_THUMB_WIDTH");
    $setting->value = $_POST["width"];
    $setting = SystemSetting::getByKey("ARC_FILE_UPLOAD_SIZE_BYTES");
    $setting->value = $_POST["limit"];
    $setting = SystemSetting::getByKey("ARC_ALLOWREG");
    $setting->value = $_POST["allowReg"];
    $setting = SystemSetting::getByKey("ARC_LOGO_PATH");
    $setting->value = $_POST["siteLogo"];
    $setting = SystemSetting::getByKey("ARC_DATEFORMAT");
    $setting->value = $_POST["dateFormat"];
    $setting = SystemSetting::getByKey("ARC_TIMEFORMAT");
    $setting->value = $_POST["timeFormat"];
    $setting = SystemSetting::getByKey("ARC_REQUIRECOMPANY");
    $setting->value = $_POST["company"];
    $setting = SystemSetting::getByKey("ARC_SITETITLE");
    $setting->value = $_POST["siteTitle"];
    $setting = SystemSetting::getByKey("ARC_MEDIAMANAGERURL");
    $setting->value = $_POST["media"];
    system\Helper::arcAddMessage("success", "System settings saved.");
Esempio n. 14

system\Helper::arcAddFooter("js", system\Helper::arcGetModulePath() . "js/systemsettings.js");
$logs = SystemSetting::getByKey("ARC_KEEP_LOGS");
$file_size = SystemSetting::getByKey("ARC_FILE_UPLOAD_SIZE_BYTES");
$theme_setting = SystemSetting::getByKey("ARC_THEME");
$thumb = SystemSetting::getByKey("ARC_THUMB_WIDTH");
$login_url = SystemSetting::getByKey("ARC_LOGIN_URL");
$default_page = SystemSetting::getByKey("ARC_DEFAULT_PAGE");
$mail = SystemSetting::getByKey("ARC_MAIL");
$ldap = SystemSetting::getByKey("ARC_LDAP");
$reg = \SystemSetting::getByKey("ARC_ALLOWREG");
$logo = \SystemSetting::getByKey("ARC_LOGO_PATH");
$dateformat = \SystemSetting::getByKey("ARC_DATEFORMAT");
$timeformat = \SystemSetting::getByKey("ARC_TIMEFORMAT");
$company = \SystemSetting::getByKey("ARC_REQUIRECOMPANY");
$title = \SystemSetting::getByKey("ARC_SITETITLE");
$media = \SystemSetting::getByKey("ARC_MEDIAMANAGERURL");
Esempio n. 15

$days = SystemSetting::getByKey("ARC_KEEP_LOGS");

<ul class="nav nav-tabs">
    <li class="active"><a data-toggle="tab" href="#log"> Arc Logs</a></li>
    <li><a data-toggle="tab" href="#php"> PHP Logs</a></li>

<div class="tab-content">
    <div id="log" class="tab-pane fade in active">
        <div class="alert alert-warning">
            <i class="fa fa-exclamation"></i> Logs are purged automatically after <?php 
echo $days->value;
 days. This can be adjusted in settings.
        <div id="logs" class="small">
    <div id="php" class="tab-pane fade">
        <p class="small">
$path = system\Helper::arcGetPath(true) . ini_get('error_log');
if (file_exists($path)) {
    $log = nl2br(file_get_contents($path));
    $log = str_replace("[", "<mark>[", $log);
    $log = str_replace("]", "]</mark>", $log);
    $log = str_replace("PHP Warning:", "<label class=\"label label-warning\">Warning</label><br />", $log);
    $log = str_replace("PHP Fatal error:", "<label class=\"label label-danger\">Error</label><br />", $log);
Esempio n. 16
        system\Helper::arcAddMessage("danger", "User already exists with that email address");
    $user->firstname = ucfirst(strtolower($_POST["firstname"]));
    $user->lastname = ucfirst(strtolower($_POST["lastname"]));
    $user->email = strtolower($_POST["emailr"]);
    if (empty($user->email)) {
        system\Helper::arcAddMessage("danger", "Please specifiy an email address");
    // save user
    $company = SystemSetting::getByKey("ARC_REQUIRECOMPANY");
    if (!empty($_POST["company"]) && $company->value == "true") {
        $comp = Company::getByName(ucwords($_POST["company"]));
        if ($comp->id == 0) {
            $comp = new Company();
            $comp->name = ucwords($_POST["company"]);
    system\Helper::arcAddMessage("success", "Your details have been registered");
    system\Helper::arcCheckSettingExists("ARC_LOGIN_URL", "/");
    $url = SystemSetting::getByKey("ARC_LOGIN_URL");
    system\Helper::arcReturnJSON(["redirect" => $url->value]);
} else {
    system\Helper::arcAddFooter("js", system\Helper::arcGetModulePath() . "js/register.js");