/**
* Parse XML into array
*/
protected function _parse()
{
if (empty($this->xml->module)) {
return;
}
foreach ($this->xml->module as $i) {
$attrs = $i->attributes();
$item = array();
# DC/DA shared markers
$item['id'] = (string) $attrs['id'];
$item['file'] = (string) $i->file;
$item['label'] = (string) $i->name;
// deprecated
$item['name'] = (string) $i->name;
$item['version'] = (string) $i->version;
$item['author'] = (string) $i->author;
$item['desc'] = (string) $i->desc;
# DA specific markers
$item['dc_min'] = (string) $i->children(self::$bloc)->dcmin;
$item['details'] = (string) $i->children(self::$bloc)->details;
$item['section'] = (string) $i->children(self::$bloc)->section;
$item['support'] = (string) $i->children(self::$bloc)->support;
$item['sshot'] = (string) $i->children(self::$bloc)->sshot;
$tags = array();
foreach ($i->children(self::$bloc)->tags as $t) {
$tags[] = (string) $t->tag;
}
$item['tags'] = implode(', ', $tags);
# First filter right now. If DC_DEV is set all modules are parse
if (defined('DC_DEV') && DC_DEV === true || dcUtils::versionsCompare(DC_VERSION, $item['dc_min'], '>=', false)) {
$this->items[$item['id']] = $item;
}
}
}
/**
* Check repository.
*
* @param boolean $force Force query repository
* @return boolean True if get feed or cache
*/
public function check($force = false)
{
if (!$this->xml_url) {
return false;
}
if (($parser = dcStoreReader::quickParse($this->xml_url, DC_TPL_CACHE, $force)) === false) {
return false;
}
$raw_datas = $parser->getModules();
uasort($raw_datas, array('self', 'sort'));
$skipped = array_keys($this->modules->getDisabledModules());
foreach ($skipped as $p_id) {
if (isset($raw_datas[$p_id])) {
unset($raw_datas[$p_id]);
}
}
$updates = array();
$current = $this->modules->getModules();
foreach ($current as $p_id => $p_infos) {
if (isset($raw_datas[$p_id])) {
if (dcUtils::versionsCompare($raw_datas[$p_id]['version'], $p_infos['version'], '>')) {
$updates[$p_id] = $raw_datas[$p_id];
$updates[$p_id]['root'] = $p_infos['root'];
$updates[$p_id]['root_writable'] = $p_infos['root_writable'];
$updates[$p_id]['current_version'] = $p_infos['version'];
}
unset($raw_datas[$p_id]);
}
}
$this->data = array('new' => $raw_datas, 'update' => $updates);
return true;
}
public function draw()
{
if (count($this->items) + count($this->pinned) == 0) {
return '';
}
$res = '<div id="' . $this->id . '">' . ($this->title ? '<h3>' . $this->title . '</h3>' : '') . '<ul>' . "\n";
// 1. Display pinned items (unsorted)
for ($i = 0; $i < count($this->pinned); $i++) {
if ($i + 1 < count($this->pinned) && $this->itemSpace != '') {
$res .= preg_replace('|</li>$|', $this->itemSpace . '</li>', $this->pinned[$i]);
$res .= "\n";
} else {
$res .= $this->pinned[$i] . "\n";
}
}
// 2. Display unpinned itmes (sorted)
$i = 0;
dcUtils::lexicalKeySort($this->items);
foreach ($this->items as $title => $item) {
if ($i + 1 < count($this->items) && $this->itemSpace != '') {
$res .= preg_replace('|</li>$|', $this->itemSpace . '</li>', $item);
$res .= "\n";
} else {
$res .= $item . "\n";
}
$i++;
}
$res .= '</ul></div>' . "\n";
return $res;
}
/**
Returns an users combo from a users record
@param users <b>record</b> the users record
@return <b>array</b> the combo box (form::combo -compatible format)
*/
public static function getUsersCombo($users)
{
$users_combo = array();
while ($users->fetch()) {
$user_cn = dcUtils::getUserCN($users->user_id, $users->user_name, $users->user_firstname, $users->user_displayname);
if ($user_cn != $users->user_id) {
$user_cn .= ' (' . $users->user_id . ')';
}
$users_combo[$user_cn] = $users->user_id;
}
return $users_combo;
}
function dc_load_locales()
{
global $_lang, $core;
$_lang = $core->auth->getInfo('user_lang');
$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/', $_lang) ? $_lang : 'en';
l10n::lang($_lang);
if (l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/date') === false && $_lang != 'en') {
l10n::set(dirname(__FILE__) . '/../../locales/en/date');
}
l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/main');
l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/public');
l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/plugins');
// Set lexical lang
dcUtils::setlexicalLang('admin', $_lang);
}
private function getAuthors($user, $pwd)
{
$this->setUser($user, $pwd);
$this->setBlog();
$rs = $this->core->getBlogPermissions($this->core->blog->id);
$res = array();
foreach ($rs as $k => $v) {
$res[] = array('user_id' => $k, 'user_login' => $k, 'display_name' => dcUtils::getUserCN($k, $v['name'], $v['firstname'], $v['displayname']));
}
return $res;
}
try {
$dates = $core->blog->getDates(array('type' => 'month'));
} catch (Exception $e) {
$core->error->add($e->getMessage());
}
# Getting langs
try {
$langs = $core->blog->getLangs();
} catch (Exception $e) {
$core->error->add($e->getMessage());
}
# Creating filter combo boxes
if (!$core->error->flag()) {
# Filter form we'll put in html_block
$users_combo = dcAdminCombos::getUsersCombo($users);
dcUtils::lexicalKeySort($users_combo);
$users_combo = array_merge(array('-' => ''), $users_combo);
$categories_combo = array_merge(array(new formSelectOption('-', ''), new formSelectOption(__('(No cat)'), 'NULL')), dcAdminCombos::getCategoriesCombo($categories, false));
$categories_values = array();
foreach ($categories_combo as $cat) {
if (isset($cat->value)) {
$categories_values[$cat->value] = true;
}
}
$status_combo = array_merge(array('-' => ''), dcAdminCombos::getPostStatusesCombo());
$selected_combo = array('-' => '', __('Selected') => '1', __('Not selected') => '0');
$comment_combo = array('-' => '', __('Opened') => '1', __('Closed') => '0');
$trackback_combo = array('-' => '', __('Opened') => '1', __('Closed') => '0');
$attachment_combo = array('-' => '', __('With attachments') => '1', __('Without attachments') => '0');
$password_combo = array('-' => '', __('With password') => '1', __('Without password') => '0');
# Months array
public static function getUserCN($rs)
{
$user = dcUtils::getUserCN($rs->user_id, $rs->user_name, $rs->user_firstname, $rs->user_displayname);
if ($user === 'unknown') {
$user = __('unknown');
}
return $user;
}
try {
$core->tpl = new dcTemplate(DC_TPL_CACHE, '$core->tpl', $core);
} catch (Exception $e) {
__error(__('Can\'t create template files.'), $e->getMessage(), 640);
}
# Loading locales
$_lang = $core->blog->settings->system->lang;
$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/', $_lang) ? $_lang : 'en';
l10n::lang($_lang);
if (l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/date') === false && $_lang != 'en') {
l10n::set(dirname(__FILE__) . '/../../locales/en/date');
}
l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/public');
l10n::set(dirname(__FILE__) . '/../../locales/' . $_lang . '/plugins');
// Set lexical lang
dcUtils::setlexicalLang('public', $_lang);
# Loading plugins
try {
$core->plugins->loadModules(DC_PLUGINS_ROOT, 'public', $_lang);
} catch (Exception $e) {
}
# Loading themes
$core->themes = new dcThemes($core);
$core->themes->loadModules($core->blog->themes_path);
# Defining theme if not defined
if (!isset($__theme)) {
$__theme = $core->blog->settings->system->theme;
}
if (!$core->themes->moduleExists($__theme)) {
$__theme = $core->blog->settings->system->theme = 'default';
}
private static function sort($a, $b)
{
$c = dcUtils::removeDiacritics(mb_strtolower($a->name()));
$d = dcUtils::removeDiacritics(mb_strtolower($b->name()));
if ($c == $d) {
return 0;
}
return $c < $d ? -1 : 1;
}
/**
Delete comments
@param ids <b>mixed</b> Comment(s) ID(s)
*/
public function delComments($ids)
{
if (!$this->core->auth->check('delete,contentadmin', $this->id)) {
throw new Exception(__('You are not allowed to delete comments'));
}
$co_ids = dcUtils::cleanIds($ids);
if (empty($co_ids)) {
throw new Exception(__('No such comment ID'));
}
# Retrieve posts affected by comments edition
$affected_posts = array();
$strReq = 'SELECT post_id ' . 'FROM ' . $this->prefix . 'comment ' . 'WHERE comment_id' . $this->con->in($co_ids) . 'GROUP BY post_id';
$rs = $this->con->select($strReq);
while ($rs->fetch()) {
$affected_posts[] = (int) $rs->post_id;
}
$strReq = 'DELETE FROM ' . $this->prefix . 'comment ' . 'WHERE comment_id' . $this->con->in($co_ids) . ' ' . 'AND post_id in (SELECT tp.post_id ' . 'FROM ' . $this->prefix . 'post tp ' . "WHERE tp.blog_id = '" . $this->con->escape($this->id) . "' ";
#If user can only delete, we need to check the post's owner
if (!$this->core->auth->check('contentadmin', $this->id)) {
$strReq .= "AND tp.user_id = '" . $this->con->escape($this->core->auth->userID()) . "' ";
}
$strReq .= ")";
$this->con->execute($strReq);
$this->triggerComments($co_ids, true, $affected_posts);
$this->triggerBlog();
}
/**
Computes statistics from a metadata recordset.
Each record gets enriched with lowercase name, percent and roundpercent columns
@param rs <b>record</b> recordset to enrich
@return <b>record</b> the enriched recordset
*/
public function computeMetaStats($rs)
{
$rs_static = $rs->toStatic();
$max = array();
while ($rs_static->fetch()) {
$type = $rs_static->meta_type;
if (!isset($max[$type])) {
$max[$type] = $rs_static->count;
} else {
if ($rs_static->count > $max[$type]) {
$max[$type] = $rs_static->count;
}
}
}
while ($rs_static->fetch()) {
$rs_static->set('meta_id_lower', dcUtils::removeDiacritics(mb_strtolower($rs_static->meta_id)));
$count = $rs_static->count;
$percent = (int) $rs_static->count * 100 / $max[$rs_static->meta_type];
$rs_static->set('percent', (int) round($percent));
$rs_static->set('roundpercent', round($percent / 10) * 10);
}
return $rs_static;
}
/**
* Checks if user exists and can log in. <var>$pwd</var> argument is optionnal
* while you may need to check user without password. This method will create
* credentials and populate all needed object properties.
*
* @param string $user_id User ID
* @param string $pwd User password
* @param string $user_key User key check
* @param boolean $check_blog checks if user is associated to a blog or not.
* @return boolean
*/
public function checkUser($user_id, $pwd = null, $user_key = null, $check_blog = true)
{
# Check user and password
$strReq = 'SELECT user_id, user_super, user_pwd, user_change_pwd, ' . 'user_name, user_firstname, user_displayname, user_email, ' . 'user_url, user_default_blog, user_options, ' . 'user_lang, user_tz, user_post_status, user_creadt, user_upddt ' . 'FROM ' . $this->con->escapeSystem($this->user_table) . ' ' . "WHERE user_id = '" . $this->con->escape($user_id) . "' ";
try {
$rs = $this->con->select($strReq);
} catch (Exception $e) {
$err = $e->getMessage();
return false;
}
if ($rs->isEmpty()) {
sleep(rand(2, 5));
return false;
}
$rs->extend('rsExtUser');
if ($pwd != '') {
if ($this->crypt($pwd) != $rs->user_pwd) {
sleep(rand(2, 5));
return false;
}
} elseif ($user_key != '') {
if (http::browserUID(DC_MASTER_KEY . $rs->user_id . $rs->user_pwd) != $user_key) {
return false;
}
}
$this->user_id = $rs->user_id;
$this->user_change_pwd = (bool) $rs->user_change_pwd;
$this->user_admin = (bool) $rs->user_super;
$this->user_info['user_pwd'] = $rs->user_pwd;
$this->user_info['user_name'] = $rs->user_name;
$this->user_info['user_firstname'] = $rs->user_firstname;
$this->user_info['user_displayname'] = $rs->user_displayname;
$this->user_info['user_email'] = $rs->user_email;
$this->user_info['user_url'] = $rs->user_url;
$this->user_info['user_default_blog'] = $rs->user_default_blog;
$this->user_info['user_lang'] = $rs->user_lang;
$this->user_info['user_tz'] = $rs->user_tz;
$this->user_info['user_post_status'] = $rs->user_post_status;
$this->user_info['user_creadt'] = $rs->user_creadt;
$this->user_info['user_upddt'] = $rs->user_upddt;
$this->user_info['user_cn'] = dcUtils::getUserCN($rs->user_id, $rs->user_name, $rs->user_firstname, $rs->user_displayname);
$this->user_options = array_merge($this->core->userDefaults(), $rs->options());
$this->user_prefs = new dcPrefs($this->core, $this->user_id);
# Get permissions on blogs
if ($check_blog && $this->findUserBlog() === false) {
return false;
}
return true;
}
private static function lexicalSortHelper($a, $b)
{
return strcoll(strtolower(dcUtils::removeDiacritics($a)), strtolower(dcUtils::removeDiacritics($b)));
}
} catch (Exception $e) {
$core->error->add($e->getMessage());
}
# Getting langs
try {
$langs = $core->blog->getLangs();
} catch (Exception $e) {
$core->error->add($e->getMessage());
}
# Creating filter combo boxes
if (!$core->error->flag()) {
# Filter form we'll put in html_block
$users_combo = $categories_combo = array();
$users_combo['-'] = $categories_combo['-'] = '';
while ($users->fetch()) {
$user_cn = dcUtils::getUserCN($users->user_id, $users->user_name, $users->user_firstname, $users->user_displayname);
if ($user_cn != $users->user_id) {
$user_cn .= ' (' . $users->user_id . ')';
}
$users_combo[$user_cn] = $users->user_id;
}
while ($categories->fetch()) {
$categories_combo[str_repeat(' ', $categories->level - 1) . '• ' . html::escapeHTML($categories->cat_title) . ' (' . $categories->nb_post . ')'] = $categories->cat_id;
}
$status_combo = array('-' => '');
foreach ($core->blog->getAllPostStatus() as $k => $v) {
$status_combo[$v] = (string) $k;
}
$selected_combo = array('-' => '', __('selected') => '1', __('not selected') => '0');
# Months array
$dt_m_combo['-'] = '';
#
# Users on the blog (with permissions)
$blog_users = $core->getBlogPermissions($blog_id, $core->auth->isSuperAdmin());
$perm_types = $core->auth->getPermissionsTypes();
echo '<div class="multi-part" id="users" title="' . __('Users') . '">' . '<h3>' . __('Users on this blog') . '</h3>';
if (empty($blog_users)) {
echo '<p>' . __('No users') . '</p>';
} else {
if ($core->auth->isSuperAdmin()) {
$user_url_p = '<a href="user.php?id=%1$s">%1$s</a>';
} else {
$user_url_p = '%1$s';
}
foreach ($blog_users as $k => $v) {
if (count($v['p']) > 0) {
echo '<h4>' . sprintf($user_url_p, html::escapeHTML($k)) . ' (' . html::escapeHTML(dcUtils::getUserCN($k, $v['name'], $v['firstname'], $v['displayname'])) . ')';
if (!$v['super'] && $core->auth->isSuperAdmin()) {
echo ' - <a href="permissions.php?blog_id[]=' . $blog_id . '&user_id[]=' . $k . '">' . __('change permissions') . '</a>';
}
echo '</h4>';
echo '<ul>';
if ($v['super']) {
echo '<li>' . __('Super administrator') . '</li>';
} else {
foreach ($v['p'] as $p => $V) {
echo '<li>' . __($perm_types[$p]) . '</li>';
}
}
echo '</ul>';
}
}
private function lexicalSortCallback($a, $b)
{
$a = $a[$this->sortfield];
$b = $b[$this->sortfield];
# Integer values
if ($a == (string) (int) $a && $b == (string) (int) $b) {
$a = (int) $a;
$b = (int) $b;
return ($a - $b) * $this->sortsign;
}
return strcoll(strtolower(dcUtils::removeDiacritics($a)), strtolower(dcUtils::removeDiacritics($b))) * $this->sortsign;
}
/**
Returns author common name using user_id, user_name, user_firstname and
user_displayname fields.
@param rs Invisible parameter
@return <b>string</b>
*/
public static function getAuthorCN(&$rs)
{
return dcUtils::getUserCN($rs->user_id, $rs->user_name, $rs->user_firstname, $rs->user_displayname);
}
public static function installPackage($zip_file, dcModules &$modules)
{
$zip = new fileUnzip($zip_file);
$zip->getList(false, '#(^|/)(__MACOSX|\\.svn|\\.hg|\\.git|\\.DS_Store|\\.directory|Thumbs\\.db)(/|$)#');
$zip_root_dir = $zip->getRootDir();
$define = '';
if ($zip_root_dir != false) {
$target = dirname($zip_file);
$destination = $target . '/' . $zip_root_dir;
$define = $zip_root_dir . '/_define.php';
$has_define = $zip->hasFile($define);
} else {
$target = dirname($zip_file) . '/' . preg_replace('/\\.([^.]+)$/', '', basename($zip_file));
$destination = $target;
$define = '_define.php';
$has_define = $zip->hasFile($define);
}
if ($zip->isEmpty()) {
$zip->close();
unlink($zip_file);
throw new Exception(__('Empty module zip file.'));
}
if (!$has_define) {
$zip->close();
unlink($zip_file);
throw new Exception(__('The zip file does not appear to be a valid Dotclear module.'));
}
$ret_code = 1;
if (!is_dir($destination)) {
try {
files::makeDir($destination, true);
$sandbox = clone $modules;
$zip->unzip($define, $target . '/_define.php');
$sandbox->resetModulesList();
$sandbox->requireDefine($target, basename($destination));
unlink($target . '/_define.php');
$new_errors = $sandbox->getErrors();
if (!empty($new_errors)) {
$new_errors = is_array($new_errors) ? implode(" \n", $new_errors) : $new_errors;
throw new Exception($new_errors);
}
files::deltree($destination);
} catch (Exception $e) {
$zip->close();
unlink($zip_file);
files::deltree($destination);
throw new Exception($e->getMessage());
}
} else {
# test for update
$sandbox = clone $modules;
$zip->unzip($define, $target . '/_define.php');
$sandbox->resetModulesList();
$sandbox->requireDefine($target, basename($destination));
unlink($target . '/_define.php');
$new_modules = $sandbox->getModules();
if (!empty($new_modules)) {
$tmp = array_keys($new_modules);
$id = $tmp[0];
$cur_module = $modules->getModules($id);
if (!empty($cur_module) && (defined('DC_DEV') && DC_DEV === true || dcUtils::versionsCompare($new_modules[$id]['version'], $cur_module['version'], '>', true))) {
# delete old module
if (!files::deltree($destination)) {
throw new Exception(__('An error occurred during module deletion.'));
}
$ret_code = 2;
} else {
$zip->close();
unlink($zip_file);
throw new Exception(sprintf(__('Unable to upgrade "%s". (older or same version)'), basename($destination)));
}
} else {
$zip->close();
unlink($zip_file);
throw new Exception(sprintf(__('Unable to read new _define.php file')));
}
}
$zip->unzipAll($target);
$zip->close();
unlink($zip_file);
return $ret_code;
}
} else {
if ($core->auth->isSuperAdmin()) {
$user_url_p = '<a href="' . $core->adminurl->get("admin.user", array('id' => '%1$s'), '&', true) . '">%1$s</a>';
} else {
$user_url_p = '%1$s';
}
# Sort users list on user_id key
dcUtils::lexicalKeySort($blog_users);
$post_type = $core->getPostTypes();
$current_blog_id = $core->blog->id;
if ($blog_id != $core->blog->id) {
$core->setBlog($blog_id);
}
foreach ($blog_users as $k => $v) {
if (count($v['p']) > 0) {
echo '<div class="user-perm">' . '<h4>' . sprintf($user_url_p, html::escapeHTML($k)) . ' (' . html::escapeHTML(dcUtils::getUserCN($k, $v['name'], $v['firstname'], $v['displayname'])) . ')</h4>';
if ($core->auth->isSuperAdmin()) {
echo '<p>' . __('Email:') . ' ' . ($v['email'] != '' ? '<a href="mailto:' . $v['email'] . '">' . $v['email'] . '</a>' : __('(none)')) . '</p>';
}
echo '<h5>' . __('Publications on this blog:') . '</h5>' . '<ul>';
foreach ($post_type as $type => $pt_info) {
$params = array('post_type' => $type, 'user_id' => $k);
echo '<li>' . sprintf(__('%1$s: %2$s'), __($pt_info['label']), $core->blog->getPosts($params, true)->f(0)) . '</li>';
}
echo '</ul>';
echo '<h5>' . __('Permissions:') . '</h5>' . '<ul>';
if ($v['super']) {
echo '<li class="user_super">' . __('Super administrator') . '<br />' . '<span class="form-note">' . __('All rights on all blogs.') . '</span></li>';
} else {
foreach ($v['p'] as $p => $V) {
if (isset($perm_types[$p])) {
