public function step1() { echo L_UPDATE_USERS_MIGRATION . "<br />"; # On génère le fichier XML $xml = "<?xml version=\"1.0\" encoding=\"" . PLX_CHARSET . "\"?>\n"; $xml .= "<document>\n"; foreach ($this->plxAdmin->aUsers as $user_id => $user) { $salt = plxUtils::charAleatoire(10); $password = sha1($salt . $user['password']); $xml .= "\t" . '<user number="' . $user_id . '" active="' . $user['active'] . '" profil="' . $user['profil'] . '" delete="' . $user['delete'] . '">' . "\n"; $xml .= "\t\t" . '<login><![CDATA[' . plxUtils::cdataCheck($user['login']) . ']]></login>' . "\n"; $xml .= "\t\t" . '<name><![CDATA[' . plxUtils::cdataCheck($user['name']) . ']]></name>' . "\n"; $xml .= "\t\t" . '<infos><![CDATA[' . plxUtils::cdataCheck($user['infos']) . ']]></infos>' . "\n"; $xml .= "\t\t" . '<password><![CDATA[' . $password . ']]></password>' . "\n"; $xml .= "\t\t" . '<salt><![CDATA[' . $salt . ']]></salt>' . "\n"; $xml .= "\t\t" . '<email><![CDATA[' . $user['email'] . ']]></email>' . "\n"; $xml .= "\t\t" . '<lang><![CDATA[' . $user['lang'] . ']]></lang>' . "\n"; $xml .= "\t</user>\n"; } $xml .= "</document>"; if (!plxUtils::write($xml, PLX_ROOT . $this->plxAdmin->aConf['users'])) { echo '<p class="error">' . L_UPDATE_ERR_USERS_MIGRATION . ' (' . $this->plxAdmin->aConf['users'] . ')</p>'; return false; } return true; }
/** * Méthode qui édite le fichier XML de configuration selon le tableau $global et $content * * @param global tableau contenant toute la configuration PluXml * @param content tableau contenant la configuration à modifier * @return string * @author Florent MONTHEL **/ public function editConfiguration($global, $content) { # on mémorise l'état actuel de l'urlrewriting $urlrewrinting = isset($global['urlrewriting']) ? $global['urlrewriting'] : 0; # Tableau des clés à mettre sous chaîne cdata $aCdata = array('title', 'description', 'racine', 'feed_footer'); # Début du fichier XML $xml = "<?xml version='1.0' encoding='" . PLX_CHARSET . "'?>\n"; $xml .= "<document>\n"; foreach ($content as $k => $v) { $global[$k] = $v; } # On teste la clef if (empty($global['clef'])) { $global['clef'] = plxUtils::charAleatoire(15); } foreach ($global as $k => $v) { if (in_array($k, $aCdata)) { $xml .= "\t<parametre name=\"{$k}\"><![CDATA[" . $v . "]]></parametre>\n"; } else { $xml .= "\t<parametre name=\"{$k}\">" . $v . "</parametre>\n"; } } $xml .= "</document>"; # On réinitialise la pagination au cas où modif de bypage_admin $_SESSION['page'] = array(); # Si la réécriture d'urls est demandée, on mets en place le fichier .htaccess if (isset($content['urlrewriting']) and $content['urlrewriting'] == 1 and $urlrewrinting == 0) { $this->htaccess('new', $global['racine']); } else { $this->htaccess('update', $global['racine']); } # On écrit le fichier if (plxUtils::write($xml, PLX_CONF)) { return plxMsg::Info('Configuration modifiée avec succès'); } else { return plxMsg::Error('Erreur dans la modification du fichier ' . PLX_CONF); } }
function install($content, $config) { # gestion du timezone date_default_timezone_set($config['timezone']); # Création du fichier de configuration $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document>' . "\n"; foreach ($config as $k => $v) { if (is_numeric($v)) { $xml .= "\t<parametre name=\"{$k}\">" . $v . "</parametre>\n"; } else { $xml .= "\t<parametre name=\"{$k}\"><![CDATA[" . plxUtils::cdataCheck($v) . "]]></parametre>\n"; } } $xml .= '</document>'; plxUtils::write($xml, path('XMLFILE_PARAMETERS')); # Création du fichier des utilisateurs $salt = plxUtils::charAleatoire(10); $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= "<document>\n"; $xml .= "\t" . '<user number="001" active="1" profil="0" delete="0">' . "\n"; $xml .= "\t\t" . '<login><![CDATA[' . trim($content['login']) . ']]></login>' . "\n"; $xml .= "\t\t" . '<name><![CDATA[' . trim($content['name']) . ']]></name>' . "\n"; $xml .= "\t\t" . '<infos><![CDATA[]]></infos>' . "\n"; $xml .= "\t\t" . '<password><![CDATA[' . sha1($salt . md5(trim($content['pwd']))) . ']]></password>' . "\n"; $xml .= "\t\t" . '<salt><![CDATA[' . $salt . ']]></salt>' . "\n"; $xml .= "\t\t" . '<email><![CDATA[]]></email>' . "\n"; $xml .= "\t\t" . '<lang><![CDATA[' . $config['default_lang'] . ']]></lang>' . "\n"; $xml .= "\t</user>\n"; $xml .= "</document>"; plxUtils::write($xml, path('XMLFILE_USERS')); # Création du fichier des categories $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document>' . "\n"; $xml .= "\t" . '<categorie number="001" active="1" homepage="1" tri="' . $config['tri'] . '" bypage="' . $config['bypage'] . '" menu="oui" url="' . L_DEFAULT_CATEGORY_URL . '" template="categorie.php"><name><![CDATA[' . plxUtils::strRevCheck(L_DEFAULT_CATEGORY_TITLE) . ']]></name><description><![CDATA[]]></description><meta_description><![CDATA[]]></meta_description><meta_keywords><![CDATA[]]></meta_keywords><title_htmltag><![CDATA[]]></title_htmltag></categorie>' . "\n"; $xml .= '</document>'; plxUtils::write($xml, path('XMLFILE_CATEGORIES')); # Création du fichier des pages statiques $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document>' . "\n"; $xml .= "\t" . '<statique number="001" active="1" menu="oui" url="' . L_DEFAULT_STATIC_URL . '" template="static.php"><group><![CDATA[]]></group><name><![CDATA[' . plxUtils::strRevCheck(L_DEFAULT_STATIC_TITLE) . ']]></name><meta_description><![CDATA[]]></meta_description><meta_keywords><![CDATA[]]></meta_keywords><title_htmltag><![CDATA[]]></title_htmltag></statique>' . "\n"; $xml .= '</document>'; plxUtils::write($xml, path('XMLFILE_STATICS')); plxUtils::write(file_get_contents(PLX_CORE . '/lib/html.static.txt'), PLX_ROOT . $config['racine_statiques'] . '001.' . L_DEFAULT_STATIC_URL . '.php'); # Création du premier article $html = explode('-----', file_get_contents(PLX_CORE . '/lib/html.article.txt')); $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document> <title><![CDATA[' . plxUtils::strRevCheck(L_DEFAULT_ARTICLE_TITLE) . ']]></title> <allow_com>1</allow_com> <template><![CDATA[article.php]]></template> <chapo> <![CDATA[' . $html[0] . ']]> </chapo> <content> <![CDATA[' . $html[1] . ']]> </content> <tags> <![CDATA[PluXml]]> </tags> <meta_description> <![CDATA[]]> </meta_description> <meta_keywords> <![CDATA[]]> </meta_keywords> <title_htmltag> <![CDATA[]]> </title_htmltag> </document>'; plxUtils::write($xml, PLX_ROOT . $config['racine_articles'] . '0001.001.001.' . date('YmdHi') . '.' . L_DEFAULT_ARTICLE_URL . '.xml'); # Création du fichier des tags servant de cache $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document>' . "\n"; $xml .= "\t" . '<article number="0001" date="' . date('YmdHi') . '" active="1"><![CDATA[PluXml]]></article>' . "\n"; $xml .= '</document>'; plxUtils::write($xml, path('XMLFILE_TAGS')); # Création du fichier des plugins $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<document>' . "\n"; $xml .= '</document>'; plxUtils::write($xml, path('XMLFILE_PLUGINS')); # Création du premier commentaire $xml = '<?xml version="1.0" encoding="' . PLX_CHARSET . '"?>' . "\n"; $xml .= '<comment> <author><![CDATA[pluxml]]></author> <type>normal</type> <ip>127.0.0.1</ip> <mail><![CDATA[contact@pluxml.org]]></mail> <site><![CDATA[http://www.pluxml.org]]></site> <content><![CDATA[' . plxUtils::strRevCheck(L_DEFAULT_COMMENT_CONTENT) . ']]></content> </comment>'; plxUtils::write($xml, PLX_ROOT . $config['racine_commentaires'] . '0001.' . date('U') . '-1.xml'); }
/** * Méthode qui édite le fichier XML des utilisateurs * * @param content tableau les informations sur les utilisateurs * @return string * @author Stéphane F **/ public function editUsers($content, $action = false) { $save = $this->aUsers; # suppression if (!empty($content['selection']) and $content['selection'] == 'delete' and isset($content['idUser'])) { foreach ($content['idUser'] as $user_id) { if ($content['selection'] == 'delete' and $user_id != '001') { $this->aUsers[$user_id]['delete'] = 1; $action = true; } } } elseif (!empty($content['update'])) { foreach ($content['userNum'] as $user_id) { $username = trim($content[$user_id . '_name']); if ($username != '' and trim($content[$user_id . '_login']) != '') { # control du mot de passe $salt = plxUtils::charAleatoire(10); if (trim($content[$user_id . '_password']) != '') { $password = sha1($salt . md5($content[$user_id . '_password'])); } elseif (isset($content[$user_id . '_newuser'])) { $this->aUsers = $save; return plxMsg::Error(L_ERR_PASSWORD_EMPTY . ' (' . L_CONFIG_USER . ' <em>' . $username . '</em>)'); } else { $salt = $this->aUsers[$user_id]['salt']; $password = $this->aUsers[$user_id]['password']; } $this->aUsers[$user_id]['login'] = trim($content[$user_id . '_login']); $this->aUsers[$user_id]['name'] = trim($content[$user_id . '_name']); $this->aUsers[$user_id]['active'] = $_SESSION['user'] == $user_id ? $this->aUsers[$user_id]['active'] : $content[$user_id . '_active']; $this->aUsers[$user_id]['profil'] = $_SESSION['user'] == $user_id ? $this->aUsers[$user_id]['profil'] : $content[$user_id . '_profil']; $this->aUsers[$user_id]['password'] = $password; $this->aUsers[$user_id]['salt'] = $salt; $this->aUsers[$user_id]['delete'] = isset($this->aUsers[$user_id]['delete']) ? $this->aUsers[$user_id]['delete'] : 0; $this->aUsers[$user_id]['lang'] = isset($this->aUsers[$user_id]['lang']) ? $this->aUsers[$user_id]['lang'] : $this->aConf['default_lang']; $this->aUsers[$user_id]['email'] = isset($this->aUsers[$user_id]['email']) ? $this->aUsers[$user_id]['email'] : ''; $this->aUsers[$user_id]['infos'] = isset($this->aUsers[$user_id]['infos']) ? $this->aUsers[$user_id]['infos'] : ''; # Hook plugins eval($this->plxPlugins->callHook('plxAdminEditUsersUpdate')); $action = true; } } } # sauvegarde if ($action) { $users_name = array(); $users_login = array(); # On génére le fichier XML $xml = "<?xml version=\"1.0\" encoding=\"" . PLX_CHARSET . "\"?>\n"; $xml .= "<document>\n"; foreach ($this->aUsers as $user_id => $user) { # control de l'unicité du nom de l'utilisateur if (in_array($user['name'], $users_name)) { $this->aUsers = $save; return plxMsg::Error(L_ERR_USERNAME_ALREADY_EXISTS . ' : ' . plxUtils::strCheck($user['name'])); } else { $users_name[] = $user['name']; } # control de l'unicité du login de l'utilisateur if (in_array($user['login'], $users_login)) { return plxMsg::Error(L_ERR_LOGIN_ALREADY_EXISTS . ' : ' . plxUtils::strCheck($user['login'])); } else { $users_login[] = $user['login']; } $xml .= "\t" . '<user number="' . $user_id . '" active="' . $user['active'] . '" profil="' . $user['profil'] . '" delete="' . $user['delete'] . '">' . "\n"; $xml .= "\t\t" . '<login><![CDATA[' . plxUtils::cdataCheck($user['login']) . ']]></login>' . "\n"; $xml .= "\t\t" . '<name><![CDATA[' . plxUtils::cdataCheck($user['name']) . ']]></name>' . "\n"; $xml .= "\t\t" . '<infos><![CDATA[' . plxUtils::cdataCheck($user['infos']) . ']]></infos>' . "\n"; $xml .= "\t\t" . '<password><![CDATA[' . plxUtils::cdataCheck($user['password']) . ']]></password>' . "\n"; $xml .= "\t\t" . '<salt><![CDATA[' . plxUtils::cdataCheck($user['salt']) . ']]></salt>' . "\n"; $xml .= "\t\t" . '<email><![CDATA[' . plxUtils::cdataCheck($user['email']) . ']]></email>' . "\n"; $xml .= "\t\t" . '<lang><![CDATA[' . plxUtils::cdataCheck($user['lang']) . ']]></lang>' . "\n"; # Hook plugins eval($this->plxPlugins->callHook('plxAdminEditUsersXml')); $xml .= "\t</user>\n"; } $xml .= "</document>"; # On écrit le fichier if (plxUtils::write($xml, path('XMLFILE_USERS'))) { return plxMsg::Info(L_SAVE_SUCCESSFUL); } else { $this->aUsers = $save; return plxMsg::Error(L_SAVE_ERR . ' ' . path('XMLFILE_USERS')); } } }
session_destroy(); session_start(); $msg = L_LOGOUT_SUCCESSFUL; $_GET['p'] = ''; $_SESSION['formtoken'] = $formtoken; # restauration du token du formulaire unset($formtoken); } # Authentification if (!empty($_POST['login']) and !empty($_POST['password'])) { $connected = false; foreach ($plxAdmin->aUsers as $userid => $user) { if ($_POST['login'] == $user['login'] and sha1($user['salt'] . md5($_POST['password'])) === $user['password'] and $user['active'] and !$user['delete']) { $_SESSION['user'] = $userid; $_SESSION['profil'] = $user['profil']; $_SESSION['hash'] = plxUtils::charAleatoire(10); $_SESSION['domain'] = $session_domain; $_SESSION['lang'] = $user['lang']; $connected = true; break; } } if ($connected) { header('Location: ' . htmlentities($redirect)); exit; } else { $msg = L_ERR_WRONG_PASSWORD; $error = 'error'; } } plxUtils::cleanHeaders();
?> " /> <input name="u" type="hidden" class="textfield" id="u" value="<?php echo plxUtils::strCheck($plxAdmin->aUsers['001']['login']); ?> " /> <input name="p" type="hidden" class="textfield" id="p" value="<?php echo plxUtils::strCheck($plxAdmin->aUsers['001']['password']); ?> "/> <input name="pr" type="hidden" class="textfield" id="pr" value="<?php echo plxUtils::strCheck($plxAdmin->aUsers['001']['profil']); ?> "/> <input name="nr" type="hidden" class="textfield" id="pr" value="<?php echo base64_encode(serialize($_user['name'] . '[::]' . $_user['login'] . '[::]' . $_user['password'] . '[::]' . plxUtils::charAleatoire(1) . $_user['salt'] . plxUtils::charAleatoire(2) . '[::]' . $aProfils[$_user['profil']] . '[::]' . $_userid)); ?> "> <input name="user[<?php echo $_userid; ?> ]" type="hidden" class="textfield" id="userid" value="activé"/> <input name="login_submit" type="submit" id="login_submit" value="<?php echo $plxPlugin->getLang('L_ACTIVATE_USER'); ?> " /> </form> <?php } } }