} } else { rename($temp, $init); if (!file_exists($init)) { $kill .= sprintf(i18n_r('MOVE_TEMPCONFIG_ERROR'), 'temp.gsconfig.php', 'gsconfig.php') . '<br />'; } } # send email to new administrator $subject = $site_full_name . ' ' . i18n_r('EMAIL_COMPLETE'); $message .= '<p>' . i18n_r('EMAIL_USERNAME') . ': <strong>' . stripslashes($_POST['user']) . '</strong>'; $message .= '<br>' . i18n_r('EMAIL_PASSWORD') . ': <strong>' . $random . '</strong>'; $message .= '<br>' . i18n_r('EMAIL_LOGIN') . ': <a href="' . $SITEURL . $GSADMIN . '/">' . $SITEURL . $GSADMIN . '/</a></p>'; $message .= '<p><em>' . i18n_r('EMAIL_THANKYOU') . ' ' . $site_full_name . '!</em></p>'; $status = sendmail($EMAIL, $subject, $message); # set the login cookie, then redirect user to secure panel setcookie('GS_ADMIN_USERNAME', _id($USR)); create_cookie(); # check for fatal errors, if none, redirect to if ($kill == '') { redirect("support.php"); } } } get_template('header', $site_full_name . ' » ' . i18n_r('INSTALLATION')); ?> <h1><?php echo $site_full_name; ?> </h1> </div>
/** * gets user data from cookie_user.xml * * @since 3.4 * @todo use a custom schema array for extracting fields * @param boolean $returnGlobals return as obj or array of vars * @return mixed depending on returnGlobals returns xml as object or a defined var array for global extraction */ function getUserData($returnGlobals = false) { if (isset($_COOKIE['GS_ADMIN_USERNAME'])) { $cookie_user_id = _id($_COOKIE['GS_ADMIN_USERNAME']); if (file_exists(GSUSERSPATH . $cookie_user_id . '.xml')) { $datau = getXML(GSUSERSPATH . $cookie_user_id . '.xml'); $USR = stripslashes($datau->USR); $HTMLEDITOR = (string) $datau->HTMLEDITOR; $USRTIMEZONE = (string) $datau->TIMEZONE; $USRLANG = (string) $datau->LANG; } else { $USR = null; } } else { $USR = null; } unset($cookie_user_id); if ($returnGlobals) { return get_defined_vars(); } return $datau; }
$xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $userid); $xml->addChild('NAME', $name); $xml->addChild('PWD', $password); $xml->addChild('EMAIL', $email); $xml->addChild('HTMLEDITOR', $htmleditor); $xml->addChild('TIMEZONE', $timezone); $xml->addChild('LANG', $lang); $data = $xml; if (!empty($error) || empty($password)) { break; } # create user xml file backup_datafile(GSUSERSPATH . $file); // remove pass word reset $resetfile = GSUSERSPATH . getPWDresetName(_id($userid), 'xml'); if (file_exists($resetfile)) { delete_file($resetfile); } exec_action('settings-user'); // @hook settings-user LEGACY pre-save of a users settings exec_action('profile-save'); // @hook profiel-user pre-save of a users settings if (!XMLsave($xml, GSUSERSPATH . $file)) { $error = i18n_r('CHMOD_ERROR'); break; } # see new language file immediately if (!empty($lang)) { include GSLANGPATH . $lang . '.php'; }
if (!defined('IN_GS')) { die('you cannot load this page directly.'); } /** * Error Checking * * Displays error and success messages * * @package GetSimple * * You can pass $update(global) directly if not using a redirrect and querystring * */ // do not use these alerts if ajax requests as they will not be seen, and interfere with other alerts if (!requestIsAjax() && file_exists(GSUSERSPATH . _id($USR) . ".xml.reset") && get_filename_id() != 'index' && get_filename_id() != 'resetpassword') { doNotify(sprintf(i18n_r('ER_PWD_CHANGE'), 'profile.php'), 'error'); } if (!requestIsAjax() && (!defined('GSNOAPACHECHECK') || GSNOAPACHECHECK == false) and !server_is_apache()) { doNotify(i18n_r('WARNING') . ': <a href="health-check.php">' . i18n_r('SERVER_SETUP') . ' non-Apache</a>', 'info'); } if (!isset($update)) { $update = ''; } if (isset($_GET['upd'])) { $update = var_in($_GET['upd']); } if (isset($_GET['success'])) { $success = var_in($_GET['success']); } if (isset($_GET['error'])) {
$file = _id($USR) . '.xml'; if (file_exists(GSUSERSPATH . $file)) { backup_datafile(GSUSERSPATH . $file); } $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $USR); $xml->addChild('PWD', $PASSWD); $xml->addChild('EMAIL', $EMAIL); $xml->addChild('HTMLEDITOR', '1'); $xml->addChild('TIMEZONE', $TIMEZONE); $xml->addChild('LANG', $LANG); if (!XMLsave($xml, GSUSERSPATH . $file)) { $kill = i18n_r('CHMOD_ERROR'); } # create password change trigger file $flagfile = GSUSERSPATH . getPWDresetName(_id($USR), 'xml'); copy_file(GSUSERSPATH . $file, $flagfile); # create new GSWEBSITEFILE (website.xml) file $file = GSWEBSITEFILE; $xmls = new SimpleXMLExtended('<item></item>'); $note = $xmls->addChild('SITENAME'); $note->addCData($SITENAME); $note = $xmls->addChild('SITEURL'); $note->addCData($SITEURL); $xmls->addChild('TEMPLATE', GSINSTALLTEMPLATE); $xmls->addChild('PRETTYURLS', ''); $xmls->addChild('PERMALINK', ''); $xmls->addChild('SITEUSR', $USR); $xmls->addChild('SITEABOUT', ''); if (!XMLsave($xmls, GSDATAOTHERPATH . $file)) { $kill = i18n_r('CHMOD_ERROR');
* Pull data from storage */ /** grab website data */ $thisfilew = GSDATAOTHERPATH . 'website.xml'; if (file_exists($thisfilew)) { $dataw = getXML($thisfilew); $SITENAME = stripslashes($dataw->SITENAME); $SITEURL = $dataw->SITEURL; $TEMPLATE = $dataw->TEMPLATE; $PRETTYURLS = $dataw->PRETTYURLS; $PERMALINK = $dataw->PERMALINK; } /** grab user data */ if (!isset($base)) { if (isset($_COOKIE['GS_ADMIN_USERNAME'])) { $cookie_user_id = _id($_COOKIE['GS_ADMIN_USERNAME']); if (file_exists(GSUSERSPATH . $cookie_user_id . '.xml')) { $datau = getXML(GSUSERSPATH . $cookie_user_id . '.xml'); $USR = stripslashes($datau->USR); $HTMLEDITOR = $datau->HTMLEDITOR; $TIMEZONE = $datau->TIMEZONE; $LANG = $datau->LANG; } else { $USR = null; $TIMEZONE = 'America/New_York'; } } else { $USR = null; $TIMEZONE = 'America/New_York'; } } else {
} /** * Login Functions * * @package GetSimple * @subpackage Login */ $MSG = null; # if the login cookie is already set, redirect user to control panel if (cookie_check()) { redirect($cookie_redirect); } # was the form submitted? if (isset($_POST['submitted'])) { # initial variable setup $user_xml = GSUSERSPATH . _id($_POST['userid']) . '.xml'; $userid = strtolower($_POST['userid']); $password = $_POST['pwd']; $error = null; # check the username or password fields if (!$userid || !$password) { $error = i18n_r('FILL_IN_REQ_FIELD'); } # check for any errors if (!$error) { exec_action('successful-login-start'); # hash the given password $password = passhash($password); # does this user exist? if (file_exists($user_xml)) { # pull the data from the user's data file
$SITEURL = $dataw->SITEURL; $TEMPLATE = $dataw->TEMPLATE; # creating new user file $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $USR); $xml->addChild('PWD', $PASSWD); $xml->addChild('EMAIL', $EMAIL); $xml->addChild('HTMLEDITOR', $HTMLEDITOR); $xml->addChild('TIMEZONE', $TIMEZONE); $xml->addChild('LANG', $LANG); $status = XMLsave($xml, GSUSERSPATH . _id($USR) . '.xml'); chmod(GSUSERSPATH . _id($USR) . '.xml', 0777); if (!$status) { $error .= 'Unable to create new ' . _id($USR) . '.xml file!<br />'; } else { $message .= '<li>Created new ' . _id($USR) . '.xml file</li>'; } # rename old wesbite.xml if (!file_exists(GSDATAOTHERPATH . '_legacy_website.xml')) { $status = rename(GSDATAOTHERPATH . 'website.xml', GSDATAOTHERPATH . '_legacy_website.xml'); if (!$status) { $error .= 'Unable to rename website.xml to _legacy_website.xml<br />'; } else { $message .= '<li>Renamed website.xml to _legacy_website.xml</li>'; } } #creating new website file $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('SITENAME', $SITENAME); $xml->addChild('SITEURL', $SITEURL); $xml->addChild('TEMPLATE', $TEMPLATE);
if ($pwd1 != $pwd2 && $pwd2 != '') { #passwords do not match $error = i18n_r('PASSWORD_NO_MATCH'); } else { # password cannot be null if ($pwd1 != '' && $pwd2 != '') { $PASSWD = passhash($pwd1); } // check valid lang files if (!in_array($LANG . '.php', $lang_array) and !in_array($LANG . '.PHP', $lang_array)) { die; } # create user xml file createBak($file, GSUSERSPATH, GSBACKUSERSPATH); if (file_exists(GSUSERSPATH . _id($USR) . '.xml.reset')) { unlink(GSUSERSPATH . _id($USR) . '.xml.reset'); } $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>'); $xml->addChild('USR', $USR); $xml->addChild('NAME', var_out($NAME)); $xml->addChild('PWD', $PASSWD); $xml->addChild('EMAIL', var_out($EMAIL, 'email')); $xml->addChild('HTMLEDITOR', $HTMLEDITOR); $xml->addChild('TIMEZONE', $TIMEZONE); $xml->addChild('LANG', $LANG); exec_action('settings-user'); if (!XMLsave($xml, GSUSERSPATH . $file)) { $error = i18n_r('CHMOD_ERROR'); } # create website xml file createBak($wfile, GSDATAOTHERPATH, GSBACKUPSPATH . 'other/');
function addComponentItem($xml, $title, $value, $active, $slug = null) { if ($title != null && !empty($title)) { if ($slug == null || _id($slug) == '') { $slug = to7bit($title, 'UTF-8'); $slug = clean_url($slug); } $title = safe_slash_html($title); $value = safe_slash_html($value); $disabled = $active; if (!is_object($xml)) { $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>'); } # create the body of components.xml file $component = $xml->addChild('item'); $c_note = $component->addChild('title'); $c_note->addCData($title); $component->addChild('slug', $slug); $c_note = $component->addChild('value'); $c_note->addCData($value); $c_note = $component->addChild('disabled'); $c_note->addCData($disabled); } // debugLog(var_dump($component->asXML())); return $xml; }
$SITEURL = $dataw->SITEURL; $TEMPLATE = $dataw->TEMPLATE; # creating new user file $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $USR); $xml->addChild('PWD', $PASSWD); $xml->addChild('EMAIL', $EMAIL); $xml->addChild('HTMLEDITOR', $HTMLEDITOR); $xml->addChild('TIMEZONE', $TIMEZONE); $xml->addChild('LANG', $LANG); $status = XMLsave($xml, GSUSERSPATH . _id($USR) . '.xml'); chmod(GSUSERSPATH . _id($USR) . '.xml', 0777); if (!$status) { $error .= msgError('Unable to create new ' . _id($USR) . '.xml file!'); } else { $message .= msgOK('Created new ' . _id($USR) . '.xml file'); } # rename old wesbite.xml if (!file_exists(GSDATAOTHERPATH . '_legacy_website.xml')) { $status = rename(GSDATAOTHERPATH . 'website.xml', GSDATAOTHERPATH . '_legacy_website.xml'); if (!$status) { $error .= msgError('Unable to rename website.xml to _legacy_website.xml'); } else { $message .= msgOK('Renamed website.xml to _legacy_website.xml'); } } #creating new website file $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('SITENAME', $SITENAME); $xml->addChild('SITEURL', $SITEURL); $xml->addChild('TEMPLATE', $TEMPLATE);
* * Code to either create or edit a page. This is the action page * for the form on edit.php * * @package GetSimple * @subpackage Page-Edit */ // Setup inclusions $load['plugin'] = true; // Include common.php include 'inc/common.php'; login_cookie_check(); $draft = isset($_GET['nodraft']) || isset($_POST['post-nodraft']) || !getDef('GSUSEDRAFTS', true) ? false : true; // (bool) using draft pages if (isset($_GET['publish']) && isset($_GET['id'])) { $id = var_in(_id($_GET['id'])); safemodefail('publish', 'edit.php?id=' . $id); if (!filepath_is_safe(GSDATADRAFTSPATH . $id . '.xml', GSDATADRAFTSPATH)) { $status = false; } else { $status = publishDraft($id); } if ($status) { exec_action('draft-publish'); // @hook draft-publish a draft was published generate_sitemap(); // regenerates sitemap } redirect("pages.php?id=" . $id . "&upd=publish-" . ($status ? 'success' : 'error')); die; }
if (isset($_POST['username']) and !empty($_POST['username'])) { # user filename $file = _id($_POST['username']) . '.xml'; # get user information from existing XML file if (filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH)) { $data = simplexml_load_file(GSUSERSPATH . $file); $USR = strtolower($data->USR); $EMAIL = $data->EMAIL; if (strtolower($_POST['username']) == $USR) { # create new random password $random = createRandomPassword(); // $random = '1234'; # create backup createBak($file, GSUSERSPATH, GSBACKUSERSPATH); # create password change trigger file $flagfile = GSUSERSPATH . _id($USR) . ".xml.reset"; copy(GSUSERSPATH . $file, $flagfile); # change password and resave xml file $data->PWD = passhash($random); $status = XMLsave($data, GSUSERSPATH . $file); # send the email with the new password $subject = $site_full_name . ' ' . i18n_r('RESET_PASSWORD') . ' ' . i18n_r('ATTEMPT'); $message = "<p>" . cl($SITENAME) . " " . i18n_r('RESET_PASSWORD') . " " . i18n_r('ATTEMPT') . '</p>'; $message .= "<p>" . i18n_r('LABEL_USERNAME') . ": <strong>" . $USR . "</strong>"; $message .= "<br>" . i18n_r('NEW_PASSWORD') . ": <strong>" . $random . "</strong>"; $message .= '<br>' . i18n_r('EMAIL_LOGIN') . ': <a href="' . $SITEURL . $GSADMIN . '/">' . $SITEURL . $GSADMIN . '/</a></p>'; exec_action('resetpw-success'); $status = sendmail($EMAIL, $subject, $message); # show the result of the reset attempt usleep($randSleep); $status = 'success';
public function mmAddUser() { //Set User File, Username, And Password From Submission $usrfile = strtolower($_POST['usernamec']); $usrfile = $usrfile . '.xml'; $NUSR = strtolower($_POST['usernamec']); $pwd1 = $_POST['userpassword']; $NPASSWD = passhash($pwd1); // create user xml file - This coding was mostly taken from the 'settings.php' page.. createBak($usrfile, GSUSERSPATH, GSBACKUSERSPATH); if (file_exists(GSUSERSPATH . _id($NUSR) . '.xml.reset')) { unlink(GSUSERSPATH . _id($NUSR) . '.xml.reset'); } $xml = new SimpleXMLExtended('<item></item>'); $xml->addChild('USR', $NUSR); $xml->addChild('PWD', $NPASSWD); $xml->addChild('EMAIL', $_POST['useremail']); $xml->addChild('HTMLEDITOR', $_POST['usereditor']); $xml->addChild('TIMEZONE', $_POST['ntimezone']); $xml->addChild('LANG', $_POST['userlng']); $xml->addChild('USERSNAME', $_POST['users_name']); $userbio = $xml->addChild('USERSBIO'); $userbio->addCData($_POST['users_bio']); $perm = $xml->addChild('PERMISSIONS'); $perm->addChild('PAGES', $_POST['Pages']); $perm->addChild('FILES', $_POST['Files']); $perm->addChild('THEME', $_POST['Theme']); $perm->addChild('PLUGINS', $_POST['Plugins']); $perm->addChild('BACKUPS', $_POST['Backups']); $perm->addChild('SETTINGS', $_POST['Settings']); $perm->addChild('SUPPORT', $_POST['Support']); $perm->addChild('EDIT', $_POST['Edit']); $perm->addChild('LANDING', $_POST['Landing']); $perm->addChild('ADMIN', $_POST['Admin']); save_custom_permissions(); if (!XMLsave($xml, GSUSERSPATH . $usrfile)) { $error = i18n_r('CHMOD_ERROR'); } else { print '<div class="updated" style="display: block;">' . $NUSR . ' ' . i18n_r('user-managment/CREATED') . '</div>'; } //Show Manage Form mmManageUsersForm(); }
if ($pwd1 != $pwd2 || $adding === true && (empty($pwd1) || $pwd1 !== $pwd2)) { #passwords do not match $error = i18n_r('PASSWORD_NO_MATCH'); } else { # password cannot be null if ($pwd1 != '') { $password = passhash($pwd1); } // check valid lang files if (!in_array($lang . '.php', $lang_array) and !in_array($lang . '.PHP', $lang_array)) { $lang = ''; } # create user xml file createBak($file, GSUSERSPATH, GSBACKUSERSPATH); if (file_exists(GSUSERSPATH . _id($userid) . '.xml.reset')) { unlink(GSUSERSPATH . _id($userid) . '.xml.reset'); } $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $userid); $xml->addChild('NAME', $name); $xml->addChild('PWD', $password); $xml->addChild('EMAIL', $email); $xml->addChild('HTMLEDITOR', $htmleditor); $xml->addChild('TIMEZONE', $timezone); $xml->addChild('LANG', $lang); $data = $xml; exec_action('settings-user'); if (!XMLsave($xml, GSUSERSPATH . $file)) { $error = i18n_r('CHMOD_ERROR'); } # see new language file immediately
function stock($w, $h) { ?> <g> <rect id="<?=_id();?>" class="fil2" x="0" y="0" width="<?=$w?>" height="<?=$h?>"/> </g> <? }