if ((!isset($userfixedtheme) || $userfixedtheme == "") && (isset($py["userpreferencegroup"]) && preg_replace("/^col-/", "", $py["name"]) == $ctheme)) { $exists = sql_value("SELECT name as value FROM plugins WHERE name='" . $plugin["name"] . "'", ''); if ($exists) { include_plugin_config($plugin['name'], $plugin['config'], $plugin['config_json']); register_plugin($plugin['name']); register_plugin_language($plugin['name']); $plugins[] = $plugin['name']; } } # Check group access and applicable for this user in the group if (!isset($py["userpreferencegroup"]) && $plugin['enabled_groups'] != '') { $s = explode(",", $plugin['enabled_groups']); if (isset($usergroup) && in_array($usergroup, $s)) { include_plugin_config($plugin['name'], $plugin['config'], $plugin['config_json']); register_plugin($plugin['name']); register_plugin_language($plugin['name']); $plugins[] = $plugin['name']; } } else { if (!isset($py["userpreferencegroup"]) && $plugin['enabled_groups'] == '') { $plugins[] = $plugin['name']; } } } foreach ($plugins as $plugin) { hook("afterregisterplugin", "", array($plugin)); } // Load user config options process_config_options($userref); hook('handleuserref', '', array($userref)); if (($userpassword == "b58d18f375f68d13587ce8a520a87919" || $userpassword == "b975fc60c53ab4780623e0cd813095e328ddf8ff5a3d01d134f6df7391c42ff5") && $pagename != "user_change_password" && $pagename != "collections") {
function check_access_key($resource, $key) { # Verify a supplied external access key # Option to plugin in some extra functionality to check keys if (hook("check_access_key", "", array($resource, $key)) === true) { return true; } $keys = sql_query("select user,usergroup,expires from external_access_keys where resource='{$resource}' and access_key='{$key}' and (expires is null or expires>now())"); if (count($keys) == 0) { return false; } else { # "Emulate" the user that e-mailed the resource by setting the same group and permissions $user = $keys[0]["user"]; $expires = $keys[0]["expires"]; # Has this expired? if ($expires != "" && strtotime($expires) < time()) { global $lang; ?> <script type="text/javascript"> alert("<?php echo $lang["externalshareexpired"]; ?> "); history.go(-1); </script> <?php exit; } global $usergroup, $userpermissions, $userrequestmode, $userfixedtheme, $usersearchfilter; $groupjoin = "u.usergroup=g.ref"; if ($keys[0]["usergroup"] != "") { # Select the user group from the access key instead. $groupjoin = "g.ref='" . escape_check($keys[0]["usergroup"]) . "'"; } $userinfo = sql_query("select g.ref usergroup,g.permissions,g.fixed_theme,g.search_filter from user u join usergroup g on {$groupjoin} where u.ref='{$user}'"); if (count($userinfo) > 0) { $usergroup = $userinfo[0]["usergroup"]; # Older mode, where no user group was specified, find the user group out from the table. $userpermissions = explode(",", $userinfo[0]["permissions"]); $usersearchfilter = $userinfo[0]["search_filter"]; if (trim($userinfo[0]["fixed_theme"]) != "") { $userfixedtheme = $userinfo[0]["fixed_theme"]; } # Apply fixed theme also if (hook("modifyuserpermissions")) { $userpermissions = hook("modifyuserpermissions"); } $userrequestmode = 0; # Always use 'email' request mode for external users # Load any plugins specific to the group of the sharing user, but only once as may be checking multiple keys global $emulate_plugins_set; if ($emulate_plugins_set !== true) { global $plugins; $enabled_plugins = sql_query("SELECT name,enabled_groups, config, config_json FROM plugins WHERE inst_version>=0 AND length(enabled_groups)>0 ORDER BY priority"); foreach ($enabled_plugins as $plugin) { $s = explode(",", $plugin['enabled_groups']); if (in_array($usergroup, $s)) { include_plugin_config($plugin['name'], $plugin['config'], $plugin['config_json']); register_plugin($plugin['name']); $plugins[] = $plugin['name']; } } for ($n = count($plugins) - 1; $n >= 0; $n--) { register_plugin_language($plugins[$n]); } $emulate_plugins_set = true; } } # Special case for anonymous logins. # When a valid key is present, we need to log the user in as the anonymous user so they will be able to browse the public links. global $anonymous_login; if (isset($anonymous_login)) { global $username, $baseurl; if (is_array($anonymous_login)) { foreach ($anonymous_login as $key => $val) { if ($baseurl == $key) { $anonymous_login = $val; } } } $username = $anonymous_login; } # Set the 'last used' date for this key sql_query("update external_access_keys set lastused=now() where resource='{$resource}' and access_key='{$key}'"); return true; } }
$results = sql_query("select language,name,text from site_text where (page='{$pagename}' or page='all') and specific_to_group='{$usergroup}'"); for ($n = 0; $n < count($results); $n++) { $site_text[$results[$n]["language"] . "-" . $results[$n]["name"]] = $results[$n]["text"]; } } } /* end replacesitetextloader */ # Load group specific plugins $active_plugins = sql_query("SELECT name,enabled_groups, config, config_json FROM plugins WHERE inst_version>=0 AND length(enabled_groups)>0 ORDER BY priority"); foreach ($active_plugins as $plugin) { # Check group access, only enable for global access at this point $s = explode(",", $plugin['enabled_groups']); if (in_array($usergroup, $s)) { include_plugin_config($plugin['name'], $plugin['config'], $plugin['config_json']); register_plugin($plugin['name']); $plugins[] = $plugin['name']; } } for ($n = count($plugins) - 1; $n >= 0; $n--) { register_plugin_language($plugins[$n]); } if ($userpassword == "b58d18f375f68d13587ce8a520a87919" && $pagename != "user_preferences" && $pagename != "collections") { ?> <script> top.location.href="<?php echo $baseurl_short; ?> pages/user_preferences.php"; </script> <?php }