}
AJXP_XMLWriter::close();
exit(1);
}
if ($Driver->hasAction($action)) {
// CHECK RIGHTS
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($Driver->actionNeedsRight($action, "r") && ($loggedUser == null || !$loggedUser->canRead(ConfService::getCurrentRootDirIndex() . ""))) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage(null, $mess[208]);
AJXP_XMLWriter::requireAuth();
AJXP_XMLWriter::close();
exit(1);
}
if ($Driver->actionNeedsRight($action, "w") && ($loggedUser == null || !$loggedUser->canWrite(ConfService::getCurrentRootDirIndex() . ""))) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage(null, $mess[207]);
AJXP_XMLWriter::requireAuth();
AJXP_XMLWriter::close();
exit(1);
}
}
$xmlResult = $Driver->applyAction($action, array_merge($_GET, $_POST), $_FILES);
if ($xmlResult != "") {
AJXP_XMLWriter::header();
print $xmlResult;
AJXP_XMLWriter::close();
exit(1);
}
}
function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
// Force legacy theme for the moment
$this->pluginConf["GUI_THEME"] = "oxygen";
}
if (!defined("AJXP_THEME_FOLDER")) {
define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res");
define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]);
}
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
if (isset($dir) && $action != "upload") {
$dir = SystemTextEncoding::fromUTF8($dir);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// GET AN HTML TEMPLATE
//------------------------------------
case "get_template":
HTMLWriter::charsetHeader();
$folder = CLIENT_RESOURCES_FOLDER . "/html";
if (isset($httpVars["pluginName"])) {
$folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]);
if (isset($httpVars["pluginPath"])) {
$folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]);
}
}
$crtTheme = $this->pluginConf["GUI_THEME"];
$thFolder = AJXP_THEME_FOLDER . "/html";
if (isset($template_name)) {
if (is_file($thFolder . "/" . $template_name)) {
include $thFolder . "/" . $template_name;
} else {
if (is_file($folder . "/" . $template_name)) {
include $folder . "/" . $template_name;
}
}
}
break;
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
case "get_i18n_messages":
$refresh = false;
if (isset($httpVars["lang"])) {
ConfService::setLanguage($httpVars["lang"]);
$refresh = true;
}
HTMLWriter::charsetHeader('text/javascript');
HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh));
break;
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
case "get_xml_registry":
$regDoc = AJXP_PluginsService::getXmlRegistry();
$changes = AJXP_Controller::filterActionsRegistry($regDoc);
if ($changes) {
AJXP_PluginsService::updateXmlRegistry($regDoc);
}
if (isset($_GET["xPath"])) {
$regPath = new DOMXPath($regDoc);
$nodes = $regPath->query($_GET["xPath"]);
AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"]));
if ($nodes->length) {
print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML($nodes->item(0)));
}
AJXP_XMLWriter::close("ajxp_registry_part");
} else {
AJXP_Utils::safeIniSet("zlib.output_compression", "4096");
header('Content-Type: application/xml; charset=UTF-8');
print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML());
}
break;
//------------------------------------
// DISPLAY DOC
//------------------------------------
//------------------------------------
// DISPLAY DOC
//------------------------------------
case "display_doc":
HTMLWriter::charsetHeader();
echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($_GET["doc_file"])));
break;
//------------------------------------
// GET BOOT GUI
//------------------------------------
//------------------------------------
// GET BOOT GUI
//------------------------------------
case "get_boot_gui":
header("X-UA-Compatible: chrome=1");
HTMLWriter::charsetHeader();
if (!is_file(TESTS_RESULT_FILE)) {
$outputArray = array();
$testedParams = array();
$passed = AJXP_Utils::runTests($outputArray, $testedParams);
if (!$passed && !isset($_GET["ignore_tests"])) {
die(AJXP_Utils::testResultsToTable($outputArray, $testedParams));
} else {
AJXP_Utils::testResultsToFile($outputArray, $testedParams);
}
}
$START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop");
if (AuthService::usersEnabled()) {
AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : "");
AuthService::bootSequence($START_PARAMETERS);
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
if (AuthService::getDefaultRootId() == -1) {
AuthService::disconnect();
} else {
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) && AuthService::getDefaultRootId() != ConfService::getCurrentRootDirIndex()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
}
}
AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION);
$confErrors = ConfService::getErrors();
if (count($confErrors)) {
$START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors));
}
$JSON_START_PARAMETERS = json_encode($START_PARAMETERS);
$crtTheme = $this->pluginConf["GUI_THEME"];
if (ConfService::getConf("JS_DEBUG")) {
if (!isset($mess)) {
$mess = ConfService::getMessages();
}
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html";
} else {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html";
}
} else {
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html");
} else {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html");
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
$content = str_replace("ajaxplorer_boot.js", "ajaxplorer_boot_protolegacy.js", $content);
}
$content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false);
if ($JSON_START_PARAMETERS) {
$content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content);
}
print $content;
}
break;
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
case "get_boot_conf":
if (isset($_GET["server_prefix_uri"])) {
$_SESSION["AJXP_SERVER_PREFIX_URI"] = $_GET["server_prefix_uri"];
}
$config = array();
$config["ajxpResourcesFolder"] = "plugins/gui.ajax/res";
$config["ajxpServerAccess"] = AJXP_SERVER_ACCESS;
$config["zipEnabled"] = ConfService::zipEnabled();
$config["multipleFilesDownloadEnabled"] = ConfService::getCoreConf("ZIP_CREATION");
$config["customWording"] = array("welcomeMessage" => $this->pluginConf["CUSTOM_WELCOME_MESSAGE"], "title" => ConfService::getCoreConf("APPLICATION_TITLE"), "icon" => $this->pluginConf["CUSTOM_ICON"], "iconWidth" => $this->pluginConf["CUSTOM_ICON_WIDTH"], "iconHeight" => $this->pluginConf["CUSTOM_ICON_HEIGHT"], "iconOnly" => $this->pluginConf["CUSTOM_ICON_ONLY"], "titleFontSize" => $this->pluginConf["CUSTOM_FONT_SIZE"]);
$config["usersEnabled"] = AuthService::usersEnabled();
$config["loggedUser"] = AuthService::getLoggedUser() != null;
$config["currentLanguage"] = ConfService::getLanguage();
$config["session_timeout"] = intval(ini_get("session.gc_maxlifetime"));
if (!isset($this->pluginConf["CLIENT_TIMEOUT_TIME"]) || $this->pluginConf["CLIENT_TIMEOUT_TIME"] == "") {
$to = $config["session_timeout"];
} else {
$to = $this->pluginConf["CLIENT_TIMEOUT_TIME"];
}
$config["client_timeout"] = $to;
$config["client_timeout_warning"] = $this->pluginConf["CLIENT_TIMEOUT_WARN"];
$config["availableLanguages"] = ConfService::getConf("AVAILABLE_LANG");
$config["usersEditable"] = ConfService::getAuthDriverImpl()->usersEditable();
$config["ajxpVersion"] = AJXP_VERSION;
$config["ajxpVersionDate"] = AJXP_VERSION_DATE;
if (stristr($_SERVER["HTTP_USER_AGENT"], "msie 6")) {
$config["cssResources"] = array("css/pngHack/pngHack.css");
}
if (!empty($this->pluginConf['GOOGLE_ANALYTICS_ID'])) {
$config["googleAnalyticsData"] = array("id" => $this->pluginConf['GOOGLE_ANALYTICS_ID'], "domain" => $this->pluginConf['GOOGLE_ANALYTICS_DOMAIN'], "event" => $this->pluginConf['GOOGLE_ANALYTICS_EVENT']);
}
$config["i18nMessages"] = ConfService::getMessages();
$config["password_min_length"] = ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth");
$config["SECURE_TOKEN"] = AuthService::generateSecureToken();
$config["streaming_supported"] = "true";
$config["theme"] = $this->pluginConf["GUI_THEME"];
header("Content-type:application/json;charset=UTF-8");
print json_encode($config);
break;
default:
break;
}
return false;
}
public static function findActionAndApply($actionName, $httpVars, $fileVars)
{
if ($actionName == "cross_copy") {
$pService = AJXP_PluginsService::getInstance();
$actives = $pService->getActivePlugins();
$accessPlug = $pService->getPluginsByType("access");
if (count($accessPlug)) {
foreach ($accessPlug as $key => $objbect) {
if ($actives[$objbect->getId()] === true) {
call_user_func(array($pService->getPluginById($objbect->getId()), "crossRepositoryCopy"), $httpVars);
break;
}
}
}
return;
}
$xPath = self::initXPath();
$actions = $xPath->query("actions/action[@name='{$actionName}']");
if (!$actions->length) {
return false;
}
$action = $actions->item(0);
//Check Rights
$mess = ConfService::getMessages();
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if (AJXP_Controller::actionNeedsRight($action, $xPath, "adminOnly") && ($loggedUser == null || !$loggedUser->isAdmin())) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage(null, $mess[207]);
AJXP_XMLWriter::requireAuth();
AJXP_XMLWriter::close();
exit(1);
}
if (AJXP_Controller::actionNeedsRight($action, $xPath, "read") && ($loggedUser == null || !$loggedUser->canRead(ConfService::getCurrentRootDirIndex() . ""))) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage(null, $mess[208]);
AJXP_XMLWriter::requireAuth();
AJXP_XMLWriter::close();
exit(1);
}
if (AJXP_Controller::actionNeedsRight($action, $xPath, "write") && ($loggedUser == null || !$loggedUser->canWrite(ConfService::getCurrentRootDirIndex() . ""))) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage(null, $mess[207]);
AJXP_XMLWriter::requireAuth();
AJXP_XMLWriter::close();
exit(1);
}
}
$preCalls = self::getCallbackNode($xPath, $action, 'pre_processing/serverCallback', $actionName, $httpVars, $fileVars, true);
$postCalls = self::getCallbackNode($xPath, $action, 'post_processing/serverCallback[not(@capture="true")]', $actionName, $httpVars, $fileVars, true);
$captureCalls = self::getCallbackNode($xPath, $action, 'post_processing/serverCallback[@capture="true"]', $actionName, $httpVars, $fileVars, true);
$mainCall = self::getCallbackNode($xPath, $action, "processing/serverCallback", $actionName, $httpVars, $fileVars, false);
if ($captureCalls !== false) {
ob_start();
$params = array("pre_processor_results" => array(), "post_processor_results" => array());
}
if ($preCalls !== false) {
foreach ($preCalls as $preCall) {
// A Preprocessing callback can modify its input arguments (passed by ref)
$preResult = self::applyCallback($xPath, $preCall, $actionName, $httpVars, $fileVars);
if (isset($params)) {
$params["pre_processor_results"][$preCall->getAttribute("pluginId")] = $preResult;
}
}
}
if ($mainCall) {
$result = self::applyCallback($xPath, $mainCall, $actionName, $httpVars, $fileVars);
if (isset($params)) {
$params["processor_result"] = $result;
}
}
if ($postCalls !== false) {
foreach ($postCalls as $postCall) {
// A Preprocessing callback can modify its input arguments (passed by ref)
$postResult = self::applyCallback($xPath, $postCall, $actionName, $httpVars, $fileVars);
if (isset($params)) {
$params["post_processor_results"][$postCall->getAttribute("pluginId")] = $postResult;
}
}
}
if ($captureCalls !== false) {
$params["ob_output"] = ob_get_contents();
ob_end_clean();
foreach ($captureCalls as $captureCall) {
self::applyCallback($xPath, $captureCall, $actionName, $httpVars, $params);
}
} else {
if (isset($result)) {
return $result;
}
}
}
function getBookmarks()
{
if (isset($this->bookmarks) && isset($this->bookmarks[ConfService::getCurrentRootDirIndex()])) {
return $this->bookmarks[ConfService::getCurrentRootDirIndex()];
}
return array();
}
$passed = true;
//if(!is_file(TESTS_RESULT_FILE)){
// $passed = AJXP_Utils::runTests($outputArray, $testedParams);
// if(!$passed && !isset($_GET["ignore_tests"])){
// die(AJXP_Utils::testResultsToTable($outputArray, $testedParams));
// }else{
// AJXP_Utils::testResultsToFile($outputArray, $testedParams);
// }
//}
$START_PARAMETERS = array("BOOTER_URL" => "cf_ajaxplorer_content.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop", "SERVER_PREFIX_URI" => "../lib/ajaxplorer/");
if (AuthService::usersEnabled()) {
AuthService::preLogUser(isset($_GET["remote_session"]) ? $_GET["remote_session"] : "");
AuthService::bootSequence($START_PARAMETERS);
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) && AuthService::getDefaultRootId() != ConfService::getCurrentRootDirIndex()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
}
AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION);
$JSON_START_PARAMETERS = json_encode($START_PARAMETERS);
if (ConfService::getConf("JS_DEBUG")) {
$mess = ConfService::getMessages();
include_once INSTALL_PATH . "/" . CLIENT_RESOURCES_FOLDER . "/html/gui_debug.html";
} else {
$content = file_get_contents(CAMILA_DIR . '/templates/ajaxplorer_gui.html');
$content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false);
if ($JSON_START_PARAMETERS) {
$content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content);
$content = str_replace("CAMILA_APPLICATION_NAME", CAMILA_APPLICATION_NAME, $content);
/**
* Rename a user bookmark.
*
* @param $path String Path of the bookmark to rename.
* @param $title New title to give the bookmark.
* @return null or -1 on error.
* @see server/classes/AbstractAjxpUser#renameBookmark($path, $title)
*/
function renameBookmark($path, $title)
{
$repId = ConfService::getCurrentRootDirIndex();
if (isset($this->bookmarks) && isset($this->bookmarks[$repId]) && is_array($this->bookmarks[$repId])) {
foreach ($this->bookmarks[$repId] as $k => $v) {
$toCompare = "";
if (is_string($v)) {
$toCompare = $v;
} else {
if (is_array($v)) {
$toCompare = $v["PATH"];
}
}
if ($toCompare == trim($path)) {
try {
dibi::query('UPDATE [ajxp_user_bookmarks] SET ', array('path' => trim($path), 'title' => $title), 'WHERE [login] = %s AND [repo_uuid] = %s AND [title] = %s', $this->getId(), $repId, $v["TITLE"]);
} catch (DibiException $e) {
$this->log('BOOKMARK RENAME FAILED: Reason: ' . $e->getMessage());
return -1;
}
$this->bookmarks[$repId][$k] = array("PATH" => trim($path), "TITLE" => $title);
}
}
}
}
function getUserXML($userObject = null, $details = false)
{
$buffer = "";
$loggedUser = AuthService::getLoggedUser();
if ($userObject != null) {
$loggedUser = $userObject;
}
if (!AuthService::usersEnabled()) {
$buffer .= "<user id=\"shared\">";
if (!$details) {
$buffer .= "<active_repo id=\"" . ConfService::getCurrentRootDirIndex() . "\" write=\"1\" read=\"1\"/>";
}
$buffer .= AJXP_XMLWriter::writeRepositoriesData(null, $details);
$buffer .= "</user>";
} else {
if ($loggedUser != null) {
$buffer .= "<user id=\"" . $loggedUser->id . "\">";
if (!$details) {
$buffer .= "<active_repo id=\"" . ConfService::getCurrentRootDirIndex() . "\" write=\"" . ($loggedUser->canWrite(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\" read=\"" . ($loggedUser->canRead(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\"/>";
}
$buffer .= AJXP_XMLWriter::writeRepositoriesData($loggedUser, $details);
$buffer .= "<preferences>";
$buffer .= "<pref name=\"display\" value=\"" . $loggedUser->getPref("display") . "\"/>";
$buffer .= "<pref name=\"lang\" value=\"" . $loggedUser->getPref("lang") . "\"/>";
$buffer .= "<pref name=\"diapo_autofit\" value=\"" . $loggedUser->getPref("diapo_autofit") . "\"/>";
$buffer .= "<pref name=\"sidebar_splitter_size\" value=\"" . $loggedUser->getPref("sidebar_splitter_size") . "\"/>";
$buffer .= "<pref name=\"vertical_splitter_size\" value=\"" . $loggedUser->getPref("vertical_splitter_size") . "\"/>";
$buffer .= "<pref name=\"history_last_repository\" value=\"" . $loggedUser->getArrayPref("history", "last_repository") . "\"/>";
$buffer .= "<pref name=\"history_last_listing\" value=\"" . AJXP_Utils::xmlEntities(stripslashes($loggedUser->getArrayPref("history", ConfService::getCurrentRootDirIndex()))) . "\"/>";
$buffer .= "<pref name=\"thumb_size\" value=\"" . $loggedUser->getPref("thumb_size") . "\"/>";
$buffer .= "<pref name=\"columns_size\" value=\"" . stripslashes(str_replace("\"", "'", $loggedUser->getPref("columns_size"))) . "\"/>";
$buffer .= "<pref name=\"columns_visibility\" value=\"" . stripslashes(str_replace("\"", "'", $loggedUser->getPref("columns_visibility"))) . "\"/>";
$buffer .= "<pref name=\"ls_history\" value=\"" . stripslashes(str_replace("\"", "'", $loggedUser->getPref("ls_history"))) . "\"/>";
$buffer .= "<pref name=\"upload_auto_send\" value=\"" . $loggedUser->getPref("upload_auto_send") . "\"/>";
$buffer .= "<pref name=\"upload_auto_close\" value=\"" . $loggedUser->getPref("upload_auto_close") . "\"/>";
$buffer .= "<pref name=\"upload_existing\" value=\"" . $loggedUser->getPref("upload_existing") . "\"/>";
$buffer .= "</preferences>";
$buffer .= "<special_rights is_admin=\"" . ($loggedUser->isAdmin() ? "1" : "0") . "\"/>";
$bMarks = $loggedUser->getBookmarks();
if (count($bMarks)) {
$buffer .= "<bookmarks>" . AJXP_XMLWriter::writeBookmarks($bMarks, false) . "</bookmarks>";
}
$buffer .= "</user>";
}
}
return $buffer;
}
function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
$xmlBuffer = "";
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
if (isset($dir) && $action != "upload") {
$dir = SystemTextEncoding::fromUTF8($dir);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// SWITCH THE ROOT REPOSITORY
//------------------------------------
case "switch_repository":
if (!isset($repository_id)) {
break;
}
$dirList = ConfService::getRepositoriesList();
/** @var $repository_id string */
if (!isset($dirList[$repository_id])) {
$errorMessage = "Trying to switch to an unkown repository!";
break;
}
ConfService::switchRootDir($repository_id);
// Load try to init the driver now, to trigger an exception
// if it's not loading right.
ConfService::loadRepositoryDriver();
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$user = AuthService::getLoggedUser();
$activeRepId = ConfService::getCurrentRootDirIndex();
$user->setArrayPref("history", "last_repository", $activeRepId);
$user->save("user");
}
//$logMessage = "Successfully Switched!";
AJXP_Logger::logAction("Switch Repository", array("rep. id" => $repository_id));
break;
//------------------------------------
// BOOKMARK BAR
//------------------------------------
//------------------------------------
// BOOKMARK BAR
//------------------------------------
case "get_bookmarks":
$bmUser = null;
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser = AuthService::getLoggedUser();
} else {
if (!AuthService::usersEnabled()) {
$confStorage = ConfService::getConfStorageImpl();
$bmUser = $confStorage->createUserObject("shared");
}
}
if ($bmUser == null) {
exit(1);
}
if (isset($httpVars["bm_action"]) && isset($httpVars["bm_path"])) {
if ($httpVars["bm_action"] == "add_bookmark") {
$title = "";
if (isset($httpVars["bm_title"])) {
$title = $httpVars["bm_title"];
}
if ($title == "" && $httpVars["bm_path"] == "/") {
$title = ConfService::getCurrentRootDirDisplay();
}
$bmUser->addBookMark(SystemTextEncoding::magicDequote($httpVars["bm_path"]), SystemTextEncoding::magicDequote($title));
} else {
if ($httpVars["bm_action"] == "delete_bookmark") {
$bmUser->removeBookmark($httpVars["bm_path"]);
} else {
if ($httpVars["bm_action"] == "rename_bookmark" && isset($httpVars["bm_title"])) {
$bmUser->renameBookmark($httpVars["bm_path"], $httpVars["bm_title"]);
}
}
}
}
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser->save("user");
AuthService::updateUser($bmUser);
} else {
if (!AuthService::usersEnabled()) {
$bmUser->save("user");
}
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::writeBookmarks($bmUser->getBookmarks());
AJXP_XMLWriter::close();
exit(1);
break;
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
case "save_user_pref":
$userObject = AuthService::getLoggedUser();
$i = 0;
while (isset($httpVars["pref_name_" . $i]) && isset($httpVars["pref_value_" . $i])) {
$prefName = AJXP_Utils::sanitize($httpVars["pref_name_" . $i], AJXP_SANITIZE_ALPHANUM);
$prefValue = AJXP_Utils::sanitize(SystemTextEncoding::magicDequote($httpVars["pref_value_" . $i]));
if ($prefName == "password") {
continue;
}
if ($prefName != "pending_folder" && $userObject == null) {
$i++;
continue;
}
$userObject->setPref($prefName, $prefValue);
$userObject->save("user");
AuthService::updateUser($userObject);
//setcookie("AJXP_$prefName", $prefValue);
$i++;
}
header("Content-Type:text/plain");
print "SUCCESS";
exit(1);
break;
//------------------------------------
// WEBDAV PREFERENCES
//------------------------------------
//------------------------------------
// WEBDAV PREFERENCES
//------------------------------------
case "webdav_preferences":
$userObject = AuthService::getLoggedUser();
$webdavActive = false;
$passSet = false;
// Detect http/https and host
if (ConfService::getCoreConf("WEBDAV_BASEHOST") != "") {
$baseURL = ConfService::getCoreConf("WEBDAV_BASEHOST");
} else {
$baseURL = AJXP_Utils::detectServerURL();
}
$webdavBaseUrl = $baseURL . ConfService::getCoreConf("WEBDAV_BASEURI") . "/";
if (isset($httpVars["activate"]) || isset($httpVars["webdav_pass"])) {
$davData = $userObject->getPref("AJXP_WEBDAV_DATA");
if (!empty($httpVars["activate"])) {
$activate = $httpVars["activate"] == "true" ? true : false;
if (empty($davData)) {
$davData = array();
}
$davData["ACTIVE"] = $activate;
}
if (!empty($httpVars["webdav_pass"])) {
$password = $httpVars["webdav_pass"];
if (function_exists('mcrypt_encrypt')) {
$user = $userObject->getId();
$secret = defined("AJXP_SECRET_KEY") ? AJXP_SAFE_SECRET_KEY : "CDAFx¨op#";
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
$password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($user . $secret), $password, MCRYPT_MODE_ECB, $iv));
}
$davData["PASS"] = $password;
}
$userObject->setPref("AJXP_WEBDAV_DATA", $davData);
$userObject->save("user");
}
$davData = $userObject->getPref("AJXP_WEBDAV_DATA");
if (!empty($davData)) {
$webdavActive = isset($davData["ACTIVE"]) && $davData["ACTIVE"] === true;
$passSet = isset($davData["PASS"]);
}
$repoList = ConfService::getRepositoriesList();
$davRepos = array();
$loggedUser = AuthService::getLoggedUser();
foreach ($repoList as $repoIndex => $repoObject) {
$accessType = $repoObject->getAccessType();
$driver = AJXP_PluginsService::getInstance()->getPluginByTypeName("access", $accessType);
if (is_a($driver, "AjxpWebdavProvider") && ($loggedUser->canRead($repoIndex) || $loggedUser->canWrite($repoIndex))) {
$davRepos[$repoIndex] = $webdavBaseUrl . "" . ($repoObject->getSlug() == null ? $repoObject->getId() : $repoObject->getSlug());
}
}
$prefs = array("webdav_active" => $webdavActive, "password_set" => $passSet, "webdav_base_url" => $webdavBaseUrl, "webdav_repositories" => $davRepos);
HTMLWriter::charsetHeader("application/json");
print json_encode($prefs);
break;
case "get_user_template_logo":
$tplId = $httpVars["template_id"];
$iconFormat = $httpVars["icon_format"];
$repo = ConfService::getRepositoryById($tplId);
$logo = $repo->getOption("TPL_ICON_" . strtoupper($iconFormat));
if (isset($logo) && is_file(AJXP_DATA_PATH . "/plugins/core.conf/tpl_logos/" . $logo)) {
header("Content-Type: " . AJXP_Utils::getImageMimeType($logo) . "; name=\"" . $logo . "\"");
header("Content-Length: " . filesize(AJXP_DATA_PATH . "/plugins/core.conf/tpl_logos/" . $logo));
header('Pragma:');
header('Cache-Control: public');
header("Last-Modified: " . gmdate("D, d M Y H:i:s", time() - 10000) . " GMT");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 5 * 24 * 3600) . " GMT");
readfile(AJXP_DATA_PATH . "/plugins/core.conf/tpl_logos/" . $logo);
} else {
$logo = "default_template_logo-" . ($iconFormat == "small" ? 16 : 22) . ".png";
header("Content-Type: " . AJXP_Utils::getImageMimeType($logo) . "; name=\"" . $logo . "\"");
header("Content-Length: " . filesize(AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/core.conf/" . $logo));
header('Pragma:');
header('Cache-Control: public');
header("Last-Modified: " . gmdate("D, d M Y H:i:s", time() - 10000) . " GMT");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 5 * 24 * 3600) . " GMT");
readfile(AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/core.conf/" . $logo);
}
break;
case "get_user_templates_definition":
AJXP_XMLWriter::header("repository_templates");
$repositories = ConfService::getRepositoriesList();
$pServ = AJXP_PluginsService::getInstance();
foreach ($repositories as $repo) {
if (!$repo->isTemplate) {
continue;
}
if (!$repo->getOption("TPL_USER_CAN_CREATE")) {
continue;
}
$repoId = $repo->getUniqueId();
$repoLabel = $repo->getDisplay();
$repoType = $repo->getAccessType();
print "<template repository_id=\"{$repoId}\" repository_label=\"{$repoLabel}\" repository_type=\"{$repoType}\">";
$driverPlug = $pServ->getPluginByTypeName("access", $repoType);
$params = $driverPlug->getManifestRawContent("//param", "node");
$tplDefined = $repo->getOptionsDefined();
$defaultLabel = '';
foreach ($params as $paramNode) {
$name = $paramNode->getAttribute("name");
if (strpos($name, "TPL_") === 0) {
if ($name == "TPL_DEFAULT_LABEL") {
$defaultLabel = str_replace("AJXP_USER", AuthService::getLoggedUser()->getId(), $repo->getOption($name));
}
continue;
}
if (in_array($paramNode->getAttribute("name"), $tplDefined)) {
continue;
}
if ($paramNode->getAttribute('no_templates') == 'true') {
continue;
}
print AJXP_XMLWriter::replaceAjxpXmlKeywords($paramNode->ownerDocument->saveXML($paramNode));
}
// ADD LABEL
echo '<param name="DISPLAY" type="string" label="' . $mess[359] . '" description="' . $mess[429] . '" mandatory="true" default="' . $defaultLabel . '"/>';
print "</template>";
}
AJXP_XMLWriter::close("repository_templates");
break;
case "user_create_repository":
$tplId = $httpVars["template_id"];
$tplRepo = ConfService::getRepositoryById($tplId);
$options = array();
self::parseParameters($httpVars, $options);
$newRep = $tplRepo->createTemplateChild(AJXP_Utils::sanitize($httpVars["DISPLAY"]), $options, null, AuthService::getLoggedUser()->getId());
$res = ConfService::addRepository($newRep);
AJXP_XMLWriter::header();
if ($res == -1) {
AJXP_XMLWriter::sendMessage(null, $mess[426]);
} else {
$loggedUser = AuthService::getLoggedUser();
// Make sure we do not overwrite otherwise loaded rights.
$loggedUser->load();
$loggedUser->setRight($newRep->getUniqueId(), "rw");
$loggedUser->save("superuser");
AuthService::updateUser($loggedUser);
AJXP_XMLWriter::sendMessage($mess[425], null);
AJXP_XMLWriter::reloadDataNode("", $newRep->getUniqueId());
AJXP_XMLWriter::reloadRepositoryList();
}
AJXP_XMLWriter::close();
break;
case "user_delete_repository":
$repoId = $httpVars["repository_id"];
$repository = ConfService::getRepositoryById($repoId);
if (!$repository->getUniqueUser() || $repository->getUniqueUser() != AuthService::getLoggedUser()->getId()) {
throw new Exception("You are not allowed to perform this operation!");
}
$res = ConfService::deleteRepository($repoId);
AJXP_XMLWriter::header();
if ($res == -1) {
AJXP_XMLWriter::sendMessage(null, $mess[427]);
} else {
$loggedUser = AuthService::getLoggedUser();
// Make sure we do not override remotely set rights
$loggedUser->load();
$loggedUser->removeRights($repoId);
$loggedUser->save("superuser");
AuthService::updateUser($loggedUser);
AJXP_XMLWriter::sendMessage($mess[428], null);
AJXP_XMLWriter::reloadRepositoryList();
}
AJXP_XMLWriter::close();
break;
default:
break;
}
if (isset($logMessage) || isset($errorMessage)) {
$xmlBuffer .= AJXP_XMLWriter::sendMessage(isset($logMessage) ? $logMessage : null, isset($errorMessage) ? $errorMessage : null, false);
}
if (isset($requireAuth)) {
$xmlBuffer .= AJXP_XMLWriter::requireAuth(false);
}
return $xmlBuffer;
}
function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
$xmlBuffer = "";
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
if (isset($dir) && $action != "upload") {
$dir = SystemTextEncoding::fromUTF8($dir);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// SWITCH THE ROOT REPOSITORY
//------------------------------------
case "switch_repository":
if (!isset($repository_id)) {
break;
}
$dirList = ConfService::getRootDirsList();
if (!isset($dirList[$repository_id])) {
$errorMessage = "Trying to switch to an unkown repository!";
break;
}
ConfService::switchRootDir($repository_id);
// Load try to init the driver now, to trigger an exception
// if it's not loading right.
ConfService::loadRepositoryDriver();
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$user = AuthService::getLoggedUser();
$activeRepId = ConfService::getCurrentRootDirIndex();
$user->setArrayPref("history", "last_repository", $activeRepId);
$user->save();
}
//$logMessage = "Successfully Switched!";
AJXP_Logger::logAction("Switch Repository", array("rep. id" => $repository_id));
break;
//------------------------------------
// BOOKMARK BAR
//------------------------------------
//------------------------------------
// BOOKMARK BAR
//------------------------------------
case "get_bookmarks":
$bmUser = null;
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser = AuthService::getLoggedUser();
} else {
if (!AuthService::usersEnabled()) {
$confStorage = ConfService::getConfStorageImpl();
$bmUser = $confStorage->createUserObject("shared");
}
}
if ($bmUser == null) {
exit(1);
}
if (isset($_GET["bm_action"]) && isset($_GET["bm_path"])) {
if ($_GET["bm_action"] == "add_bookmark") {
$title = "";
if (isset($_GET["bm_title"])) {
$title = $_GET["bm_title"];
}
if ($title == "" && $_GET["bm_path"] == "/") {
$title = ConfService::getCurrentRootDirDisplay();
}
$bmUser->addBookMark(SystemTextEncoding::magicDequote($_GET["bm_path"]), SystemTextEncoding::magicDequote($title));
} else {
if ($_GET["bm_action"] == "delete_bookmark") {
$bmUser->removeBookmark($_GET["bm_path"]);
} else {
if ($_GET["bm_action"] == "rename_bookmark" && isset($_GET["bm_title"])) {
$bmUser->renameBookmark($_GET["bm_path"], $_GET["bm_title"]);
}
}
}
}
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser->save();
AuthService::updateUser($bmUser);
} else {
if (!AuthService::usersEnabled()) {
$bmUser->save();
}
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::writeBookmarks($bmUser->getBookmarks());
AJXP_XMLWriter::close();
exit(1);
break;
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
case "save_user_pref":
$userObject = AuthService::getLoggedUser();
$i = 0;
while (isset($_GET["pref_name_" . $i]) && isset($_GET["pref_value_" . $i])) {
$prefName = AJXP_Utils::sanitize($_GET["pref_name_" . $i], AJXP_SANITIZE_ALPHANUM);
$prefValue = AJXP_Utils::sanitize(SystemTextEncoding::magicDequote($_GET["pref_value_" . $i]));
if ($prefName == "password") {
continue;
}
if ($prefName != "pending_folder" && ($userObject == null || $userObject->getId() == "guest")) {
$i++;
continue;
}
$userObject->setPref($prefName, $prefValue);
$userObject->save();
AuthService::updateUser($userObject);
//setcookie("AJXP_$prefName", $prefValue);
$i++;
}
header("Content-Type:text/plain");
print "SUCCESS";
exit(1);
break;
default:
break;
}
if (isset($logMessage) || isset($errorMessage)) {
$xmlBuffer .= AJXP_XMLWriter::sendMessage(isset($logMessage) ? $logMessage : null, isset($errorMessage) ? $errorMessage : null, false);
}
if (isset($requireAuth)) {
$xmlBuffer .= AJXP_XMLWriter::requireAuth(false);
}
return $xmlBuffer;
}
}
$mess = ConfService::getMessages();
$action = "";
if (isset($_GET["action"]) || isset($_GET["get_action"])) {
$action = isset($_GET["get_action"]) ? $_GET["get_action"] : $_GET["action"];
} else {
if (isset($_POST["action"]) || isset($_POST["get_action"])) {
$action = isset($_POST["get_action"]) ? $_POST["get_action"] : $_POST["action"];
}
}
//------------------------------------------------------------
// SPECIAL HANDLING FOR FANCY UPLOADER RIGHTS FOR THIS ACTION
//------------------------------------------------------------
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($action == "upload" && ($loggedUser == null || !$loggedUser->canWrite(ConfService::getCurrentRootDirIndex() . "")) && isset($_FILES['Filedata'])) {
header('HTTP/1.0 ' . '410 Not authorized');
die('Error 410 Not authorized!');
}
}
// THIS FIRST DRIVERS DO NOT NEED ID CHECK
$ajxpDriver = AJXP_PluginsService::findPlugin("gui", "ajax");
$ajxpDriver->init(ConfService::getRepository());
$authDriver = ConfService::getAuthDriverImpl();
// DRIVERS BELOW NEED IDENTIFICATION CHECK
if (!AuthService::usersEnabled() || ALLOW_GUEST_BROWSING || AuthService::getLoggedUser() != null) {
$confDriver = ConfService::getConfStorageImpl();
$Driver = ConfService::loadRepositoryDriver();
}
ConfService::initActivePlugins();
require_once INSTALL_PATH . "/server/classes/class.AJXP_Controller.php";
function sendUserData($userObject = null, $details = false)
{
$loggedUser = AuthService::getLoggedUser();
if ($userObject != null) {
$loggedUser = $userObject;
}
if ($loggedUser != null) {
print "<user id=\"" . $loggedUser->id . "\">";
if (!$details) {
print "<active_repo id=\"" . ConfService::getCurrentRootDirIndex() . "\" write=\"" . ($loggedUser->canWrite(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\" read=\"" . ($loggedUser->canRead(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\"/>";
}
print AJXP_XMLWriter::writeRepositoriesData($loggedUser, $details);
print "<preferences>";
print "<pref name=\"display\" value=\"" . $loggedUser->getPref("display") . "\"/>";
print "<pref name=\"lang\" value=\"" . $loggedUser->getPref("lang") . "\"/>";
print "<pref name=\"diapo_autofit\" value=\"" . $loggedUser->getPref("diapo_autofit") . "\"/>";
print "<pref name=\"sidebar_splitter_size\" value=\"" . $loggedUser->getPref("sidebar_splitter_size") . "\"/>";
print "<pref name=\"vertical_splitter_size\" value=\"" . $loggedUser->getPref("vertical_splitter_size") . "\"/>";
print "<pref name=\"history_last_repository\" value=\"" . $loggedUser->getPref("history_last_repository") . "\"/>";
print "<pref name=\"history_last_listing\" value=\"" . $loggedUser->getPref("history_last_listing") . "\"/>";
print "<pref name=\"thumb_size\" value=\"" . $loggedUser->getPref("thumb_size") . "\"/>";
print "</preferences>";
print "<special_rights is_admin=\"" . ($loggedUser->isAdmin() ? "1" : "0") . "\"/>";
print "</user>";
}
}
}
}
$USERS_ENABLED = "true";
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
$LOGGED_USER = "******";
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) && AuthService::getDefaultRootId() != ConfService::getCurrentRootDirIndex()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
$ROOT_DIR_NAME = "null";
$ROOT_DIR_ID = "null";
$ROOT_DIR_XML = "";
} else {
$ROOT_DIR_NAME = ConfService::getCurrentRootDirDisplay();
$ROOT_DIR_ID = ConfService::getCurrentRootDirIndex();
$ROOT_DIR_XML = HTMLWriter::repositoryDataAsJS();
}
$EXT_REP = "/";
if (isset($_GET["folder"])) {
$EXT_REP = urldecode($_GET["folder"]);
}
$CRT_USER = "******";
if (isset($_GET["user"])) {
$CRT_USER = $_GET["user"];
}
$ZIP_ENABLED = ConfService::zipEnabled() ? "true" : "false";
$loggedUser = AuthService::getLoggedUser();
$DEFAULT_DISPLAY = "list";
if ($loggedUser != null && $loggedUser->getId() != "guest") {
if ($loggedUser->getPref("lang") != "") {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser == null) {
$requireAuth = true;
}
}
if (isset($loggingResult) && $loggingResult != 1) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, false, false, "");
AJXP_XMLWriter::close();
if ($optStatusFile) {
file_put_contents($optStatusFile, "ERROR:No user logged");
}
exit(1);
}
} else {
AJXP_Logger::debug(ConfService::getCurrentRootDirIndex());
}
//Set language
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null && $loggedUser->getPref("lang") != "") {
ConfService::setLanguage($loggedUser->getPref("lang"));
} else {
if (isset($_COOKIE["AJXP_lang"])) {
ConfService::setLanguage($_COOKIE["AJXP_lang"]);
}
}
$mess = ConfService::getMessages();
// THIS FIRST DRIVERS DO NOT NEED ID CHECK
$ajxpDriver = AJXP_PluginsService::findPlugin("gui", "ajax");
$ajxpDriver->init(ConfService::getRepository());
$authDriver = ConfService::getAuthDriverImpl();
public static function switchUserToActiveRepository($loggedUser, $parameterId = -1)
{
if (isset($_SESSION["PENDING_REPOSITORY_ID"]) && isset($_SESSION["PENDING_FOLDER"])) {
$loggedUser->setArrayPref("history", "last_repository", $_SESSION["PENDING_REPOSITORY_ID"]);
$loggedUser->setPref("pending_folder", $_SESSION["PENDING_FOLDER"]);
$loggedUser->save("user");
AuthService::updateUser($loggedUser);
unset($_SESSION["PENDING_REPOSITORY_ID"]);
unset($_SESSION["PENDING_FOLDER"]);
}
$currentRepoId = ConfService::getCurrentRootDirIndex();
$lastRepoId = $loggedUser->getArrayPref("history", "last_repository");
$defaultRepoId = AuthService::getDefaultRootId();
if ($defaultRepoId == -1) {
return false;
} else {
if ($lastRepoId !== "" && $lastRepoId !== $currentRepoId && $parameterId == -1 && $loggedUser->canSwitchTo($lastRepoId)) {
ConfService::switchRootDir($lastRepoId);
} else {
if ($parameterId != -1 && $loggedUser->canSwitchTo($parameterId)) {
ConfService::switchRootDir($parameterId);
} else {
if (!$loggedUser->canSwitchTo($currentRepoId)) {
ConfService::switchRootDir($defaultRepoId);
}
}
}
}
return true;
}
/**
* Extract all the user data and put it in XML
* @static
* @param null $userObject
* @param bool $details
* @return string
*/
static function getUserXML($userObject = null, $details = false)
{
$buffer = "";
$loggedUser = AuthService::getLoggedUser();
$confDriver = ConfService::getConfStorageImpl();
if ($userObject != null) {
$loggedUser = $userObject;
}
if (!AuthService::usersEnabled()) {
$buffer .= "<user id=\"shared\">";
if (!$details) {
$buffer .= "<active_repo id=\"" . ConfService::getCurrentRootDirIndex() . "\" write=\"1\" read=\"1\"/>";
}
$buffer .= AJXP_XMLWriter::writeRepositoriesData(null, $details);
$buffer .= "</user>";
} else {
if ($loggedUser != null) {
$buffer .= "<user id=\"" . $loggedUser->id . "\">";
if (!$details) {
$buffer .= "<active_repo id=\"" . ConfService::getCurrentRootDirIndex() . "\" write=\"" . ($loggedUser->canWrite(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\" read=\"" . ($loggedUser->canRead(ConfService::getCurrentRootDirIndex()) ? "1" : "0") . "\"/>";
} else {
$buffer .= "<ajxp_roles>";
foreach ($loggedUser->getRoles() as $roleId => $boolean) {
if ($boolean === true) {
$buffer .= "<role id=\"{$roleId}\"/>";
}
}
$buffer .= "</ajxp_roles>";
}
$buffer .= AJXP_XMLWriter::writeRepositoriesData($loggedUser, $details);
$buffer .= "<preferences>";
$preferences = $confDriver->getExposedPreferences($loggedUser);
foreach ($preferences as $prefName => $prefData) {
if ($prefData["type"] == "string") {
$buffer .= "<pref name=\"{$prefName}\" value=\"" . $prefData["value"] . "\"/>";
} else {
if ($prefData["type"] == "json") {
$buffer .= "<pref name=\"{$prefName}\"><![CDATA[" . $prefData["value"] . "]]></pref>";
}
}
}
$buffer .= "</preferences>";
$buffer .= "<special_rights is_admin=\"" . ($loggedUser->isAdmin() ? "1" : "0") . "\"/>";
$bMarks = $loggedUser->getBookmarks();
if (count($bMarks)) {
$buffer .= "<bookmarks>" . AJXP_XMLWriter::writeBookmarks($bMarks, false) . "</bookmarks>";
}
$buffer .= "</user>";
}
}
return $buffer;
}
