/** * parse some news * * @param string raw data received * @return array a status code (TRUE is ok) and the parsing result */ function decode($data) { global $context; // create a parser with proper character encoding $this->encoding = 'ISO-8859-1'; if (preg_match('/^<\\?xml .+ encoding="utf-8".*\\?>/i', $data)) { $this->encoding = 'UTF-8'; } $parser = xml_parser_create($this->encoding); // parser setup xml_set_object($parser, $this); xml_set_element_handler($parser, 'parse_start_element', 'parse_end_element'); xml_set_character_data_handler($parser, 'parse_cdata'); // case is meaningful xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, FALSE); // reset parsing data $this->current_entry = array(); // entry currently being parsed $this->entries = array(); // collection of parsed entries $this->feed = array(); // hash of feed fields $this->textinput = array(); $this->image = array(); $this->elements_stack = array('atom_stream'); $this->current_field = ''; $this->current_name_space = false; // parse data if (!xml_parse($parser, $data)) { if ($context['with_debug'] == 'Y') { Logger::remember('services/atom_codec.php: invalid packet to decode', str_replace("\r\n", "\n", $data), 'debug'); } return array(FALSE, 'Parsing error: ' . xml_error_string(xml_get_error_code($parser)) . ' at line ' . xml_get_current_line_number($parser)); } xml_parser_free($parser); // return parsing result return array(TRUE, $this->entries); }
/** * parse a XML request according to the XML-RPC specification * * This script uses the standard XML parser included in the PHP library. * The objective of the decoding functions is to transform the XML tree into stemming PHP arrays. * * Following tags are used for cdata conversion * - <base64> * - <boolean> * - <date> * - <double> * - <integer> * - <string> * * Following tags are processed as leaves of the tree: * - </value> * - </methodName> * * Following tags are processed as nodes of the tree * - <methodCall>: push 'methodCall' (stems 'methodName' and 'params') * - </methodCall>: pop 'methodCall' * - <methodResponse>: push 'methodResponse' (stem 'params' or 'fault') * - </methodResponse>: pop 'methodResponse' * - <fault>: push 'fault' (stems 'faultCode' and 'faultString') * - </fault>: pop 'fault' * - <params>: push 'params', then '-1' (list of anonymous stems) * - </params>: pop index, then pop 'params' * - <value> under an index: increment index (works for <params> and for <array>) * - </name>: push cdata (named stem) * - </member>: pop cdata * - <array>: push '-1' (list of anonymous stems) * - </array>: pop index * * @param string raw data received * @return array a status code (TRUE is ok) and the parsing result */ function decode($data) { global $context; // create a parser $parser = xml_parser_create(); xml_set_object($parser, $this); xml_set_element_handler($parser, 'parse_tag_open', 'parse_tag_close'); xml_set_character_data_handler($parser, 'parse_cdata'); // case is meaningful xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, FALSE); // parse data $this->result = array(); $this->stack = array(); if (!xml_parse($parser, $data)) { if ($context['with_debug'] == 'Y') { Logger::remember('services/xml_rpc_codec.php: invalid packet to decode', str_replace("\r\n", "\n", $data), 'debug'); } return array(FALSE, 'Parsing error: ' . xml_error_string(xml_get_error_code($parser)) . ' at line ' . xml_get_current_line_number($parser)); } xml_parser_free($parser); // return parsing result return array(TRUE, $this->result); }
// access denied } elseif (!$permitted) { Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // deletion is confirmed } elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') { // touch the related anchor before actual deletion, since the image has to be accessible at that time if (is_object($anchor)) { $anchor->touch('section:delete', $item['id']); } // attempt to delete if (Sections::delete($item['id'])) { // log item deletion $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title'])); $description = Sections::get_permalink($item); Logger::remember('sections/delete.php: ' . $label, $description); // this can appear anywhere Cache::clear(); // back to the anchor page or to the index page if (is_object($overlay) && ($back_url = $overlay->get_url_after_deleting())) { Safe::redirect($back_url); } elseif (is_object($anchor)) { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url()); } else { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'sections/'); } } // deletion has to be confirmed } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { Logger::error(i18n::s('The action has not been confirmed.')); } else {
$content .= "\t\t" . 'case \'' . $id . '\':' . "\n" . $item . "\t\t\tbreak;\n\n"; } } // end the serving function $content .= "\t\t}\n\n\t\t" . 'return $result;' . "\n"; $content .= "\t" . '}' . "\n\n"; // the tail section $content .= '}' . "\n" . '?>' . "\n"; // compile all hooks into a single file if (!Safe::file_put_contents('parameters/hooks.include.php', $content)) { $context['text'] .= sprintf(i18n::s('Impossible to write to %s.'), 'parameters/hooks.include.php') . BR . "\n"; } else { $context['text'] .= i18n::s('Hooks have been compiled in parameters/hooks.include.php') . BR . "\n"; // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/hooks.include.php'); Logger::remember('control/scan.php: ' . $label); } // list hooks using xml if (isset($xml)) { $xml = '<?xml version="1.0" ?>' . "\n" . '<hooks>' . "\n" . $xml . '</hooks>' . "\n"; if (!Safe::file_put_contents('parameters/hooks.xml', $xml)) { $context['text'] .= sprintf(i18n::s('Impossible to write to %s.'), 'parameters/hooks.xml') . BR . "\n"; } else { $context['text'] .= i18n::s('Hooks have been listed in parameters/hooks.xml') . BR . "\n"; } } } // display the execution time $time = round(get_micro_time() - $context['start_time'], 2); $context['text'] .= '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>'; // if the server has been switched off, update the database schema
$response['id'] = NULL; } else { $response['id'] = $parameters['id']; } // do not reply if the sender has sent a notification, and if there is no error if ($response['id'] == NULL && $response['error'] == NULL) { $response = ''; } else { // JSON-RPC 2.0 requires either some result, or an error, but not both if (isset($response['jsonrpc'])) { if ($response['error'] == NULL) { unset($response['error']); } else { unset($response['result']); } } // encode the response $response = Safe::json_encode($response); // save the response if debug mode if (isset($context['debug_rpc']) && $context['debug_rpc'] == 'Y') { Logger::remember('services/json_rpc.php: json_rpc response', $response, 'debug'); } } // handle the output correctly render_raw('application/json; charset=' . $context['charset']); // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $response; } // the post-processing hook finalize_page();
/** * create a page out of a textual entity * * If a target is provided, it is extended with the text of this entity. * Else if the anchor is an article, a comment is created. Otherwise an article is created. * * @param array of entity attributes * @param string the textual entity to process * @param array poster attributes * @param string an optional anchor (e.g., 'article:123') * @param string reference of the object to be extended, if any * @return string reference to the created or updated object, or NULL */ public static function submit_page($entity_headers, $text, $user, $anchor = NULL, $target = NULL) { global $context; // retrieve queue parameters list($server, $account, $password, $allowed, $match, $section, $options, $hooks, $prefix, $suffix) = $context['mail_queue']; // preserve breaks $text = preg_replace('/\\s*<(br|div|h|p)/is', "\n\n<\$1", $text); // suppress dangerous html tags $text = strip_tags($text, $context['users_allowed_tags']); // trim white spaces while (TRUE) { $text = trim($text, " \t\r\n"); if (!strncmp($text, '<br>', 4)) { $text = substr($text, 4); } elseif (!strncmp($text, '<br/>', 5)) { $text = substr($text, 5); } elseif (!strncmp($text, '<br />', 6)) { $text = substr($text, 6); } else { break; } } // parse article content include_once $context['path_to_root'] . 'articles/article.php'; $article = new Article(); $entry_fields = array(); $entry_fields = $article->parse($text, $entry_fields); // trim the header if ($prefix) { $tokens = explode($prefix, $entry_fields['description']); if (isset($tokens[1])) { $entry_fields['description'] = $tokens[1]; } else { $entry_fields['description'] = $tokens[0]; } } // trim the signature if ($suffix) { list($entry_fields['description'], $dropped) = explode($suffix, $entry_fields['description']); } // strip extra text $entry_fields['description'] = trim(preg_replace('/\\(See attached file: [^\\)]+?\\)/', '', $entry_fields['description'])); // anchor this item to something $entry_fields['anchor'] = $anchor; // make a title if (!isset($entry_fields['title'])) { $entry_fields['title'] = $context['mail_subject']; } // message creation stamp $entry_fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', strtotime($context['mail_date'])); if (!isset($entry_fields['create_name'])) { $entry_fields['create_name'] = $user['nick_name']; } if (!isset($entry_fields['create_id'])) { $entry_fields['create_id'] = $user['id']; } if (!isset($entry_fields['create_address'])) { $entry_fields['create_address'] = $user['email']; } // message edition stamp $entry_fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time()); if (!isset($entry_fields['edit_name'])) { $entry_fields['edit_name'] = $user['nick_name']; } if (!isset($entry_fields['edit_id'])) { $entry_fields['edit_id'] = $user['id']; } if (!isset($entry_fields['edit_address'])) { $entry_fields['edit_address'] = $user['email']; } // we have to extend an existing article --this entity is mutable if ($target && !strncmp($target, 'article:', 8) && ($article = Articles::get(substr($target, 8), TRUE))) { // append the text to article description field $fields = array(); $fields['id'] = $article['id']; $fields['description'] = $article['description'] . $entry_fields['description']; $fields['silent'] = TRUE; Articles::put_attributes($fields); return $target; // we have to extend an existing comment --this entity is mutable } elseif ($target && !strncmp($target, 'comment:', 8) && ($comment = Comments::get(substr($target, 8), TRUE))) { // append the text to comment description field $comment['description'] .= $entry_fields['description']; Comments::post($comment); return $target; // we have to comment an existing page } elseif (!strncmp($anchor, 'article:', 8)) { // insert comment in the database if (!($entry_fields['id'] = Comments::post($entry_fields))) { Logger::remember('agents/messages.php: ' . Logger::error_pop()); return NULL; } // debug, if required to do so if ($context['debug_messages'] == 'Y') { Logger::remember('agents/messages.php: Messages::submit_page() as a comment', $entry_fields, 'debug'); } // increment the post counter of the surfer Users::increment_posts($user['id']); // clear cache $parent = Anchors::get($entry_fields['anchor']); // touch the related anchor if (is_object($parent) && isset($entry_fields['id'])) { $parent->touch('comment:create', $entry_fields['id'], TRUE); } return 'comment:' . $entry_fields['id']; // create a new page } else { // publish automatically, if required to do so $section = Anchors::get($entry_fields['anchor']); if (isset($context['users_with_auto_publish']) && $context['users_with_auto_publish'] == 'Y' || preg_match('/\\bauto_publish\\b/i', $options) || is_object($section) && $section->has_option('auto_publish')) { $entry_fields['publish_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time()); if (!isset($entry_fields['publish_name'])) { $entry_fields['publish_name'] = $user['nick_name']; } if (!isset($entry_fields['publish_id'])) { $entry_fields['publish_id'] = $user['id']; } if (!isset($entry_fields['publish_address'])) { $entry_fields['publish_address'] = $user['email']; } } // ensure we are using ids instead of nicknames if (is_object($section)) { $entry_fields['anchor'] = $section->get_reference(); } // save in the database if (!($entry_fields['id'] = Articles::post($entry_fields))) { Logger::remember('agents/messages.php: ' . Logger::error_pop()); return NULL; } // debugging log if (isset($context['debug_messages']) && $context['debug_messages'] == 'Y') { $entry_fields['description'] = substr($entry_fields['description'], 0, 1024); Logger::remember('agents/messages.php: Messages::submit_page() as an article', $entry_fields, 'debug'); } // increment the post counter of the surfer Users::increment_posts($user['id']); // do whatever is necessary on page creation if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) { Articles::finalize_publication($section, $entry_fields); } else { Articles::finalize_submission($section, $entry_fields); } // get the new item $article = Anchors::get($anchor); // if replies are allowed if (!preg_match('/\\bno_reply\\b/i', $options)) { // let the sender know about his post if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) { $splash = i18n::s("The page received by e-mail has been successfully published. Please review it now to ensure that it reflects your mind."); } else { $splash = i18n::s("The page received by e-mail has been posted. Don't forget to read it online. Then click on the Publish command to make it publicly available."); } $message = '<p>' . $splash . '</p>' . '<p><a href="' . $context['url_to_home'] . $context['url_to_root'] . $article->get_url() . '">' . $article->get_title() . '</a></p>' . '<div>' . $article->get_teaser('basic') . '</div>' . '<p>' . i18n::c('Thank you for your contribution') . '</p>'; // enable threading $headers = Mailer::set_thread($section); // send a mail message Mailer::notify(NULL, $post_sender, 'Re: ' . $post_subject, $message, $headers); } // reference to the new page return 'article:' . $entry_fields['id']; } // job ends return NULL; }
/** * change the web response * * @param string a new or updated response attribute * @param boolean TRUE to replace, FALSE to append * @param int HTTP status code to return, if any * */ public static function header($attribute, $replace = NULL, $status = NULL) { global $context; // CGI and FastCGI error parsing headers if (substr(php_sapi_name(), 0, 3) == 'cgi') { $attribute = str_replace('Status:', 'HTTP/1.0', $attribute); } // in case we are validating all scripts if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'HEAD') { return; } // too late if (headers_sent($file, $line)) { // help on development machine if ($context['with_debug'] == 'Y') { Logger::remember('shared/safe.php: Can not add HTTP header', 'Headers already sent in ' . $file . ' on line ' . $line, 'debug'); } // don't call header(), this would raise an error return; } // function has been allowed if (is_callable('header')) { if ($status) { header($attribute, $replace, $status); } elseif (is_bool($replace)) { header($attribute, $replace); } else { header($attribute); } } }
if ($user['id']) { Users::increment_posts($user['id']); } } } } // an error has been encountered if (is_array($response)) { $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>' . $response['faultCode'] . '</error>' . "\n" . '<message>' . $response['faultString'] . '</message>' . "\n" . '</response>'; // also sets an error at the HTTP level Safe::header('Status: 400 Bad Request', TRUE, 400); // everything's going fine } else { $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>0</error>' . "\n" . '</response>'; } // save the response if debug mode if ($context['debug_comment'] == 'Y') { Logger::remember('comments/post.php: comments post response', $response, 'debug'); } // send the response Safe::header('Content-Type: text/xml'); Safe::header('Content-Length: ' . strlen($response)); echo $response; return; // this is not a POST -- assume we have a human being } else { // detail usage rule Logger::error(i18n::s('This script supports Comment API and Post-It updates through HTTP POST requests.')); } // render the skin render_skin();
if (isset($_REQUEST['twilio_authentication_token'])) { $content .= '$context[\'twilio_authentication_token\']=\'' . addcslashes($_REQUEST['twilio_authentication_token'], "\\'") . "';\n"; } $content .= '?>' . "\n"; // update the parameters file if (!Safe::file_put_contents('parameters/services.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/services.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/services.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/services.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/services.include.php'); Logger::remember('services/configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('services/' => i18n::s('Web services'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('services/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } // render the skin render_skin();
$count++; // avoid timeouts if (!($count % 50)) { Safe::set_time_limit(30); SQL::ping(); } } if ($count) { $context['text'] .= sprintf(i18n::s('%d files have been updated.'), $count) . "\n"; } $context['text'] .= "</p>\n"; // display the execution time $time = round(get_micro_time() - $context['start_time'], 2); $context['text'] .= '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>'; // forward to the index page $menu = array('control/' => i18n::s('Control Panel')); $context['text'] .= Skin::build_list($menu, 'menu_bar'); // remember the operation $label = sprintf(i18n::c('chmod %s has been applied to scripts'), $context['file_mask']); Logger::remember('control/chmod.php: ' . $label); // confirmation is required } else { // the confirmation question $context['text'] .= '<b>' . sprintf(i18n::s('You are about to chmod(%d) all running scripts of this server. Are you sure?'), $context['file_mask']) . "</b>\n"; // the menu for this page $context['text'] .= '<form method="post" action="' . $context['script_url'] . '"><p>' . Skin::build_submit_button(i18n::s('Yes, I do want to change permissions of running scripts')) . '<input type="hidden" name="action" value="confirm" />' . '</p></form>' . "\n"; // this may take several minutes $context['text'] .= '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . "</p>\n"; } // render the skin render_skin();
$menu = array(); $menu[] = Skin::build_link($anchor->get_url('files'), i18n::s('Done'), 'button'); $menu[] = Skin::build_link(Files::get_url($item['id'], 'release'), i18n::s('Release reservation'), 'span'); $context['text'] .= Skin::build_block(Skin::finalize_list($menu, 'menu_bar'), 'bottom'); // deletion is confirmed } elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') { // touch the related anchor before actual deletion, since the file has to be accessible at that time if (is_object($anchor)) { $anchor->touch('file:delete', $item['id']); } // if no error, back to the anchor or to the index page if (Files::delete($item['id'])) { // log item deletion $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title'])); $description = Files::get_permalink($item); Logger::remember('files/delete.php: ' . $label, $description); Files::clear($item); if ($render_overlaid) { echo 'delete done'; die; } if (is_object($anchor)) { Safe::redirect($anchor->get_url() . '#_attachments'); } else { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'files/'); } } // deletion has to be confirmed } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { Logger::error(i18n::s('The action has not been confirmed.')); } else {
list($server_ping, $server_label) = $attributes; $milestone = get_micro_time(); $result = @Call::invoke($server_ping, 'weblogUpdates.ping', array(strip_tags($context['site_name']), $context['url_to_home'] . $context['url_to_root']), 'XML-RPC'); if ($result[0]) { $label = round(get_micro_time() - $milestone, 2) . ' sec.'; } else { $label = @$result[1]; } $context['text'] .= '<li>' . $server_label . ' (' . $label . ')</li>'; } $context['text'] .= '</ul>'; // no server to ping } else { $context['text'] .= '<p>' . i18n::s('No server has been created yet.') . '</p>'; } // back to the index of servers $menu = array('servers/' => i18n::s('Servers')); $context['text'] .= Skin::build_list($menu, 'menu_bar'); // remember this in log as well Logger::remember('servers/ping.php: The cloud has been pinged'); // operation has to be confirmed } else { // introductory text $context['text'] .= '<p>' . i18n::s('This script will ping (<code>weblogUpdates.ping</code>) every server configured to be part of our cloud. Normally, the publication script does this automatically. However, no ping occurs for pages submitted by XML-RPC or by e-mail. Therefore, you should launch this script at least once per month to ensure everybody knows about this site.') . '</p>'; // the submit button $context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . '<input type="hidden" name="action" value="ping" />' . Skin::build_submit_button(i18n::s('Yes, I want to ping the cloud')) . '</p></form>'; // set the focus on the backup button Page::insert_script('$("#go").focus();'); } // render the skin render_skin();
/** * dynamically generate the page * * @see skins/index.php */ function send_body() { global $context, $local; // $local is required to localize included scripts // include every script that has to be run once global $scripts, $scripts_count; if (@count($scripts)) { // the alphabetical order may be used to control script execution order sort($scripts); reset($scripts); // process each script one by one foreach ($scripts as $item) { // do not execute on first installation if (file_exists('../parameters/switch.on') || file_exists('../parameters/switch.off')) { // ensure we have a valid database resource if (!$context['connection']) { break; } // remember this as an event Logger::remember('scripts/run_once.php: ' . sprintf(i18n::c('script %s has been executed'), $item)); // where scripts actually are $actual_item = str_replace('//', '/', $context['path_to_root'] . 'scripts/run_once/' . $item); // include the script to execute it $scripts_count++; echo Skin::build_block($item, 'subtitle'); include $actual_item; echo "\n"; } // ensure enough overall execution time Safe::set_time_limit(30); // stamp the file to remember execution time Safe::touch($actual_item); // rename the script to avoid further execution Safe::unlink($actual_item . '.done'); Safe::rename($actual_item, $actual_item . '.done'); } // refresh javascript libraries Cache::purge('js'); } // report on actual execution if ($scripts_count) { echo '<p> </p><p>' . sprintf(i18n::ns('%d script has been executed', '%d scripts have been executed', $scripts_count), $scripts_count) . "</p>\n"; } else { echo '<p>' . i18n::s('No script has been executed') . "</p>\n"; } // display the total execution time $time = round(get_micro_time() - $context['start_time'], 2); if ($time > 30) { echo '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>'; } // if the server has been switched off, go back to the control panel if (file_exists('../parameters/switch.off')) { echo '<form method="get" action="' . $context['url_to_root'] . 'control/">' . "\n" . '<p class="assistant_bar">' . Skin::build_submit_button(i18n::s('Control Panel')) . '</p>' . "\n" . '</form>' . "\n"; // else back to the control panel as well, but without a button } else { $menu = array('control/' => i18n::s('Control Panel')); echo Skin::build_list($menu, 'menu_bar'); } // purge the cache, since it is likely that we have modified some data Cache::clear(); }
if (isset($_REQUEST['files_url'])) { $content .= '$context[\'files_url\']=\'' . addcslashes($_REQUEST['files_url'], "\\'") . "';\n"; } $content .= '?>' . "\n"; // update the parameters file if (!Safe::file_put_contents('parameters/files.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/files.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/files.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/files.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/files.include.php'); Logger::remember('files/configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('files/' => i18n::s('Files'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('files/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } // render the skin render_skin();
/** * get a list of remote resources * * This function performs a REST call against a web services that provides a RSS-encoded response. * * Minimum example: * [php] * $result = Call::list_resources($url); * if(!$result[0]) * echo $result[1]; // error message * else * ... // use call result from $result[1] * [/php] * * @param string the url to use * @param array the parameters to transmit * @return an array of which the first value indicates call success or failure * * @see search.php */ public static function list_resources($url, $parameters = NULL) { global $context; // encode the request $data = ''; foreach ($parameters as $label => $value) { if ($data) { $data .= '&'; } $data .= urlencode($label) . '=' . urlencode($value); } $headers = ''; $headers .= 'Content-Type: application/x-www-form-urlencoded' . CRLF; $headers .= 'Content-Length: ' . strlen($data) . CRLF; // parse the target URL $items = @parse_url($url); // no host, assume it's us if (!($host = $items['host'])) { $host = $context['host_name']; } // no port, assume the standard if (!isset($items['port']) || !($port = $items['port'])) { $port = 80; } // outbound web is not authorized if (isset($context['without_outbound_http']) && $context['without_outbound_http'] == 'Y') { return array(FALSE, 'Outbound HTTP is not authorized.'); } // connect to the server if (!($handle = Safe::fsockopen($host, $port, $errno, $errstr, 30))) { return array(FALSE, sprintf('Impossible to connect to %s.', $host . ':' . $port)); } // ensure enough execution time Safe::set_time_limit(30); // build the path, including any query $path = $items['path']; if ($items['query']) { $path .= '?' . $items['query']; } // build an HTTP request $request = "POST " . $path . " HTTP/1.0" . CRLF . 'Host: ' . $host . CRLF . "Accept-Encoding: gzip" . CRLF . "User-Agent: YACS (www.yacs.fr)" . CRLF . "Connection: close" . CRLF . $headers . CRLF . $data; // save the request if debug mode if ($context['debug_call'] == 'Y') { Logger::remember('services/call.php: Call::list_resources() request', str_replace("\r\n", "\n", $request), 'debug'); } // submit the request fputs($handle, $request); // get everything by Ethernet-sized chunks $response = ''; while (!feof($handle) && strlen($response) < 5242880) { $response .= fread($handle, 1500); } fclose($handle); // ensure we have a valid HTTP status line if (preg_match('/^HTTP/', $response) && !preg_match('/^HTTP\\/[0-9\\.]+ 200 /', $response)) { $lines = explode("\n", $response, 2); return array(FALSE, 'Unexpected HTTP status "' . $lines[0] . '"'); } // separate headers from body list($headers, $content) = explode(CRLF . CRLF, $response, 2); // uncompress payload if necessary if (preg_match('/Content-Encoding: \\s*gzip/i', $headers)) { $content = gzinflate(substr($content, 10)); } // save the response if debug mode if ($context['debug_call'] == 'Y') { Logger::remember('services/call.php: Call::list_resources() response', str_replace("\r\n", "\n", $headers . "\n\n" . $content), 'debug'); } // we understand only text responses if (!preg_match('/^Content-Type: text/m', $headers)) { return array(FALSE, 'Impossible to process not-textual response'); } // passthrough if not xml if (!preg_match('/^Content-Type: text\\/xml/m', $headers)) { return $content; } // select a codec handler include_once $context['path_to_root'] . 'services/codec.php'; include_once $context['path_to_root'] . 'services/rss_codec.php'; $codec = new RSS_Codec(); if (!is_object($codec)) { return array(FALSE, 'Impossible to load codec RSS_Codec'); } // decode the result return $codec->import_response($content, $headers, $parameters); }
Safe::rename($context['path_to_root'] . 'parameters/scripts.include.php', $context['path_to_root'] . 'parameters/scripts.include.php.bak'); // build the new configuration file $content = '<?php' . "\n" . '// This file has been created by the configuration script scripts/configure.php' . "\n" . '// on ' . gmdate("F j, Y, g:i a") . ' GMT, for ' . Surfer::get_name() . '. Please do not modify it manually.' . "\n" . '$context[\'home_at_root\']=\'' . addcslashes($_REQUEST['home_at_root'], "\\'") . "';\n" . '$context[\'reference_server\']=\'' . addcslashes($_REQUEST['reference_server'], "\\'") . "';\n" . '?>' . "\n"; // update the parameters file if (!Safe::file_put_contents('parameters/scripts.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/scripts.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/scripts.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/scripts.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/scripts.include.php'); Logger::remember('scripts/configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('scripts/stage.php' => i18n::s('Stage updated scripts'))); $menu = array_merge($menu, array('scripts/' => i18n::s('Server software'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('scripts/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } // render the skin render_skin();
if (!Safe::file_put_contents('parameters/root.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/root.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/root.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/root.include.php') . "</p>\n"; // first installation if (!file_exists('parameters/switch.on') && !file_exists('parameters/switch.off')) { $context['text'] .= '<p>' . i18n::s('Review provided information and go to the bottom of the page to move forward.') . "</a></p>\n"; } // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/root.include.php'); Logger::remember('configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // first installation if (!file_exists('parameters/switch.on') && !file_exists('parameters/switch.off')) { $context['text'] .= '<form method="get" action="control/" id="main_form">' . "\n" . '<p>' . Skin::build_submit_button(i18n::s('Switch the server on')) . '</p>' . "\n" . '</form>' . "\n"; // ordinary follow-up commands } else { // what's next? $follow_up = i18n::s('Where do you want to go now?'); // follow-up menu $menu = array(); // front page $menu = array_merge($menu, array($context['url_to_root'] => i18n::s('Front page'))); // control panel
$content .= '$context[\'mail_queues\'][\'' . $name . '\']=array(\'' . $server . '\', \'' . $account . '\', \'' . $password . '\', \'' . $allowed . '\', \'' . $match . '\', \'' . $section . '\', \'' . $options . '\', \'' . $hooks . '\', \'' . $prefix . '\', \'' . $suffix . "');\n"; } } $content .= '?>' . "\n"; // open the parameters file if (!Safe::file_put_contents('parameters/agents.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/agents.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/agents.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/agents.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/agents.include.php'); Logger::remember('agents/configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('agents/' => i18n::s('Background processing'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('agents/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } // render the skin render_skin();
/** * attempt to use the trackback interface * * @param string some text, extracted from the target site, to extract the broker URL, if any * @param string the source address * @param string the target address from which the text has been extracted * @param string title of the source page * @param string excerpt of the source page * @param string blog name of the source page * @return TRUE if the target site has been pinged back, FALSE otherwise * * @link http://www.movabletype.org/docs/mttrackback.html TrackBack Technical Specification */ public static function ping_as_trackback($text, $source, $target, $title = '', $excerpt = '', $blog_name = '') { global $context; // extract all rdf blocks preg_match_all('/<rdf:RDF(.*)<\\/rdf:RDF>/iUs', $text, $blocks); // nothing to do if (!@count($blocks[1])) { return FALSE; } // look for the broker $broker = array(); foreach ($blocks[1] as $block) { // seek the trackback interface if (!preg_match('/(dc:identifier|about)="' . preg_quote($target, '/') . '/mi', $block)) { continue; } // extract the broker link if (preg_match('/trackback:ping="([^"]+)"/mi', $block, $broker)) { break; } } // trackback interface not supported at this page if (!isset($broker[1])) { return FALSE; } // parse the broker URL $items = @parse_url($broker[1]); // no host, assume it's us if (!($host = $items['host'])) { $host = $context['host_name']; } // no port, assume the standard if (!isset($items['port']) || !($port = $items['port'])) { $port = 80; } // outbound web is not authorized if (isset($context['without_outbound_http']) && $context['without_outbound_http'] == 'Y') { if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') { Logger::remember('links/links.php: Links::ping_as_trackback()', 'Outbound HTTP is not authorized.', 'debug'); } return FALSE; } // connect to the server if (!($handle = Safe::fsockopen($host, $port, $errno, $errstr, 30))) { if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') { Logger::remember('links/links.php: Links::ping_as_trackback()', sprintf('Impossible to connect to %s.', $host . ':' . $port), 'debug'); } return FALSE; } // ensure enough execution time Safe::set_time_limit(30); // build the path, including any query $path = $items['path']; if (isset($items['query']) && $items['query']) { $path .= '?' . $items['query']; } // encode the content $data = 'title=' . urlencode($title) . '&url=' . urlencode($source) . '&excerpt=' . urlencode($excerpt) . '&blog_name=' . urlencode($blog_name); $headers = 'Content-Type: application/x-www-form-urlencoded' . CRLF . 'Content-Length: ' . strlen($data) . CRLF; // actual trackback, through HTTP POST $request = "POST " . $path . " HTTP/1.0" . CRLF . 'Host: ' . $host . CRLF . "User-Agent: YACS (www.yacs.fr)" . CRLF . "Connection: close" . CRLF . $headers . CRLF . $data; // save the request if debug mode if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') { Logger::remember('links/links.php: Links::ping_as_trackback() request', str_replace("\r\n", "\n", $request), 'debug'); } // submit the request fputs($handle, $request); // we are interested only in the very first bytes of the response $code = fread($handle, 15); fclose($handle); // save the response if debug mode if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') { Logger::remember('links/links.php: Links::ping_as_trackback() response', $code . '...', 'debug'); } // check HTTP status if (!preg_match('/^HTTP\\/[0-9\\.]+ 200/', $code)) { return FALSE; } // successful trackback if (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y') { Logger::remember('links/links.php: Links::ping_as_trackback() success', $broker[1], 'debug'); } return TRUE; }
if (isset($_REQUEST['users_without_uploads'])) { $content .= '$context[\'users_without_uploads\']=\'' . addcslashes($_REQUEST['users_without_uploads'], "\\'") . "';\n"; } $content .= '?>' . "\n"; // update the parameters file if (!Safe::file_put_contents('parameters/users.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/users.include.php')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/users.include.php') . "</p>\n"; // job done } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/users.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/users.include.php'); Logger::remember('users/configure.php: ' . $label); } // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('users/' => i18n::s('People'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('users/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } // render the skin render_skin();
/** * dynamically generate the page * * @see skins/index.php */ function send_body() { global $context; // populate tables for servers if (is_readable('../servers/populate.php')) { include_once '../servers/populate.php'; } // splash echo '<h3>' . i18n::s('What do you want to do now?') . '</h3>'; // follow-up commands $menu = array(); $menu = array_merge($menu, array('servers/' => i18n::s('Servers'))); $menu = array_merge($menu, array('help/populate.php' => i18n::s('Launch the Content Assistant again'))); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); echo Skin::build_list($menu, 'menu_bar'); // new content has been created Logger::remember('help/populate.php: content assistant has created new content'); }
/** * create a new overlay from scratch * * This function creates an instance of the Overlay class based on the given type. * For the type '[code]foo[/code]', the script file '[code]overlays/foo.php[/code]' is loaded. * * Example: * [php] * // create a new overlay * $overlay = Overlay::bind('recipe'); * [/php] * * The provided string may include parameters after the type. * These parameters, if any, are saved along overlay attributes. * * Example: * [php] * // this overlay will preserve past events * $overlay = Overlay::bind('day without_past_dates'); * [/php] * * This function calls the member function initialize() to allow for additional * generic initialization steps, if required. Example: loading of an external configuration * file. * * @see articles/edit.php * @see overlays/day.php * @see sections/edit.php * * @param string overlay type * @return a brand new instance */ public static final function bind($type) { global $context; // sanity check if (!$type || !trim($type)) { return NULL; } // stop hackers, if any $type = preg_replace(FORBIDDEN_IN_PATHS, '', strip_tags($type)); // remove side spaces $type = trim($type); // localize overlays strings --not related to Overlay::bind() at all... i18n::bind('overlays'); // extract parameters, if any $parameters = ''; if (strlen($type) > 1 && ($separator = strpos($type, ' ', 1)) !== FALSE) { $parameters = substr($type, $separator + 1); $type = substr($type, 0, $separator); } // reject hooks if (preg_match('/hook$/i', $type)) { return NULL; } // load the overlay class file $file = $context['path_to_root'] . 'overlays/' . $type . '.php'; if (is_readable($file)) { include_once $file; } // create the instance if (class_exists($type)) { $overlay = new $type(); $overlay->attributes = array(); $overlay->attributes['overlay_type'] = $type; $overlay->attributes['overlay_parameters'] = $parameters; // allow for internal initialization of the overlay $overlay->initialize(); return $overlay; } // houston, we've got a problem -- Logger::error() is buggy here if ($context['with_debug'] == 'Y') { Logger::remember('overlays/overlay.php: overlay::bind() unknown overlay type', $type, 'debug'); } return NULL; }
$response = array('flerror' => 0, 'message' => 'Thanks for the ping'); } } break; default: $response = array('faultCode' => 1, 'faultString' => 'Do not know how to process ' . $parameters['methodName']); Logger::remember('services/ping.php: ping unsupported methodName', $parameters, 'debug'); } } // no response yet if (!isset($response)) { $response = array('faultCode' => 1, 'faultString' => 'no response'); } // build a XML snippet $result = $codec->export_response($response); $status = @$result[0]; $response = @$result[1]; // handle the output correctly render_raw('text/xml; charset=' . $context['charset']); // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $response; } // save the response if debug mode if (isset($context['debug_ping']) && $context['debug_ping'] == 'Y') { Logger::remember('services/ping.php: ping response', $response, 'debug'); } elseif (isset($context['debug_trackback']) && $context['debug_trackback'] == 'Y' && $parameters['methodName'] == 'pingback.ping') { Logger::remember('services/ping.php: ping response', $response, 'debug'); } // the post-processing hook finalize_page();
// permission denied } elseif (!$permitted) { Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // deletion is confirmed } elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') { // touch the related anchor before actual deletion, since the image has to be accessible at that time if (is_object($anchor)) { $anchor->touch('category:delete', $item['id']); } // attempt to delete if (Categories::delete($item['id'])) { // log item deletion $label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title'])); $description = Categories::get_permalink($item); Logger::remember('categories/delete.php: ' . $label, $description); // this can appear anywhere Cache::clear(); // back to the anchor page or to the index page if (is_object($anchor)) { Safe::redirect($anchor->get_url()); } else { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'categories/'); } } // deletion has to be confirmed } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { Logger::error(i18n::s('The action has not been confirmed.')); } else { // commands $menu = array();
/** * login * * The script checks provided name and password against remote server. * * This is done by transmitting the user name and the password * to the directory. * * @param string the nickname of the user * @param string the submitted password * @return TRUE on successful authentication, FALSE othewise */ function login($name, $password) { global $context; // we need some parameters if (!isset($this->attributes['authenticator_parameters']) || !$this->attributes['authenticator_parameters']) { Logger::error(i18n::s('Please provide parameters to the authenticator.')); return FALSE; } // tokenize enclosed parameters $tokens = preg_split('/(")/', $this->attributes['authenticator_parameters'], -1, PREG_SPLIT_DELIM_CAPTURE); $outside = TRUE; $parameters = array(); foreach ($tokens as $token) { // sanity check --PREG_SPLIT_NO_EMPTY does not work if (!trim($token)) { // catch "" arguments (used for example as an empty password) if (!$outside) { $parameters[] = ""; } continue; } // begin or end of a token if ($token == '"') { $outside = !$outside; continue; } // outside, each word is a token if ($outside) { $parameters = array_merge($parameters, explode(' ', trim($token))); } else { $parameters[] = trim($token); } } // ensure a minimum number of parameters if (count($parameters) < 1) { Logger::error(i18n::s('Provide at least server name to the LDAP authenticator.')); return FALSE; } // prepare network parameters $server = $parameters[0]; if (strstr($server, ':')) { list($server, $port) = explode(':', $server, 2); } else { $port = 389; } // distinguished name used for bind $bind_dn = ''; if (isset($parameters[1])) { $bind_dn = str_replace('%u', $name, $parameters[1]); } // password used for bind $bind_password = ''; if (isset($parameters[2])) { $bind_password = str_replace('%p', $password, $parameters[2]); } // distinguished name used for search $search_dn = ''; if (isset($parameters[3])) { $search_dn = $parameters[3]; } // encode provided parameters to avoid LDAP injections $name = preg_replace('/([^a-zA-Z0-9\' ])/e', "chr(92).bin2hex('\$1')", $name); $password = preg_replace('/([^a-zA-Z0-9\' ])/e', "chr(92).bin2hex('\$1')", $password); // search expression $search_filter = ''; if (isset($parameters[4])) { $search_filter = str_replace(array('%u', '%p'), array($name, $password), $parameters[4]); } // parse options $opt_deref = LDAP_DEREF_NEVER; $opt_protocol_version = 3; $opt_sizelimit = 0; $opt_timelimit = 0; $opt_ldap_search_func = "ldap_search"; if (isset($parameters[5])) { $tokens = preg_split('/,/', $parameters[5], -1, PREG_SPLIT_NO_EMPTY); foreach ($tokens as $token) { $argerror = $valerror = 0; $argerror_s = $argerror_c = ''; list($key, $val) = explode('=', $token, 2); if (!strcasecmp($key, "DEREF")) { if (!strcasecmp($val, "never")) { $opt_deref = LDAP_DEREF_NEVER; } elseif (!strcasecmp($val, "always")) { $opt_deref = LDAP_DEREF_ALWAYS; } else { $valerror = 1; } } elseif (!strcasecmp($key, "PROTOCOL_VERSION")) { if ($val == 2 || $val == 3) { $opt_protocol_version = $val; } else { $valerror = 1; } } elseif (!strcasecmp($key, "SCOPE")) { if (!strcasecmp($val, "one")) { $opt_ldap_search_func = "ldap_list"; } elseif (!strcasecmp($val, "sub")) { $opt_ldap_search_func = "ldap_search"; } else { $valerror = 1; } } elseif (!strcasecmp($key, "SIZELIMIT")) { if (ctype_digit($val)) { $opt_sizelimit = $val; } else { $valerror = 1; } } elseif (!strcasecmp($key, "TIMELIMIT")) { if (ctype_digit($val)) { $opt_timelimit = $val; } else { $valerror = 1; } } else { $argerror_s = sprintf(i18n::s("Unknown LDAP option %s."), $key); $argerror_c = sprintf(i18n::c("Unknown LDAP option %s."), $key); $argerror = 1; } // a wrong value must trigger an error message if ($valerror) { $argerror_s = sprintf(i18n::s("LDAP %s: bad value '%s'."), $key, $val); $argerror_c = sprintf(i18n::c("LDAP %s: bad value '%s'."), $key, $val); $argerror = 1; } // print any error message raised while parsing the option if ($argerror) { Logger::error($argerror_s); if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . $argerror_c, '', 'debug'); } return FALSE; } } } // ensure we can move forward if (!is_callable('ldap_connect')) { Logger::error(i18n::s('Please activate the LDAP library.')); if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . i18n::c('Please activate the LDAP library.'), '', 'debug'); } return FALSE; } // open network socket if (!($handle = @ldap_connect($server, $port))) { Logger::error(sprintf(i18n::s('Impossible to connect to %.'), $server)); if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to connect to %.'), $server . ':' . $port), '', 'debug'); } return FALSE; } // set desired options @ldap_set_option($handle, LDAP_OPT_PROTOCOL_VERSION, $opt_protocol_version); @ldap_set_option($handle, LDAP_OPT_DEREF, $opt_deref); @ldap_set_option($handle, LDAP_OPT_SIZELIMIT, $opt_sizelimit); @ldap_set_option($handle, LDAP_OPT_TIMELIMIT, $opt_timelimit); // bind to directory, namely or anonymously if ($bind_dn && @ldap_bind($handle, $bind_dn, $bind_password)) { } elseif (!$bind_dn && @ldap_bind($handle)) { } else { Logger::error(sprintf(i18n::s('Impossible to bind to LDAP server %s.'), $server) . BR . ldap_errno($handle) . ': ' . ldap_error($handle)); if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to bind to LDAP server %s.'), $server . ' ' . $bind_dn . ' ' . $bind_password), ldap_errno($handle) . ': ' . ldap_error($handle), 'debug'); } ldap_close($handle); return FALSE; } // stop on successful bind if (!trim($search_filter)) { ldap_close($handle); return TRUE; } // search the directory if (!($result = @call_user_func($opt_ldap_search_func, $handle, $search_dn, $search_filter, array('cn')))) { Logger::error(sprintf(i18n::s('Impossible to search in LDAP server %s.'), $server) . BR . ldap_errno($handle) . ': ' . ldap_error($handle)); if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('Impossible to search in LDAP server %s.'), $server), ldap_errno($handle) . ': ' . ldap_error($handle), 'debug'); } ldap_close($handle); return FALSE; } // successful match if (@ldap_first_entry($handle, $result) !== FALSE) { ldap_free_result($result); ldap_close($handle); return TRUE; } // authentication has failed if ($context['with_debug'] == 'Y') { Logger::remember('users/authenticators/ldap.php: ' . sprintf(i18n::c('No match for %s.'), $search_filter), '', 'debug'); } ldap_free_result($result); ldap_close($handle); return FALSE; }
$fields['nick_name'] = 'groups'; $fields['articles_layout'] = 'none'; $fields['articles_templates'] = 'information_template, question_template, chat_template, event_template, wiki_template'; $fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time()); $fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time()); $fields['index_map'] = 'N'; // not mentioned at the home page $fields['locked'] = 'Y'; // no direct contributions $fields['options'] = 'no_contextual_menu'; $fields['rank'] = 40000; // at the end of the list $fields['sections_layout'] = 'directory'; $fields['title'] = i18n::c('Groups'); if (!($fields['id'] = Sections::post($fields, FALSE))) { Logger::remember('sections/new.php: Impossible to add a section.'); return; } // retrieve the new section $anchor = Sections::get('groups'); } // we are creating a blog if (isset($_REQUEST['space_type']) && $_REQUEST['space_type'] == 'blog') { $_REQUEST['articles_layout'] = 'daily'; $_REQUEST['articles_templates'] = 'simple_template'; $_REQUEST['content_options'] = 'with_extra_profile with_neighbours'; $_REQUEST['options'] = 'with_extra_profile'; $_REQUEST['locked'] = 'Y'; // only editors can contribute // we are creating a project } elseif (isset($_REQUEST['space_type']) && $_REQUEST['space_type'] == 'project') {
$content .= '?>' . "\n"; // save switch parameters, if any if (!Safe::file_put_contents('parameters/switch.include.php', $content)) { // not enough rights to write the file Logger::error(sprintf(i18n::s('Impossible to write to %s.'), 'parameters/switch.include.php.')); // allow for a manual update $context['text'] .= '<p style="text-decoration: blink;">' . sprintf(i18n::s('To actually change the configuration, please copy and paste following lines by yourself in file %s.'), 'parameters/switch.include.php') . "</p>\n"; // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration'), Safe::highlight_string($content), 'folded'); } // rename the switch file if (Safe::rename($context['path_to_root'] . 'parameters/switch.on', $context['path_to_root'] . 'parameters/switch.off')) { Logger::error(i18n::s('The server has been switched OFF. Switch it back on as soon as possible.')); // remember the change $label = i18n::c('The server has been switched off.'); Logger::remember('control/switch.php: ' . $label); // if the server is currently switched off } elseif (file_exists($context['path_to_root'] . 'parameters/switch.off')) { Logger::error(i18n::s('The server is currently switched off. All users are redirected to the closed page.')); } else { Logger::error(i18n::s('Impossible to rename the file parameters/switch.on to parameters/switch.off. Do it yourself manually if you like.')); } // follow-up commands $menu = array(); // do it again if (file_exists($context['path_to_root'] . 'parameters/switch.off')) { $menu = array_merge($menu, array('control/switch.php?action=on' => i18n::s('Switch on'))); } // control panel $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); // display follow-up commands
} // // daily jobs // echo 'Checking daily jobs...' . BR; // get date of last run $record = Values::get_record('cron.daily', NULL_DATE); // wait at least 1 day = 86400 seconds between runs if (isset($record['edit_date'])) { $target = SQL::strtotime($record['edit_date']) + 86400; } else { $target = time(); } // request to be delayed if ($target > time()) { echo 'Wait until ' . gmdate('r', $target) . ' GMT' . BR; } else { Values::set('cron.daily', 'running...'); // do the job and provide feed-back to user $context['text'] = Hooks::include_scripts('daily'); echo $context['text']; // remember tick date and resulting text Values::set('cron.daily', $context['text']); // log outcome of script execution in debug mode if ($context['with_debug'] == 'Y') { Logger::remember('cron.php: daily processing', $context['text'], 'debug'); } } // all done $time = round(get_micro_time() - $context['start_time'], 2); exit(sprintf('Script terminated in %.2f seconds.', $time) . BR);
/** * scan a file for viruses * * This function connects to ClamAV daemon, if possible, to scan the referred file. * * @param string absolute path of the file to scan * @return string 'Y' if the file has been infected, '?' if clamav is not available, or 'N' if no virus has been found */ public static function has_virus($file) { global $context; // file scanning must be configured if (!isset($context['clamav_check']) || $context['clamav_check'] === 'N') { return 'N'; } // we can't connect to clamav daemon $server = 'localhost'; if (!($handle = Safe::fsockopen($server, 3310, $errno, $errstr, 1))) { if ($context['with_debug'] == 'Y') { Logger::remember('files/files.php: Unable to connect to CLAMAV daemon', '', 'debug'); } return '?'; } // ensure enough execution time Safe::set_time_limit(30); // scan uploaded file $request = 'SCAN ' . $file; fputs($handle, $request . CRLF); if ($context['with_debug'] == 'Y') { Logger::remember('files/files.php: CLAMAV ->', $request, 'debug'); } // expecting an OK if (($reply = fgets($handle)) === FALSE) { Logger::remember('files/files.php: No reply to SCAN command at ' . $server); fclose($handle); return '?'; } if ($context['with_debug'] == 'Y') { Logger::remember('files/files.php: CLAMAV <-', $reply, 'debug'); } // file has been infected! if (!stripos($reply, ': ok')) { Logger::remember('files/files.php: Infected upload by ' . Surfer::get_name()); fclose($handle); return 'Y'; } // everything is ok fclose($handle); return 'N'; }
if (isset($_REQUEST['bbb_server'])) { $content .= '$context[\'bbb_server\']=\'' . addcslashes($_REQUEST['bbb_server'], "\\'") . "';\n"; } if (isset($_REQUEST['bbb_salt'])) { $content .= '$context[\'bbb_salt\']=\'' . addcslashes($_REQUEST['bbb_salt'], "\\'") . "';\n"; } $content .= '?>' . "\n"; // update the parameters file if (!Safe::file_put_contents('parameters/overlays.bbb_meetings.include.php', $content)) { Logger::error(sprintf(i18n::s('ERROR: Impossible to write to the file %s. The configuration has not been saved.'), 'parameters/overlays.bbb_meetings.include.php')); // report to end-user } else { $context['text'] .= '<p>' . sprintf(i18n::s('The following configuration has been saved into the file %s.'), 'parameters/overlays.bbb_meetings.include.php') . "</p>\n"; // purge the cache Cache::clear(); // remember the change $label = sprintf(i18n::c('%s has been updated'), 'parameters/overlays.bbb_meetings.include.php'); Logger::remember('overlays/bbb_meetings/configure.php: ' . $label); // display updated parameters $context['text'] .= Skin::build_box(i18n::s('Configuration parameters'), Safe::highlight_string($content), 'folded'); // follow-up commands $follow_up = i18n::s('Where do you want to go now?'); $menu = array(); $menu = array_merge($menu, array('control/' => i18n::s('Control Panel'))); $menu = array_merge($menu, array('overlays/bbb_meetings/configure.php' => i18n::s('Configure again'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); } } // render the skin render_skin();