/** * Manages a module * * @since 1.0 * @package facileManager */ function manageModule($module_name = null, $action = null) { global $__FM_CONFIG; if (!$module_name || !in_array($module_name, getAvailableModules())) { return false; } $current_active_modules = getOption('fm_active_modules', $_SESSION['user']['account_id']); $command = is_array($current_active_modules) ? 'update' : 'insert'; switch ($action) { case 'activate': /** Ensure $module_name is not already active */ if (in_array($module_name, getActiveModules())) { return; } /** Ensure $module_name is installed */ if (getOption('version', 0, $module_name) === false) { return; } $current_active_modules[] = $module_name; return setOption('fm_active_modules', $current_active_modules, 'auto', true, $_SESSION['user']['account_id']); break; case 'deactivate': /** Ensure $module_name is not already deactivated */ if (!in_array($module_name, getActiveModules())) { return; } $new_array = array(); foreach ($current_active_modules as $module) { if ($module == $module_name) { continue; } $new_array[] = $module; } return setOption('fm_active_modules', $new_array, 'update', true, $_SESSION['user']['account_id']); break; case 'uninstall': if (!in_array($module_name, getAvailableModules())) { return; } if (function_exists('uninstallModuleSchema')) { $output = uninstallModuleSchema($__FM_CONFIG['db']['name'], $module_name); } if ($output != 'Success') { return false; } return true; break; } return false; }
/** * Gets all available user capabilities * * @since 2.0 * @package facileManager * * @return array */ function getAvailableUserCapabilities() { global $fm_name; $fm_user_caps = null; if (file_exists(ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $fm_name . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php')) { include ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $fm_name . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php'; } foreach (getActiveModules() as $module) { if (file_exists(ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php')) { include ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php'; } } return $fm_user_caps; }
if ($page->branch == 'Webkit') { $template = $page->delta_file('index', 'html'); } else { $template = "$page->branch/index.html"; } Modules::init($page->branch, $page->certs, $page->platform); // iphone can customize without reloading if($page->delta == 'iphone') { $modules = Modules::$default_order; } else { $modules = getModuleOrder(); $activemodules = getActiveModules(); // Process the various possible actions if($_REQUEST['action'] == 'swap') { $module_1 = $_REQUEST['module1']; $module_2 = $_REQUEST['module2']; $position_1 = intval($_REQUEST['position1']); $position_2 = intval($_REQUEST['position2']); //make sure cookie is consistent with action // if so swap them if( ($modules[$position_1] == $module_1) && ($modules[$position_2] == $module_2) ) { $modules[$position_1] = $module_2; $modules[$position_2] = $module_1; } }
/** * Checks if the user is authenticated * * @since 1.0 * @package facileManager * * @return boolean */ function isLoggedIn() { global $fm_name; if (defined('INSTALL')) { return false; } /** No auth_method defined */ if (getOption('fm_db_version') >= 18) { if (!getOption('auth_method')) { if (!isset($_COOKIE['myid'])) { session_set_cookie_params(strtotime('+1 week')); @session_start(); $_SESSION['user']['logged_in'] = true; $_SESSION['user']['id'] = 1; $_SESSION['user']['account_id'] = 1; $modules = getActiveModules(true); if (!isset($_SESSION['module'])) { $_SESSION['module'] = is_array($modules) && count($modules) ? $modules[0] : $fm_name; } setcookie('myid', session_id(), strtotime('+1 week')); } session_set_cookie_params(strtotime('+1 week')); if (!empty($_COOKIE['myid'])) { @session_id($_COOKIE['myid']); @session_start(); } return true; } } /** Auth method defined so let's validate */ if (isset($_COOKIE['myid'])) { $myid = $_COOKIE['myid']; /** Init the session. */ session_set_cookie_params(strtotime('+1 week')); session_id($myid); @session_start(); /** Check if they're logged in. */ if (isset($_SESSION['user']['logged_in']) && $_SESSION['user']['logged_in']) { /** Set the last login info */ if (strtotime("-1 hour") > $_SESSION['user']['last_login']) { $_SESSION['user']['last_login'] = strtotime("-15 minutes"); $_SESSION['user']['ipaddr'] = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $_SERVER['REMOTE_ADDR']; } /** Should the user be logged in? */ if (getNameFromID($_SESSION['user']['id'], 'fm_users', 'user_', 'user_id', 'user_status') != 'active') { header('Location: ' . $GLOBALS['RELPATH'] . '?logout'); } return true; } } return false; }
/** * Displays the form to add new user * * @since 1.0 * @package facileManager */ function printUsersForm($data = '', $action = 'add', $form_bits = array(), $button_text = 'Save', $button_id = 'submit', $action_page = 'admin-users.php', $print_form_head = true, $display_type = 'popup') { global $__FM_CONFIG, $fm_name, $fm_login; $user_id = 0; $user_login = $user_password = $cpassword = null; $ucaction = ucfirst($action); $disabled = isset($_GET['id']) && $_SESSION['user']['id'] == $_GET['id'] ? 'disabled' : null; $button_disabled = null; $user_email = $user_default_module = null; $hidden = $user_perm_form = $return_form_rows = null; $user_force_pwd_change = $user_template_only = null; if (!empty($_POST) && !array_key_exists('is_ajax', $_POST)) { if (is_array($_POST)) { extract($_POST); } } elseif (@is_object($data[0])) { extract(get_object_vars($data[0])); $user_password = null; } $popup_title = $action == 'add' ? __('Add User') : __('Edit User'); $popup_header = buildPopup('header', $popup_title); $popup_footer = buildPopup('footer'); if (in_array('user_login', $form_bits)) { /** Get field length */ $field_length = getColumnLength('fm_users', 'user_login'); $username_form = $action == 'add' ? '<input name="user_login" id="user_login" type="text" value="' . $user_login . '" size="40" maxlength="' . $field_length . '" />' : '<span id="form_username">' . $user_login . '</span>'; $hidden = '<input type="hidden" name="user_id" value="' . $user_id . '" />'; $hidden .= $action != 'add' ? '<input type="hidden" name="user_login" value="' . $user_login . '" />' : null; $return_form_rows .= '<tr> <th width="33%" scope="row"><label for="user_login">' . _('User Login') . '</label></th> <td width="67%">' . $username_form . '</td> </tr>'; } if (in_array('user_email', $form_bits)) { /** Get field length */ $field_length = getColumnLength('fm_users', 'user_login'); $return_form_rows .= '<tr> <th width="33%" scope="row"><label for="user_email">' . _('User Email') . '</label></th> <td width="67%"><input name="user_email" id="user_email" type="email" value="' . $user_email . '" size="32" maxlength="' . $field_length . '" ' . $disabled . ' /></td> </tr>'; } if (in_array('user_auth_method', $form_bits) && getOption('auth_method')) { if (!isset($user_auth_type)) { $user_auth_type = 1; } $auth_method_types = $__FM_CONFIG['options']['auth_method']; if (array_shift($auth_method_types) && count($auth_method_types) > 1) { $return_form_rows .= '<tr> <th width="33%" scope="row"><label for="user_email">' . _('Authentication Method') . '</label></th> <td width="67%">' . buildSelect('user_auth_type', 'user_auth_type', $auth_method_types, $user_auth_type) . '</td> </tr>'; } } if (in_array('user_password', $form_bits) || array_key_exists('user_password', $form_bits)) { if ($action == 'add') { $button_disabled = 'disabled'; } $strength = $GLOBALS['PWD_STRENGTH']; if (array_key_exists('user_password', $form_bits)) { $strength = $form_bits['user_password']; } $return_form_rows .= '<tr class="user_password"> <th width="33%" scope="row"><label for="user_password">' . _('User Password') . '</label></th> <td width="67%"><input name="user_password" id="user_password" type="password" value="" size="40" onkeyup="javascript:checkPasswd(\'user_password\', \'' . $button_id . '\', \'' . $strength . '\');" /></td> </tr> <tr class="user_password"> <th width="33%" scope="row"><label for="cpassword">' . _('Confirm Password') . '</label></th> <td width="67%"><input name="cpassword" id="cpassword" type="password" value="" size="40" onkeyup="javascript:checkPasswd(\'cpassword\', \'' . $button_id . '\', \'' . $strength . '\');" /></td> </tr> <tr class="user_password"> <th width="33%" scope="row">' . _('Password Validity') . '</th> <td width="67%"><div id="passwd_check">' . _('No Password') . '</div></td> </tr> <tr class="pwdhint user_password"> <th width="33%" scope="row">' . _('Hint') . '</th> <td width="67%">' . $__FM_CONFIG['password_hint'][$strength][1] . '</td> </tr>'; } if (in_array('user_module', $form_bits)) { $active_modules = $user_id == $_SESSION['user']['id'] ? getActiveModules(true) : getActiveModules(); $user_module_options = buildSelect('user_default_module', 'user_default_module', $active_modules, $user_default_module); unset($active_modules); $return_form_rows .= '<tr> <th width="33%" scope="row">' . _('Default Module') . '</th> <td width="67%">' . $user_module_options . '</td> </tr>'; } if (in_array('user_options', $form_bits)) { $force_pwd_check = $user_force_pwd_change == 'yes' ? 'checked disabled' : null; $user_template_only_check = $user_template_only == 'yes' ? 'checked' : null; $return_form_rows .= '<tr> <th width="33%" scope="row">' . _('Options') . '</th> <td width="67%"> <input name="user_force_pwd_change" id="user_force_pwd_change" value="yes" type="checkbox" ' . $force_pwd_check . '/><label for="user_force_pwd_change">' . _('Force Password Change at Next Login') . '</label><br /> <input name="user_template_only" id="user_template_only" value="yes" type="checkbox" ' . $user_template_only_check . '/><label for="user_template_only">' . _('Template User') . '</label> </td> </tr>'; } if (in_array('verbose', $form_bits)) { $hidden .= '<input type="hidden" name="verbose" value="0" />' . "\n"; $return_form_rows .= '<tr> <th width="33%" scope="row">' . _('Options') . '</th> <td width="67%"><input name="verbose" id="verbose" type="checkbox" value="1" checked /><label for="verbose">' . _('Verbose Output') . '</label></td> </tr>'; } do { if (in_array('user_perms', $form_bits)) { /** Cannot edit perms of super-admin if logged in user is not a super-admin */ if (userCan($user_id, 'do_everything') && !currentUserCan('do_everything')) { break; } $user_is_super_admin = userCan($user_id, 'do_everything'); $fm_perm_boxes = $perm_boxes = null; $i = 1; $fm_user_caps = getAvailableUserCapabilities(); foreach ($fm_user_caps[$fm_name] as $key => $title) { if ($key != 'do_everything' && $user_is_super_admin) { $checked = null; } else { $checked = userCan($user_id, $key) ? 'checked' : null; } if ($key == 'do_everything') { $title = "<b>{$title}</b>"; } $fm_perm_boxes .= ' <input name="user_caps[' . $fm_name . '][' . $key . ']" id="fm_perm_' . $key . '" type="checkbox" value="1" ' . $checked . '/> <label for="fm_perm_' . $key . '">' . $title . '</label>' . "\n"; /** Display checkboxes three per row */ if ($i == 3) { $fm_perm_boxes .= "<br />\n"; $i = 0; } $i++; } if (!empty($fm_perm_boxes)) { $perm_boxes .= <<<PERM \t\t\t\t<tr id="userperms"> \t\t\t\t\t<th width="33%" scope="row">{$fm_name}</th> \t\t\t\t\t<td width="67%"> \t\t\t\t\t\t<input type="hidden" name="process_user_caps" value="1" /> \t\t\t\t\t\t{$fm_perm_boxes} \t\t\t\t\t</td> \t\t\t\t</tr> PERM; } /** Process module permissions */ $active_modules = getActiveModules(); foreach ($active_modules as $module_name) { $module_perm_boxes = null; $i = 1; if (array_key_exists($module_name, $fm_user_caps)) { foreach ($fm_user_caps[$module_name] as $key => $title) { $checked = userCan($user_id, $key, $module_name) && !$user_is_super_admin ? 'checked' : null; $module_perm_boxes .= ' <input name="user_caps[' . $module_name . '][' . $key . ']" id="fm_perm_' . $module_name . '_' . $key . '" type="checkbox" value="1" ' . $checked . '/> <label for="fm_perm_' . $module_name . '_' . $key . '">' . $title . '</label>' . "\n"; /** Display checkboxes three per row */ if ($i == 3) { $module_perm_boxes .= "<br />\n"; $i = 0; } $i++; } $module_extra_functions = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module_name . DIRECTORY_SEPARATOR . 'functions.extra.php'; if (file_exists($module_extra_functions)) { include $module_extra_functions; $function = 'print' . $module_name . 'UsersForm'; if (function_exists($function)) { $module_perm_boxes .= $function(getUserCapabilities($user_id), $module_name); } } } if (!empty($module_perm_boxes)) { $perm_boxes .= <<<PERM \t\t\t\t\t<tr id="userperms"> \t\t\t\t\t\t<th width="33%" scope="row">{$module_name}</th> \t\t\t\t\t\t<td width="67%"> \t\t\t\t\t\t{$module_perm_boxes} \t\t\t\t\t\t</td> \t\t\t\t\t</tr> \t PERM; } } if (!empty($perm_boxes)) { $user_perm_form = sprintf('<tr><td colspan="2"><br /><br /><i>%s</i></td></tr>', _('User Permissions')) . $perm_boxes; } } } while (false); $return_form = $print_form_head ? '<form name="manage" id="manage" method="post" action="' . $action_page . '">' . "\n" : null; if ($display_type == 'popup') { $return_form .= $popup_header; } $return_form .= ' <div> <form id="fm_user_profile"> <input type="hidden" name="action" value="' . $action . '" />' . $hidden . ' <table class="form-table" width="495px"> <tr><td colspan="2"><i>' . _('User Details') . '</i></td></tr>' . $return_form_rows . $user_perm_form; $return_form .= '</table></div>'; if ($display_type == 'popup') { $return_form .= ' </div> <div class="popup-footer"> <input type="submit" id="' . $button_id . '" name="submit" value="' . $button_text . '" class="button primary" ' . $button_disabled . '/> <input type="button" value="' . _('Cancel') . '" class="button left" id="cancel_button" /> </div> </form> <script> $(document).ready(function() { $("select").select2({ containerCss: { "min-width": "165px" }, minimumResultsForSearch: -1 }); $("select.wide_select").select2({ width: "300px", minimumResultsForSearch: -1 }); }); </script>'; } return $return_form; }
if (arrayKeysExist(array('genserial', 'addserial', 'install', 'upgrade', 'ssh'), $_GET)) { if (!defined('CLIENT')) { define('CLIENT', true); } require_once 'fm-init.php'; if (file_exists(ABSPATH . 'fm-modules/' . $_POST['module_name'] . '/variables.inc.php')) { include ABSPATH . 'fm-modules/' . $_POST['module_name'] . '/variables.inc.php'; } include ABSPATH . 'fm-includes/version.php'; /** Check account key */ include ABSPATH . 'fm-modules/facileManager/classes/class_accounts.php'; $account_status = $fm_accounts->verifyAccount($_POST['AUTHKEY']); if ($account_status !== true) { $data = $account_status; } else { if (in_array($_POST['module_name'], getActiveModules())) { if (array_key_exists('genserial', $_GET)) { $module = $_POST['module_name'] ? $_POST['module_name'] : $_SESSION['module']; $data['server_serial_no'] = generateSerialNo($module); } if (array_key_exists('addserial', $_GET)) { /** Client expects an array for a good return */ $data = $_POST; /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG[$_POST['module_name']]['prefix'] . 'servers', $_POST['server_name'], 'server_', 'server_name'); if ($fmdb->num_rows) { $server_array = $fmdb->last_result; $_POST['server_id'] = $server_array[0]->server_id; $update_server = moduleAddServer('update'); } else { if (getOption('client_auto_register')) {
require_once "Home.php"; require_once "Modules.php"; require_once WEBROOT . "page_builder/Page.php"; //require WEBROOT . "page_builder/counter.php"; require WEBROOT . "page_builder/page_tools.php"; require WEBROOT . "customize/customize_lib.php"; $page = Page::factory(); $page->module('home'); PageViews::increment('home', $page->platform); $whats_new_count = Home::$whats_new_count; $top_item = Home::$whats_new->getTopItemName(); Modules::init($page->branch, $page->certs, $page->platform); $old_modules = getModuleOrder(); $moduleorder = Modules::refreshAll($old_modules, $page->branch); setModuleOrder($moduleorder); $modules = getActiveModules($page->branch); $modules = Modules::refreshActive($old_modules, $modules, $page->branch); $modules = Modules::add_required($modules, $page->branch); setActiveModules($modules); $all_modules = Modules::$default_order; //$fh = fopen('/tmp/headers-' . time() . '.txt', 'w'); //fwrite($fh, str_replace('",', "\",\n", json_encode($_SERVER)) . '\n'); //fclose($fh); $page->prevent_caching('Basic'); $page->prevent_caching('Touch'); $page->cache(); /* function url($module) { // we rewrite urls for modules which require certificates // to make sure the user at least once sees the get certificates page $url = Modules::url($module);
ini_set('display_errors', false); error_reporting(0); } /** Include module variables */ include ABSPATH . 'fm-modules/' . $fm_name . '/variables.inc.php'; if (isset($_SESSION['module'])) { include ABSPATH . 'fm-modules/' . $_SESSION['module'] . '/variables.inc.php'; } /** Handle module change request */ if (isset($_REQUEST['module']) && !isset($_REQUEST['action'])) { setUserModule($_REQUEST['module']); header('Location: ' . $GLOBALS['RELPATH']); exit; } /** Ensure selected module is indeed active */ if (isset($_SESSION['module']) && $_SESSION['module'] != $fm_name && !in_array($_SESSION['module'], getActiveModules())) { $_SESSION['module'] = $fm_name; header('Location: ' . $GLOBALS['RELPATH'] . 'admin-modules.php'); exit; } if (!defined('UPGRADE')) { /** Once logged in process the menuing */ if ($fm_login->isLoggedIn()) { if (isUpgradeAvailable()) { $fm_login->logout(); header('Location: ' . $GLOBALS['RELPATH']); exit; } } } /** Handle sort orders */
$module_display = sprintf('<p>%s</p>', _('The following modules have been detected:')) . @buildBulkActionMenu($bulk_actions_list, 'module_list') . $header; foreach ($modules as $module_name) { /** Include module variables */ @(include ABSPATH . 'fm-modules/' . $module_name . '/variables.inc.php'); $activate_link = $upgrade_link = $status_options = null; $class = array(); $uninstall_link = sprintf('<a href="?action=uninstall&module=%s"><span class="not_installed" onClick="return del(\'%s\');">%s</span></a>' . "\n", $module_name, _('Are you sure you want to delete this module?'), _('Uninstall')); /** Get module status */ $module_version = getOption('version', 0, $module_name); if ($module_version !== false) { if (in_array($module_name, getActiveModules())) { $activate_link = sprintf('<a href="?action=deactivate&module=%s">%s</a>' . "\n", $module_name, _('Deactivate')); $class[] = 'active'; } if (version_compare($module_version, $__FM_CONFIG[$module_name]['version'], '>=')) { if (!in_array($module_name, getActiveModules())) { $activate_link = sprintf('<span class="activate_link"><a href="?action=activate&module=%s">%s</a></span>' . "\n", $module_name, _('Activate')) . $uninstall_link; } } else { include ABSPATH . 'fm-includes/version.php'; if (version_compare($fm_version, $__FM_CONFIG[$module_name]['required_fm_version']) >= 0) { $upgrade_link = sprintf('<span class="upgrade_link"><a href="#" id="module_upgrade" name="%s" />%s</a></span>' . "\n", $module_name, _('Update Database Now')); } else { $upgrade_link .= sprintf('<span class="upgrade_link">' . _('%s v%s or later is required<br />before this module can be upgraded.') . '</span>', $fm_name, $__FM_CONFIG[$module_name]['required_fm_version']); } $activate_link = $uninstall_link; $class[] = 'upgrade'; } $status_options = $activate_link . "\n"; } else { $module_version = $__FM_CONFIG[$module_name]['version'];