function force_session_restart($id_author)
{
include_lcm('inc_session');
global $author_session, $lcm_session;
zap_sessions($id_author, true);
if ($author_session['id_author'] == $id_author) {
lcm_debug("lcm_session = " . $lcm_session);
delete_session($lcm_session);
} else {
lcm_debug("I am ID = " . $author_session['id_author']);
}
}
function send_email($email, $subject, $texte, $from = "", $headers = "")
{
global $hebergeur, $queue_mails, $flag_wordwrap, $os_serveur;
include_lcm('inc_filters');
if (!$from) {
$email_envoi = read_meta("email_sender");
$from = is_valid_email($email_envoi) ? $email_envoi : $email;
}
if (!is_valid_email($email)) {
return false;
}
lcm_debug("mail ({$email}): {$subject}");
$charset = read_meta('charset');
$headers = "From: {$from}\n" . "MIME-Version: 1.0\n" . "Content-Type: text/plain; charset={$charset}\n" . "Content-Transfer-Encoding: 8bit\n{$headers}";
$texte = filtrer_entites($texte);
$subject = filtrer_entites($subject);
// fignoler ce qui peut l'etre...
if ($charset != 'utf-8') {
$texte = str_replace("’", "'", $texte);
$subject = str_replace("’", "'", $subject);
}
// encoder le sujet si possible selon la RFC
if ($GLOBALS['flag_multibyte'] and @mb_internal_encoding($charset)) {
$subject = mb_encode_mimeheader($subject, $charset, 'Q');
}
if ($flag_wordwrap) {
$texte = wordwrap($texte);
}
if ($os_serveur == 'windows') {
$texte = preg_replace("/\r*\n/", "\r\n", $texte);
$headers = preg_replace("/\r*\n/", "\r\n", $headers);
}
switch ($hebergeur) {
case 'lycos':
$queue_mails[] = array('email' => $email, 'sujet' => $subject, 'texte' => $texte, 'headers' => $headers);
return true;
case 'free':
return false;
case 'online':
if (!($ret = @email('webmaster', $email, $subject, $texte))) {
lcm_log("ERROR mail: (online) returned false");
}
return $ret;
default:
if (!($ret = @mail($email, $subject, $texte, $headers))) {
lcm_log("ERROR mail: (default) returned false");
}
return $ret;
}
}
function lcm_query_db($query, $accept_fail = false)
{
global $lcm_pgsql_link;
global $lcm_pgsql_error;
static $tt = 0;
$my_debug = $GLOBALS['sql_debug'];
$my_profile = $GLOBALS['sql_profile'];
$lcm_pgsql_error = "";
$query = process_query($query);
if ($my_profile) {
$m1 = microtime();
}
if ($GLOBALS['mysql_recall_link'] and $lcm_pgsql_link) {
$result = pg_query($query, $lcm_pgsql_link);
} else {
$result = pg_query($query);
}
if ($my_debug and $my_profile) {
$m2 = microtime();
list($usec, $sec) = explode(" ", $m1);
list($usec2, $sec2) = explode(" ", $m2);
$dt = $sec2 + $usec2 - $sec - $usec;
$tt += $dt;
echo "<small>" . htmlentities($query);
echo " -> <font color='blue'>" . sprintf("%3f", $dt) . "</font> ({$tt})</small><p>\n";
}
if ($my_debug) {
lcm_debug("QUERY: {$query}\n", 1, 'sql');
}
if (!$result) {
$err = lcm_sql_error();
if (!$accept_fail) {
$error = _T('warning_sql_query_failed') . "<br />\n" . htmlentities($query) . "<br />\n";
$error .= "« " . htmlentities($err) . " »<br />";
lcm_panic($error);
}
$lcm_pgsql_error = $err;
lcm_log("sql failed: {$err}");
}
return $result;
}
function timeout($lock = false, $action = true, $connect_mysql = true)
{
static $ok = true;
global $db_ok;
// Has the hosting provided put a lock? (maximum age, 10 minutes)
$timeoutfile = (isset($_SERVER['LcmDataDir']) ? $_SERVER['LcmDataDir'] : 'inc/data') . '/lock';
if (@file_exists($timeoutfile) and time() - @filemtime($timeoutfile) < 600) {
lcm_debug("lock hebergeur {$timeoutfile}");
return $ok = false;
}
// Nothing to do?
if (!$action || !$ok) {
return $ok;
}
$ok = false;
// Database connected?
if ($connect_mysql) {
include_ecrire('inc_connect.php');
if (!$db_ok) {
return false;
}
// Lock requested?
if ($lock) {
lcm_debug("test lock mysql {$lock}");
if (!spip_get_lock($lock)) {
lcm_debug("lock mysql {$lock}");
return false;
}
}
}
// Go ahead
return true;
}
function traduire_nom_langue($lang)
{
lcm_debug("Use of deprecated function traduire_nom_langue(), use translate_language_name() instead");
return translate_language_name($lang);
}
// ...
$ok = false;
reset($auths);
foreach ($auths as $nom_auth) {
include_lcm('inc_auth_' . $nom_auth);
$classe_auth = 'Auth_' . $nom_auth;
$auth = new $classe_auth();
if ($auth->init()) {
$session_password_md5 = $_REQUEST['session_password_md5'];
// Try with the md5 password (made by Javascript in the form)
// [ML] TODO: session_password_md5 + next_session_password_md5
// should probably be refered to via _REQUEST... (test after!)
$ok = $auth->validate_md5_challenge($login, $session_password_md5, $next_session_password_md5);
// If failed, try as cleartext
if (!$ok && $session_password) {
lcm_debug("md5 login failed, trying with plaintext");
$ok = $auth->validate_pass_cleartext($login, $session_password);
}
}
if ($ok) {
break;
}
}
if ($ok) {
$ok = $auth->lire();
}
if ($ok) {
$auth->activate();
// Force cookies for admins
if ($auth->username and $auth->status == 'admin') {
$cookie_admin = "@" . $auth->username;
function getCaseIterator()
{
global $prefs;
if ($this->getCaseDone()) {
lcm_panic("LcmClient::getCaseIterator called but getCaseDone() returned true");
}
$ret = array_shift($this->cases);
$this->case_start_from++;
if ($this->getCaseDone()) {
lcm_debug('not done, reloading: ' . count($this->cases));
$this->loadCases($this->case_start_from + $prefs['page_rows']);
}
lcm_debug("getCaseIterator " . count($this->cases));
return $ret;
}
function get_fu_description($item, $make_short = true)
{
if (!is_array($item)) {
lcm_debug("get_fu_description: parameter is not an array.");
return '';
}
global $prefs;
global $fu_desc_len;
// configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN;
$short_description = '';
// Set the length of short followup title (was: wide = 48, narrow = 115)
$title_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256;
if ($item['type'] == 'assignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_assigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'unassignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_unassigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'stage_change' || is_status_change($item['type'])) {
$tmp = lcm_unserialize($item['description']);
// for backward compatibility, make it optional
if ($item['case_stage']) {
$short_description = _Tkw('stage', $item['case_stage']);
}
if ($tmp['description']) {
$short_description .= " / " . $tmp['description'];
}
if ($tmp['result'] || $tmp['conclusion']) {
$short_description .= "\n" . _Ti('fu_input_conclusion');
}
if ($tmp['result']) {
$short_description .= _Tkw('_crimresults', $tmp['result']) . "/";
}
if ($tmp['conclusion']) {
$short_description .= _Tkw('conclusion', $tmp['conclusion']);
}
if ($tmp['sentence']) {
$short_description .= "\n" . _Ti('fu_input_sentence') . _Tkw('sentence', $tmp['sentence'], array('currency' => read_meta('currency')));
}
if ($tmp['sentence_val']) {
$short_description .= ": " . $tmp['sentence_val'];
}
} else {
if ($item['description']) {
if (!$make_short || strlen(lcm_utf8_decode($item['description'])) < $title_length) {
$short_description = $item['description'];
} else {
$short_description = substr($item['description'], 0, $title_length) . '...';
}
$short_description = clean_output($short_description);
} else {
$short_description = _T('fu_info_emptydesc');
}
}
$short_description = nl2br($short_description);
if (empty($short_description)) {
$short_description = _T('info_not_available');
}
return $short_description;
}
function update_contacts_request($type_person, $id_of_person)
{
// This will be useful later, to check mandatory/optional contacts
$all_contact_kwg = get_kwg_all('contact');
//
// Update existing contacts
//
if (isset($_REQUEST['contact_value'])) {
$contacts = $_REQUEST['contact_value'];
$c_ids = $_REQUEST['contact_id'];
$c_types = $_REQUEST['contact_type'];
//
// Check if the contacts provided are really attached to the person
// or else the user can provide a form with false contacts.
//
$all_contacts = get_contacts($type_person, $id_of_person);
for ($cpt = 0; isset($c_ids[$cpt]) && $c_ids[$cpt]; $cpt++) {
$valid = false;
foreach ($all_contacts as $c) {
if ($c['id_contact'] == $c_ids[$cpt]) {
$valid = true;
}
}
if (!$valid) {
lcm_panic("Invalid modification of existing contact detected.");
}
}
for ($cpt = 0; isset($c_ids[$cpt]); $cpt++) {
// Check first to see if the contact is mandatory
$kwg = get_kwg_from_id($c_types[$cpt]);
$delete_allowed = true;
if ($kwg['policy'] == 'mandatory') {
// XXX Having policy == 'mandatory' but quantity = many
// really makes a mess, and is not handled.
$delete_allowed = false;
}
if (_request('del_contact_' . $c_ids[$cpt])) {
if ($delete_allowed) {
lcm_debug("Contact DEL: {$type_person}, {$id_of_person}, " . $c_ids[$cpt], 1);
delete_contact($c_ids[$cpt]);
} else {
$_SESSION['errors']['upd_contact_' . $cpt] = _T('warning_field_mandatory');
}
} else {
if (!$delete_allowed && !$contacts[$cpt]) {
$_SESSION['errors']['upd_contact_' . $cpt] = _T('warning_field_mandatory');
} else {
lcm_debug("Contact UPD: {$type_person}, {$id_of_person}, " . $c_ids[$cpt] . ' = ' . $contacts[$cpt], 1);
$err = update_contact($c_ids[$cpt], $contacts[$cpt]);
if ($err) {
$_SESSION['errors']['upd_contact_' . $cpt] = $err;
}
}
}
}
}
//
// New contacts
//
if (isset($_REQUEST['new_contact_value'])) {
$cpt = 0;
$new_contacts = $_REQUEST['new_contact_value'];
$c_type_names = $_REQUEST['new_contact_type_name'];
while (isset($new_contacts[$cpt])) {
// Process only new contacts which have a value
if ($new_contacts[$cpt]) {
// And make sure that they have a "type of contact"
if ($c_type_names[$cpt]) {
lcm_debug("Contact NEW: {$type_person}, {$id_of_person}, Name = " . $c_type_names[$cpt] . ', ' . $new_contacts[$cpt], 1);
$err = add_contact($type_person, $id_of_person, $c_type_names[$cpt], $new_contacts[$cpt]);
if ($err) {
$_SESSION['errors']['new_contact_' . $cpt] = $err;
}
} else {
$_SESSION['errors']['new_contact_' . $cpt] = "Please specify the type of contact.";
// TRAD
}
}
$cpt++;
}
}
//
// Check if all mandatory contacts were provided
//
$all_contacts = get_contacts($type_person, $id_of_person);
foreach ($all_contact_kwg as $c) {
if ($c['policy'] == 'mandatory') {
$found = false;
foreach ($all_contacts as $a) {
if ($a['name'] == $c['name'] && trim($a['value'])) {
$found = true;
}
}
if (!$found) {
$_SESSION['errors']['contact_' . $c['name']] = _Ti($c['title']) . _T('warning_field_mandatory');
}
}
}
}
function lcm_query_db($query, $accept_fail = false)
{
global $lcm_mysql_link;
static $tt = 0;
$my_debug = $GLOBALS['sql_debug'];
$my_profile = $GLOBALS['sql_profile'];
/* [ML] I have no idea whether this is overkill, but without it,
we get strange problems with Cyrillic and other non-latin charsets.
We need to check whether tables were installed correctly, or else
it will not show non-latin utf8 characters correctly. (i.e. for
people who upgraded LCM, but didn't import/export their data to
fix the tables.)
*/
if (read_meta('db_utf8') == 'yes') {
lcm_mysql_set_utf8();
} elseif (!read_meta('db_utf8') == 'no' && !read_meta('lcm_db_version')) {
// We are not yet installed, so check MySQL version on every request
// Note: checking is is_file('inc/data/inc_meta_cache.php') is not
// enough, because the keywords cache may have been generated, but not
// the meta.
if (!preg_match("/^(4\\.0|3\\.)/", mysql_get_server_info())) {
lcm_mysql_set_utf8();
}
}
$query = process_query($query);
if ($my_profile) {
$m1 = microtime();
}
if ($GLOBALS['mysql_recall_link'] and $lcm_mysql_link) {
$result = mysql_query($query, $lcm_mysql_link);
} else {
$result = mysql_query($query);
}
if ($my_debug and $my_profile) {
$m2 = microtime();
list($usec, $sec) = explode(" ", $m1);
list($usec2, $sec2) = explode(" ", $m2);
$dt = $sec2 + $usec2 - $sec - $usec;
$tt += $dt;
echo "<small>" . htmlentities($query);
echo " -> <font color='blue'>" . sprintf("%3f", $dt) . "</font> ({$tt})</small><p>\n";
}
if ($my_debug) {
lcm_debug("QUERY: {$query}\n", 1, 'sql');
}
if (lcm_sql_errno() && !$accept_fail) {
$s = lcm_sql_error();
$error = _T('warning_sql_query_failed') . "<br />\n" . htmlentities($query) . "<br />\n";
$error .= "« " . htmlentities($s) . " »<br />";
lcm_panic($error);
}
return $result;
}
function upload_backup_file()
{
// File name and extention
$fname = "";
$fext = "";
// Clear all previous errors
$_SESSION['errors'] = array();
if (!is_uploaded_file($_FILES['filename']['tmp_name'])) {
// FIXME: error message
$_SESSION['errors']['upload_file'] = '1 - not a valid file';
// TRAD
return;
}
if (!($_FILES['filename']['size'] > 0)) {
// FIXME: error message
$_SESSION['errors']['upload_file'] = 'size is zero';
// TRAD
return;
}
// File should be: name.tar or name.tar.gz or name.tgz
// name can be pretty much anything, since it will be rawurlencoded()
// if it is prefixed with "db-", it will be removed and later added again
if (preg_match("/^(db-)?(.+)\\.(tar(\\.gz)?|tgz)\$/", $_FILES['filename']['name'], $regs)) {
$fname = rawurlencode($regs[2]);
$fext = $regs[3];
} else {
// FIXME: error
$_SESSION['errors']['upload_file'] = 'name not accepted';
// TRAD
return;
}
$cpt = 0;
while (file_exists(DIR_BACKUPS_PREFIX . $fname . ($cpt ? "-" . $cpt : '') . "." . $fext)) {
$cpt++;
}
$fname_full = DIR_BACKUPS_PREFIX . $fname . ($cpt ? "-" . $cpt : '') . "." . $fext;
if (!move_uploaded_file($_FILES['filename']['tmp_name'], $fname_full)) {
// FIXME: error message
$_SESSION['errors']['upload_file'] = 'move_uploaded_file freaked out';
// TRAD
return;
}
if (is_file($fname_full)) {
// unpackage
@(include "Archive/Tar.php");
$tar_worked = false;
if (class_exists("Archive_Tar")) {
$tar_worked = true;
$old_dir = getcwd();
chdir(DIR_BACKUPS);
$tar_object = new Archive_Tar($fname_full);
$tar_object->setErrorHandling(PEAR_ERROR_PRINT);
// XXX is this safe to do this here? What if file exists?
// FIXME: check extractList() to modify dest path
$tar_object->extract();
chdir($old_dir);
lcm_debug("untar should be OK");
} else {
$_SESSION['errors']['upload_file'] = "Archive::Tar not installed";
// TRAD
lcm_log("Archive::Tar not installed");
return;
}
} else {
lcm_panic("This should not happen...");
}
}
