public function toggleDisclaimer($actionName, $httpVars, $fileVars)
{
$u = AuthService::getLoggedUser();
$u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL);
if ($httpVars["validate"] == "true") {
$u->removeLock();
$u->save("superuser");
AuthService::updateUser($u);
ConfService::switchUserToActiveRepository($u);
$force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
$res = ConfService::switchUserToActiveRepository($u, $passId);
if (!$res) {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
ConfService::getInstance()->invalidateLoadedRepositories();
} else {
$u->setLock("validate_disclaimer");
$u->save("superuser");
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
}
public function logoutCallback($actionName, $httpVars, $fileVars)
{
AJXP_Safe::clearCredentials();
$adminUser = $this->options["AJXP_ADMIN_LOGIN"];
AuthService::disconnect();
session_write_close();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult(2);
AJXP_XMLWriter::close();
}
public function logoutCallback($actionName, $httpVars, $fileVars)
{
AJXP_Safe::clearCredentials();
$adminUser = $this->options["ADMIN_USER"];
$subUsers = array();
unset($_SESSION["COUNT"]);
unset($_SESSION["disk"]);
AuthService::disconnect();
session_write_close();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult(2);
AJXP_XMLWriter::close();
}
public function logoutCallback($actionName, $httpVars, $fileVars)
{
AJXP_Safe::clearCredentials();
$adminUser = $this->options["ADMIN_USER"];
$subUsers = array();
foreach ($_SESSION as $key => $val) {
if (substr($key, -4) === "disk" && substr($key, 0, 4) == "smb_") {
unset($_SESSION[$key]);
}
}
AuthService::disconnect();
session_write_close();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult(2);
AJXP_XMLWriter::close();
}
public function logoutCallback($actionName, $httpVars, $fileVars)
{
$safeCredentials = AJXP_Safe::loadCredentials();
$crtUser = $safeCredentials["user"];
if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) {
unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]);
}
AJXP_Safe::clearCredentials();
$adminUser = $this->options["AJXP_ADMIN_LOGIN"];
if (isset($this->options["ADMIN_USER"])) {
$adminUser = $this->options["AJXP_ADMIN_LOGIN"];
}
$subUsers = array();
if ($crtUser != $adminUser && $crtUser != "") {
ConfService::getConfStorageImpl()->deleteUser($crtUser, $subUsers);
}
AuthService::disconnect();
session_destroy();
session_write_close();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult(2);
AJXP_XMLWriter::close();
}
function tryToLogUser(&$httpVars, $isLast = false)
{
$checkNonce = $this->pluginConf["CHECK_NONCE"] === true;
$token = $this->detectVar($httpVars, "cyphered_token");
$tokenInc = $this->detectVar($httpVars, "cyphered_token_inc");
if (empty($token) || $checkNonce && empty($tokenInc)) {
return false;
}
if (!$checkNonce) {
$decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"], $token);
} else {
$decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"] . ":" . $tokenInc, $token);
}
if ($decoded == null) {
return false;
}
$data = unserialize($decoded);
if (empty($data) || !is_array($data) || !isset($data["user_id"]) || !isset($data["user_pwd"])) {
$this->logDebug(__FUNCTION__, "Cyphered Token found but wrong deserizalized data");
return false;
}
if (AuthService::getLoggedUser() != null) {
$currentUser = AuthService::getLoggedUser()->getId();
if ($currentUser != $data["user_id"]) {
AuthService::disconnect();
}
}
$this->logDebug(__FUNCTION__, "Trying to log user " . $data["user_id"] . " from cyphered token");
$userId = $data["user_id"];
if ($checkNonce) {
$keys = $this->getLastKeys();
$lastInc = 0;
if (isset($keys[$userId])) {
$lastInc = $keys[$userId];
}
if ($tokenInc <= $lastInc) {
$this->logDebug(__FUNCTION__, "Key was already used for this user id");
return false;
}
}
$res = AuthService::logUser($data["user_id"], $data["user_pwd"], false, false, -1);
if ($res > 0) {
$this->logDebug(__FUNCTION__, "Success");
if ($checkNonce) {
$keys[$userId] = $tokenInc;
$this->storeLastKeys($keys);
}
$loggedUser = AuthService::getLoggedUser();
$force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if (isset($httpVars["tmp_repository_id"])) {
$passId = $httpVars["tmp_repository_id"];
} else {
if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
}
ConfService::switchUserToActiveRepository($loggedUser, $passId);
return true;
}
$this->logDebug(__FUNCTION__, "Wrong result " . $res);
return false;
}
public function processUserAccessPoint($action, $httpVars, $fileVars)
{
switch ($action) {
case "user_access_point":
$setUrl = ConfService::getCoreConf("SERVER_URL");
$realUri = "/";
if (!empty($setUrl)) {
$realUri = parse_url(ConfService::getCoreConf("SERVER_URL"), PHP_URL_PATH);
}
$requestURI = str_replace("//", "/", $_SERVER["REQUEST_URI"]);
$uri = trim(str_replace(rtrim($realUri, "/") . "/user", "", $requestURI), "/");
$uriParts = explode("/", $uri);
$action = array_shift($uriParts);
try {
$this->processSubAction($action, $uriParts);
$_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array("REBASE" => "../../", "USER_GUI_ACTION" => $action);
} catch (Exception $e) {
$_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array("ALERT" => $e->getMessage());
}
AJXP_Controller::findActionAndApply("get_boot_gui", array(), array());
unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']);
break;
case "reset-password-ask":
// This is a reset password request, generate a token and store it.
// Find user by id
if (AuthService::userExists($httpVars["email"])) {
// Send email
$userObject = ConfService::getConfStorageImpl()->createUserObject($httpVars["email"]);
$email = $userObject->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, "");
if (!empty($email)) {
$uuid = AJXP_Utils::generateRandomString(48);
ConfService::getConfStorageImpl()->saveTemporaryKey("password-reset", $uuid, AJXP_Utils::decodeSecureMagic($httpVars["email"]), array());
$mailer = AJXP_PluginsService::getInstance()->getUniqueActivePluginForType("mailer");
if ($mailer !== false) {
$mess = ConfService::getMessages();
$link = AJXP_Utils::detectServerURL() . "/user/reset-password/" . $uuid;
$mailer->sendMail(array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"{$link}\">{$link}</a>");
} else {
echo 'ERROR: There is no mailer configured, please contact your administrator';
}
}
}
// Prune existing expired tokens
ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20);
echo "SUCCESS";
break;
case "reset-password":
ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20);
// This is a reset password
if (isset($httpVars["key"]) && isset($httpVars["user_id"])) {
$key = ConfService::getConfStorageImpl()->loadTemporaryKey("password-reset", $httpVars["key"]);
ConfService::getConfStorageImpl()->deleteTemporaryKey("password-reset", $httpVars["key"]);
$uId = $httpVars["user_id"];
if (AuthService::ignoreUserCase()) {
$uId = strtolower($uId);
}
if ($key != null && strtolower($key["user_id"]) == $uId && AuthService::userExists($uId)) {
AuthService::updatePassword($key["user_id"], $httpVars["new_pass"]);
} else {
echo 'PASS_ERROR';
break;
}
}
AuthService::disconnect();
echo 'SUCCESS';
break;
default:
break;
}
}
/**
* @param String $pluginId
* @param String $options
*/
public function _savePluginConfig($pluginId, $options)
{
$jsonData = CoreConfLoader::getBootstrapConf();
if (!is_array($jsonData)) {
$jsonData = array();
}
$jsonData[$pluginId] = $options;
if ($pluginId == "core.conf" || $pluginId == "core.auth" || $pluginId == "core.cache") {
$testKey = $pluginId == "core.conf" || $pluginId == "core.cache" ? "UNIQUE_INSTANCE_CONFIG" : "MASTER_INSTANCE_CONFIG";
$current = array();
$this->_loadPluginConfig($pluginId, $current);
if (isset($current[$testKey]["instance_name"]) && $current[$testKey]["instance_name"] != $options[$testKey]["instance_name"]) {
$forceDisconnexion = $pluginId;
}
}
CoreConfLoader::saveBootstrapConf($jsonData);
if (isset($forceDisconnexion)) {
if ($pluginId == "core.conf") {
// DISCONNECT
AuthService::disconnect();
} else {
if ($pluginId == "core.auth") {
// DELETE admin_counted file and DISCONNECT
@unlink(AJXP_CACHE_DIR . "/admin_counted");
}
}
}
}
/**
* Loader used by the generic loader.
* @param string $hash
*/
public static function loadShareByHash($hash)
{
AJXP_Logger::debug(__CLASS__, __FUNCTION__, "Do something");
AJXP_PluginsService::getInstance()->initActivePlugins();
if (isset($_GET["lang"])) {
ConfService::setLanguage($_GET["lang"]);
}
$shareCenter = self::getShareCenter();
$data = $shareCenter->getShareStore()->loadShare($hash);
$mess = ConfService::getMessages();
if ($shareCenter->getShareStore()->isShareExpired($hash, $data)) {
AuthService::disconnect();
self::loadMinisite($data, $hash, $mess["share_center.165"]);
return;
}
if (!empty($data) && is_array($data)) {
if (isset($data["SECURITY_MODIFIED"]) && $data["SECURITY_MODIFIED"] === true) {
header("HTTP/1.0 401 Not allowed, script was modified");
exit;
}
if ($data["SHARE_TYPE"] == "minisite") {
self::loadMinisite($data, $hash);
} else {
self::loadPubliclet($data);
}
} else {
$setUrl = ConfService::getCoreConf("SERVER_URL");
$data = array();
if (!empty($setUrl)) {
$data["AJXP_APPLICATION_BASE"] = $setUrl;
}
self::loadMinisite($data, $hash, $mess["share_center.166"]);
}
}
function tryToLogUser(&$httpVars, $isLast = false)
{
$checkNonce = $this->pluginConf["CHECK_NONCE"] === true;
$token = $this->detectVar($httpVars, "cyphered_token");
$tokenInc = $this->detectVar($httpVars, "cyphered_token_inc");
if (empty($token) || $checkNonce && empty($tokenInc)) {
return false;
}
if (!$checkNonce) {
$decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"], $token);
} else {
$decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"] . ":" . $tokenInc, $token);
}
if ($decoded == null) {
return false;
}
$data = unserialize($decoded);
if (empty($data) || !is_array($data) || !isset($data["user_id"]) || !isset($data["user_pwd"])) {
$this->logDebug(__FUNCTION__, "Cyphered Token found but wrong deserizalized data");
return false;
}
if (AuthService::getLoggedUser() != null) {
$currentUser = AuthService::getLoggedUser()->getId();
if ($currentUser != $data["user_id"]) {
AuthService::disconnect();
}
}
$this->logDebug(__FUNCTION__, "Trying to log user " . $data["user_id"] . " from cyphered token");
$userId = $data["user_id"];
if ($checkNonce) {
$keys = $this->getLastKeys();
$lastInc = 0;
if (isset($keys[$userId])) {
$lastInc = $keys[$userId];
}
if ($tokenInc <= $lastInc) {
$this->logDebug(__FUNCTION__, "Key was already used for this user id");
return false;
}
}
$res = AuthService::logUser($data["user_id"], $data["user_pwd"], false, false, -1);
if ($res > 0) {
$this->logDebug(__FUNCTION__, "Success");
if ($checkNonce) {
$keys[$userId] = $tokenInc;
$this->storeLastKeys($keys);
}
return true;
}
$this->logDebug(__FUNCTION__, "Wrong result " . $res);
return false;
}
function logOutCAS($action, $httpVars, $fileVars)
{
switch ($action) {
case "logout":
if (isset($_SESSION['LOGGED_IN_BY_CAS'])) {
AuthService::disconnect();
$this->loadConfig();
if (!empty($this->pluginConf["LOGOUT_URL"])) {
$this->cas_logoutUrl = trim($this->pluginConf["LOGOUT_URL"]);
} else {
empty($this->pluginConf["CAS_URI"]) ? $logout_default = 'logout' : ($logout_default = '/logout');
$this->cas_logoutUrl = 'https://' . $this->cas_server . ':' . $this->cas_port . $this->cas_uri . '/logout';
}
AJXP_XMLWriter::header("url");
echo $this->cas_logoutUrl;
AJXP_XMLWriter::close("url");
session_unset();
session_destroy();
} else {
AuthService::disconnect();
AJXP_XMLWriter::header("url");
echo "#";
AJXP_XMLWriter::close("url");
session_unset();
session_destroy();
}
break;
default:
break;
}
}
function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
// Force legacy theme for the moment
$this->pluginConf["GUI_THEME"] = "oxygen";
}
if (!defined("AJXP_THEME_FOLDER")) {
define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res");
define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]);
}
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
if (isset($dir) && $action != "upload") {
$dir = SystemTextEncoding::fromUTF8($dir);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// GET AN HTML TEMPLATE
//------------------------------------
case "get_template":
HTMLWriter::charsetHeader();
$folder = CLIENT_RESOURCES_FOLDER . "/html";
if (isset($httpVars["pluginName"])) {
$folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]);
if (isset($httpVars["pluginPath"])) {
$folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]);
}
}
$crtTheme = $this->pluginConf["GUI_THEME"];
$thFolder = AJXP_THEME_FOLDER . "/html";
if (isset($template_name)) {
if (is_file($thFolder . "/" . $template_name)) {
include $thFolder . "/" . $template_name;
} else {
if (is_file($folder . "/" . $template_name)) {
include $folder . "/" . $template_name;
}
}
}
break;
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
case "get_i18n_messages":
$refresh = false;
if (isset($httpVars["lang"])) {
ConfService::setLanguage($httpVars["lang"]);
$refresh = true;
}
HTMLWriter::charsetHeader('text/javascript');
HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh));
break;
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
case "get_xml_registry":
$regDoc = AJXP_PluginsService::getXmlRegistry();
$changes = AJXP_Controller::filterActionsRegistry($regDoc);
if ($changes) {
AJXP_PluginsService::updateXmlRegistry($regDoc);
}
if (isset($_GET["xPath"])) {
$regPath = new DOMXPath($regDoc);
$nodes = $regPath->query($_GET["xPath"]);
AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"]));
if ($nodes->length) {
print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML($nodes->item(0)));
}
AJXP_XMLWriter::close("ajxp_registry_part");
} else {
AJXP_Utils::safeIniSet("zlib.output_compression", "4096");
header('Content-Type: application/xml; charset=UTF-8');
print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML());
}
break;
//------------------------------------
// DISPLAY DOC
//------------------------------------
//------------------------------------
// DISPLAY DOC
//------------------------------------
case "display_doc":
HTMLWriter::charsetHeader();
echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($_GET["doc_file"])));
break;
//------------------------------------
// GET BOOT GUI
//------------------------------------
//------------------------------------
// GET BOOT GUI
//------------------------------------
case "get_boot_gui":
header("X-UA-Compatible: chrome=1");
HTMLWriter::charsetHeader();
if (!is_file(TESTS_RESULT_FILE)) {
$outputArray = array();
$testedParams = array();
$passed = AJXP_Utils::runTests($outputArray, $testedParams);
if (!$passed && !isset($_GET["ignore_tests"])) {
die(AJXP_Utils::testResultsToTable($outputArray, $testedParams));
} else {
AJXP_Utils::testResultsToFile($outputArray, $testedParams);
}
}
$START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop");
if (AuthService::usersEnabled()) {
AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : "");
AuthService::bootSequence($START_PARAMETERS);
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
if (AuthService::getDefaultRootId() == -1) {
AuthService::disconnect();
} else {
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) && AuthService::getDefaultRootId() != ConfService::getCurrentRootDirIndex()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
}
}
AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION);
$confErrors = ConfService::getErrors();
if (count($confErrors)) {
$START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors));
}
$JSON_START_PARAMETERS = json_encode($START_PARAMETERS);
$crtTheme = $this->pluginConf["GUI_THEME"];
if (ConfService::getConf("JS_DEBUG")) {
if (!isset($mess)) {
$mess = ConfService::getMessages();
}
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html";
} else {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html";
}
} else {
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html");
} else {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html");
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
$content = str_replace("ajaxplorer_boot.js", "ajaxplorer_boot_protolegacy.js", $content);
}
$content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false);
if ($JSON_START_PARAMETERS) {
$content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content);
}
print $content;
}
break;
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
case "get_boot_conf":
if (isset($_GET["server_prefix_uri"])) {
$_SESSION["AJXP_SERVER_PREFIX_URI"] = $_GET["server_prefix_uri"];
}
$config = array();
$config["ajxpResourcesFolder"] = "plugins/gui.ajax/res";
$config["ajxpServerAccess"] = AJXP_SERVER_ACCESS;
$config["zipEnabled"] = ConfService::zipEnabled();
$config["multipleFilesDownloadEnabled"] = ConfService::getCoreConf("ZIP_CREATION");
$config["customWording"] = array("welcomeMessage" => $this->pluginConf["CUSTOM_WELCOME_MESSAGE"], "title" => ConfService::getCoreConf("APPLICATION_TITLE"), "icon" => $this->pluginConf["CUSTOM_ICON"], "iconWidth" => $this->pluginConf["CUSTOM_ICON_WIDTH"], "iconHeight" => $this->pluginConf["CUSTOM_ICON_HEIGHT"], "iconOnly" => $this->pluginConf["CUSTOM_ICON_ONLY"], "titleFontSize" => $this->pluginConf["CUSTOM_FONT_SIZE"]);
$config["usersEnabled"] = AuthService::usersEnabled();
$config["loggedUser"] = AuthService::getLoggedUser() != null;
$config["currentLanguage"] = ConfService::getLanguage();
$config["session_timeout"] = intval(ini_get("session.gc_maxlifetime"));
if (!isset($this->pluginConf["CLIENT_TIMEOUT_TIME"]) || $this->pluginConf["CLIENT_TIMEOUT_TIME"] == "") {
$to = $config["session_timeout"];
} else {
$to = $this->pluginConf["CLIENT_TIMEOUT_TIME"];
}
$config["client_timeout"] = $to;
$config["client_timeout_warning"] = $this->pluginConf["CLIENT_TIMEOUT_WARN"];
$config["availableLanguages"] = ConfService::getConf("AVAILABLE_LANG");
$config["usersEditable"] = ConfService::getAuthDriverImpl()->usersEditable();
$config["ajxpVersion"] = AJXP_VERSION;
$config["ajxpVersionDate"] = AJXP_VERSION_DATE;
if (stristr($_SERVER["HTTP_USER_AGENT"], "msie 6")) {
$config["cssResources"] = array("css/pngHack/pngHack.css");
}
if (!empty($this->pluginConf['GOOGLE_ANALYTICS_ID'])) {
$config["googleAnalyticsData"] = array("id" => $this->pluginConf['GOOGLE_ANALYTICS_ID'], "domain" => $this->pluginConf['GOOGLE_ANALYTICS_DOMAIN'], "event" => $this->pluginConf['GOOGLE_ANALYTICS_EVENT']);
}
$config["i18nMessages"] = ConfService::getMessages();
$config["password_min_length"] = ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth");
$config["SECURE_TOKEN"] = AuthService::generateSecureToken();
$config["streaming_supported"] = "true";
$config["theme"] = $this->pluginConf["GUI_THEME"];
header("Content-type:application/json;charset=UTF-8");
print json_encode($config);
break;
default:
break;
}
return false;
}
public static function loadMinisite($data, $hash = '', $error = null)
{
if (isset($data["SECURITY_MODIFIED"]) && $data["SECURITY_MODIFIED"] === true) {
$mess = ConfService::getMessages();
$error = $mess['share_center.164'];
}
$repository = $data["REPOSITORY"];
AJXP_PluginsService::getInstance()->initActivePlugins();
$shareCenter = AJXP_PluginsService::findPlugin("action", "share");
$confs = $shareCenter->getConfigs();
$minisiteLogo = "plugins/gui.ajax/PydioLogo250.png";
if (!empty($confs["CUSTOM_MINISITE_LOGO"])) {
$logoPath = $confs["CUSTOM_MINISITE_LOGO"];
if (strpos($logoPath, "plugins/") === 0 && is_file(AJXP_INSTALL_PATH . "/" . $logoPath)) {
$minisiteLogo = $logoPath;
} else {
$minisiteLogo = "index_shared.php?get_action=get_global_binary_param&binary_id=" . $logoPath;
}
}
// Default value
if (isset($data["AJXP_TEMPLATE_NAME"])) {
$templateName = $data["AJXP_TEMPLATE_NAME"];
if ($templateName == "ajxp_film_strip" && AJXP_Utils::userAgentIsMobile()) {
$templateName = "ajxp_shared_folder";
}
}
if (isset($repository)) {
$repoObject = ConfService::getRepositoryById($repository);
if (!is_object($repoObject)) {
$mess = ConfService::getMessages();
$error = $mess["share_center.166"];
$templateName = "ajxp_unique_strip";
$repoObject = null;
}
}
if (!isset($templateName) && isset($repoObject)) {
$filter = $repoObject->getContentFilter();
if (!empty($filter) && count($filter->virtualPaths) == 1) {
$templateName = "ajxp_unique_strip";
} else {
$templateName = "ajxp_shared_folder";
}
}
if (!isset($templateName) && isset($error)) {
$templateName = "ajxp_unique_strip";
}
// UPDATE TEMPLATE
$html = file_get_contents(AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/action.share/res/minisite.php");
AJXP_Controller::applyHook("tpl.filter_html", array(&$html));
$html = AJXP_XMLWriter::replaceAjxpXmlKeywords($html);
$html = str_replace("AJXP_MINISITE_LOGO", $minisiteLogo, $html);
$html = str_replace("AJXP_APPLICATION_TITLE", ConfService::getCoreConf("APPLICATION_TITLE"), $html);
$html = str_replace("PYDIO_APP_TITLE", ConfService::getCoreConf("APPLICATION_TITLE"), $html);
if (isset($repository) && isset($repoObject)) {
$html = str_replace("AJXP_START_REPOSITORY", $repository, $html);
$html = str_replace("AJXP_REPOSITORY_LABEL", ConfService::getRepositoryById($repository)->getDisplay(), $html);
}
$html = str_replace('AJXP_HASH_LOAD_ERROR', isset($error) ? $error : '', $html);
$html = str_replace("AJXP_TEMPLATE_NAME", $templateName, $html);
$html = str_replace("AJXP_LINK_HASH", $hash, $html);
$guiConfigs = AJXP_PluginsService::findPluginById("gui.ajax")->getConfigs();
$html = str_replace("AJXP_THEME", $guiConfigs["GUI_THEME"], $html);
if (isset($_GET["dl"]) && isset($_GET["file"])) {
AuthService::$useSession = false;
} else {
session_name("AjaXplorer_Shared" . str_replace(".", "_", $hash));
session_start();
AuthService::disconnect();
}
if (!empty($data["PRELOG_USER"])) {
AuthService::logUser($data["PRELOG_USER"], "", true);
$html = str_replace("AJXP_PRELOGED_USER", "ajxp_preloged_user", $html);
} else {
if (isset($data["PRESET_LOGIN"])) {
$_SESSION["PENDING_REPOSITORY_ID"] = $repository;
$_SESSION["PENDING_FOLDER"] = "/";
$html = str_replace("AJXP_PRELOGED_USER", $data["PRESET_LOGIN"], $html);
} else {
$html = str_replace("AJXP_PRELOGED_USER", "ajxp_legacy_minisite", $html);
}
}
if (isset($hash)) {
$_SESSION["CURRENT_MINISITE"] = $hash;
}
if (isset($_GET["dl"]) && isset($_GET["file"]) && (!isset($data["DOWNLOAD_DISABLED"]) || $data["DOWNLOAD_DISABLED"] === false)) {
ConfService::switchRootDir($repository);
ConfService::loadRepositoryDriver();
AJXP_PluginsService::deferBuildingRegistry();
AJXP_PluginsService::getInstance()->initActivePlugins();
AJXP_PluginsService::flushDeferredRegistryBuilding();
$errMessage = null;
try {
$params = $_GET;
$ACTION = "download";
if (isset($_GET["ct"])) {
$mime = pathinfo($params["file"], PATHINFO_EXTENSION);
$editors = AJXP_PluginsService::searchAllManifests("//editor[contains(@mimes,'{$mime}') and @previewProvider='true']", "node", true, true, false);
if (count($editors)) {
foreach ($editors as $editor) {
$xPath = new DOMXPath($editor->ownerDocument);
$callbacks = $xPath->query("//action[@contentTypedProvider]", $editor);
if ($callbacks->length) {
$ACTION = $callbacks->item(0)->getAttribute("name");
if ($ACTION == "audio_proxy") {
$params["file"] = "base64encoded:" . base64_encode($params["file"]);
}
break;
}
}
}
}
AJXP_Controller::registryReset();
AJXP_Controller::findActionAndApply($ACTION, $params, null);
} catch (Exception $e) {
$errMessage = $e->getMessage();
}
if ($errMessage == null) {
return;
}
$html = str_replace('AJXP_HASH_LOAD_ERROR', $errMessage, $html);
}
if (isset($_GET["lang"])) {
$loggedUser =& AuthService::getLoggedUser();
if ($loggedUser != null) {
$loggedUser->setPref("lang", $_GET["lang"]);
} else {
setcookie("AJXP_lang", $_GET["lang"]);
}
}
if (!empty($data["AJXP_APPLICATION_BASE"])) {
$tPath = $data["AJXP_APPLICATION_BASE"];
} else {
$tPath = !empty($data["TRAVEL_PATH_TO_ROOT"]) ? $data["TRAVEL_PATH_TO_ROOT"] : "../..";
}
$serverBaseUrl = AJXP_Utils::detectServerURL(true);
// Update Host dynamically if it differ from registered one.
$registeredHost = parse_url($tPath, PHP_URL_HOST);
$currentHost = parse_url($serverBaseUrl, PHP_URL_HOST);
if ($registeredHost != $currentHost) {
$tPath = str_replace($registeredHost, $currentHost, $tPath);
}
// Update scheme dynamically if it differ from registered one.
$registeredScheme = parse_url($tPath, PHP_URL_SCHEME);
$currentScheme = parse_url($serverBaseUrl, PHP_URL_SCHEME);
if ($registeredScheme != $currentScheme) {
$tPath = str_replace($registeredScheme . "://", $currentScheme . "://", $tPath);
}
$html = str_replace("AJXP_PATH_TO_ROOT", rtrim($tPath, "/") . "/", $html);
HTMLWriter::internetExplorerMainDocumentHeader();
HTMLWriter::charsetHeader();
echo $html;
}
public function switchAction($action, $httpVars, $fileVars)
{
if (!defined("AJXP_THEME_FOLDER")) {
define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res");
define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]);
}
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// GET AN HTML TEMPLATE
//------------------------------------
case "get_template":
HTMLWriter::charsetHeader();
$folder = CLIENT_RESOURCES_FOLDER . "/html";
if (isset($httpVars["pluginName"])) {
$folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]);
if (isset($httpVars["pluginPath"])) {
$folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]);
}
}
$thFolder = AJXP_THEME_FOLDER . "/html";
if (isset($template_name)) {
if (is_file($thFolder . "/" . $template_name)) {
include $thFolder . "/" . $template_name;
} else {
if (is_file($folder . "/" . $template_name)) {
include $folder . "/" . $template_name;
}
}
}
break;
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
case "get_i18n_messages":
$refresh = false;
if (isset($httpVars["lang"])) {
ConfService::setLanguage($httpVars["lang"]);
$refresh = true;
}
if (isset($httpVars["format"]) && $httpVars["format"] == "json") {
HTMLWriter::charsetHeader("application/json");
echo json_encode(ConfService::getMessages($refresh));
} else {
HTMLWriter::charsetHeader('text/javascript');
HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh));
}
break;
//------------------------------------
// DISPLAY DOC
//------------------------------------
//------------------------------------
// DISPLAY DOC
//------------------------------------
case "display_doc":
HTMLWriter::charsetHeader();
echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($httpVars["doc_file"])));
break;
//------------------------------------
// GET BOOT GUI
//------------------------------------
//------------------------------------
// GET BOOT GUI
//------------------------------------
case "get_boot_gui":
HTMLWriter::internetExplorerMainDocumentHeader();
HTMLWriter::charsetHeader();
if (!is_file(TESTS_RESULT_FILE)) {
$outputArray = array();
$testedParams = array();
$passed = AJXP_Utils::runTests($outputArray, $testedParams);
if (!$passed && !isset($httpVars["ignore_tests"])) {
AJXP_Utils::testResultsToTable($outputArray, $testedParams);
die;
} else {
AJXP_Utils::testResultsToFile($outputArray, $testedParams);
}
}
$root = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$configUrl = ConfService::getCoreConf("SERVER_URL");
if (!empty($configUrl)) {
$root = '/' . ltrim(parse_url($configUrl, PHP_URL_PATH), '/');
if (strlen($root) > 1) {
$root = rtrim($root, '/') . '/';
}
} else {
preg_match('/ws-(.)*\\/|settings|dashboard|welcome|user/', $root, $matches, PREG_OFFSET_CAPTURE);
if (count($matches)) {
$capture = $matches[0][1];
$root = substr($root, 0, $capture);
}
}
$START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop", "APPLICATION_ROOT" => $root, "REBASE" => $root);
if (AuthService::usersEnabled()) {
AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : "");
AuthService::bootSequence($START_PARAMETERS);
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
if (AuthService::getDefaultRootId() == -1) {
AuthService::disconnect();
} else {
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRepositoryId()) && AuthService::getDefaultRootId() != ConfService::getCurrentRepositoryId()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
}
}
AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION);
$confErrors = ConfService::getErrors();
if (count($confErrors)) {
$START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors));
}
// PRECOMPUTE BOOT CONF
if (!preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) && !preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
$preloadedBootConf = $this->computeBootConf();
AJXP_Controller::applyHook("loader.filter_boot_conf", array(&$preloadedBootConf));
$START_PARAMETERS["PRELOADED_BOOT_CONF"] = $preloadedBootConf;
}
// PRECOMPUTE REGISTRY
if (!isset($START_PARAMETERS["FORCE_REGISTRY_RELOAD"])) {
$clone = ConfService::getFilteredXMLRegistry(true, true);
$clonePath = new DOMXPath($clone);
$serverCallbacks = $clonePath->query("//serverCallback|hooks");
foreach ($serverCallbacks as $callback) {
$callback->parentNode->removeChild($callback);
}
$START_PARAMETERS["PRELOADED_REGISTRY"] = AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML());
}
$JSON_START_PARAMETERS = json_encode($START_PARAMETERS);
$crtTheme = $this->pluginConf["GUI_THEME"];
$additionalFrameworks = $this->getFilteredOption("JS_RESOURCES_BEFORE");
$ADDITIONAL_FRAMEWORKS = "";
if (!empty($additionalFrameworks)) {
$frameworkList = explode(",", $additionalFrameworks);
foreach ($frameworkList as $index => $framework) {
$frameworkList[$index] = '<script language="javascript" type="text/javascript" src="' . $framework . '"></script>' . "\n";
}
$ADDITIONAL_FRAMEWORKS = implode("", $frameworkList);
}
if (ConfService::getConf("JS_DEBUG")) {
if (!isset($mess)) {
$mess = ConfService::getMessages();
}
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html";
} else {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html";
}
} else {
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html");
} else {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html");
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT'])) {
$ADDITIONAL_FRAMEWORKS = "";
}
$content = str_replace("AJXP_ADDITIONAL_JS_FRAMEWORKS", $ADDITIONAL_FRAMEWORKS, $content);
$content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false);
$content = str_replace("AJXP_REBASE", isset($START_PARAMETERS["REBASE"]) ? '<base href="' . $START_PARAMETERS["REBASE"] . '"/>' : "", $content);
if ($JSON_START_PARAMETERS) {
$content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content);
}
print $content;
}
break;
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
case "get_boot_conf":
$out = array();
AJXP_Utils::parseApplicationGetParameters($_GET, $out, $_SESSION);
$config = $this->computeBootConf();
header("Content-type:application/json;charset=UTF-8");
print json_encode($config);
break;
default:
break;
}
return false;
}
function logoutCallback($actionName, $httpVars, $fileVars)
{
$crtUser = $_SESSION["AJXP_SESSION_REMOTE_USER"];
if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) {
unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]);
}
unset($_SESSION["AJXP_SESSION_REMOTE_USER"]);
unset($_SESSION["AJXP_SESSION_REMOTE_PASS"]);
$adminUser = $this->options["ADMIN_USER"];
if ($login != $adminUser && $crtUser != "") {
AJXP_User::deleteUser($crtUser);
}
AuthService::disconnect();
session_write_close();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult(2);
AJXP_XMLWriter::close();
}
public function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
$mess = ConfService::getMessages();
switch ($action) {
case "login":
if (!AuthService::usersEnabled()) {
return;
}
$rememberLogin = "";
$rememberPass = "";
$secureToken = "";
$loggedUser = null;
include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
$loggingResult = -4;
} else {
$userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
$userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
$rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
$cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
$loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
if ($rememberMe && $loggingResult == 1) {
$rememberLogin = "******";
$rememberPass = "******";
$loggedUser = AuthService::getLoggedUser();
}
if ($loggingResult == 1) {
session_regenerate_id(true);
$secureToken = AuthService::generateSecureToken();
}
if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
$loggingResult = -4;
// Force captcha reload
}
}
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if (isset($httpVars["tmp_repository_id"])) {
$passId = $httpVars["tmp_repository_id"];
} else {
if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
}
$res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
if (!$res) {
AuthService::disconnect();
$loggingResult = -3;
}
}
if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
AuthService::refreshRememberCookie($loggedUser);
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
AJXP_XMLWriter::close();
break;
//------------------------------------
// CHANGE USER PASSWORD
//------------------------------------
//------------------------------------
// CHANGE USER PASSWORD
//------------------------------------
case "pass_change":
$userObject = AuthService::getLoggedUser();
if ($userObject == null || $userObject->getId() == "guest") {
header("Content-Type:text/plain");
print "SUCCESS";
break;
}
$oldPass = $httpVars["old_pass"];
$newPass = $httpVars["new_pass"];
$passSeed = $httpVars["pass_seed"];
if (strlen($newPass) < ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth")) {
header("Content-Type:text/plain");
print "PASS_ERROR";
break;
}
if (AuthService::checkPassword($userObject->getId(), $oldPass, false, $passSeed)) {
AuthService::updatePassword($userObject->getId(), $newPass);
if ($userObject->getLock() == "pass_change") {
$userObject->removeLock();
$userObject->save("superuser");
}
} else {
header("Content-Type:text/plain");
print "PASS_ERROR";
break;
}
header("Content-Type:text/plain");
print "SUCCESS";
break;
case "logout":
AuthService::disconnect();
$loggingResult = 2;
session_destroy();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, null, null, null);
AJXP_XMLWriter::close();
break;
case "get_seed":
$seed = AuthService::generateSeed();
if (AuthService::suspectBruteForceLogin()) {
HTMLWriter::charsetHeader('application/json');
print json_encode(array("seed" => $seed, "captcha" => true));
} else {
HTMLWriter::charsetHeader("text/plain");
print $seed;
}
//exit(0);
break;
case "get_secure_token":
HTMLWriter::charsetHeader("text/plain");
print AuthService::generateSecureToken();
//exit(0);
break;
case "get_captcha":
include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
CaptchaProvider::sendCaptcha();
//exit(0) ;
break;
case "back":
AJXP_XMLWriter::header("url");
echo AuthService::getLogoutAddress(false);
AJXP_XMLWriter::close("url");
//exit(1);
break;
default:
break;
}
return "";
}
public function postVerificationCode($action, $httpVars, $fileVars)
{
if ($action != "duo_post_verification_code") {
return;
}
$u = AuthService::getLoggedUser();
if ($u == null) {
return;
}
$sigResponse = $httpVars["sig_response"];
require_once $this->getBaseDir() . "/duo_php/duo_web.php";
$appUnique = $this->getFilteredOption("DUO_AUTH_AKEY");
$iKey = $this->getFilteredOption("DUO_AUTH_IKEY");
$sKey = $this->getFilteredOption("DUO_AUTH_SKEY");
$verif = Duo::verifyResponse($iKey, $sKey, $appUnique, $sigResponse);
if ($verif != null && $verif == $u->getId()) {
$u->removeLock();
$u->save("superuser");
$u->recomputeMergedRole();
AuthService::updateUser($u);
ConfService::switchUserToActiveRepository($u);
$force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
$res = ConfService::switchUserToActiveRepository($u, $passId);
if (!$res) {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
} else {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
}
AuthService::logUser(null, null);
// Check that current user can access current repository, try to switch otherwise.
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser == null) {
// Try prelogging user if the session expired but the logging data is in fact still present
// For example, for basic_http auth.
AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : "");
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser == null) {
$requireAuth = true;
}
}
if ($loggedUser != null) {
$res = ConfService::switchUserToActiveRepository($loggedUser, isset($httpVars["tmp_repository_id"]) ? $httpVars["tmp_repository_id"] : "-1");
if (!$res) {
AuthService::disconnect();
$requireAuth = true;
}
}
} else {
AJXP_Logger::debug(ConfService::getCurrentRepositoryId());
}
//Set language
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null && $loggedUser->getPref("lang") != "") {
ConfService::setLanguage($loggedUser->getPref("lang"));
} else {
if (isset($_COOKIE["AJXP_lang"])) {
ConfService::setLanguage($_COOKIE["AJXP_lang"]);
}
}
public function switchAction($action, $httpVars, $fileVars)
{
switch ($action) {
case "logout":
AuthService::disconnect();
$loggingResult = 2;
session_destroy();
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, null, null, null);
AJXP_XMLWriter::close();
break;
case "get_seed":
$seed = AuthService::generateSeed();
if (AuthService::suspectBruteForceLogin()) {
HTMLWriter::charsetHeader('application/json');
print json_encode(array("seed" => $seed, "captcha" => true));
} else {
HTMLWriter::charsetHeader("text/plain");
print $seed;
}
break;
case "get_captcha":
include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
CaptchaProvider::sendCaptcha();
//exit(0) ;
break;
case "back":
AJXP_XMLWriter::header("url");
echo AuthService::getLogoutAddress(false);
AJXP_XMLWriter::close("url");
//exit(1);
break;
default:
break;
}
return "";
}
/**
* @param String $pluginId
* @param String $options
*/
public function _savePluginConfig($pluginId, $options)
{
$jsonPath = $this->getPluginWorkDir(true) . "/bootstrap.json";
$jsonData = AJXP_Utils::loadSerialFile($jsonPath, false, "json");
if (!is_array($jsonData)) {
$jsonData = array();
}
$jsonData[$pluginId] = $options;
if ($pluginId == "core.conf" || $pluginId == "core.auth") {
$testKey = $pluginId == "core.conf" ? "UNIQUE_INSTANCE_CONFIG" : "MASTER_INSTANCE_CONFIG";
$current = array();
$this->_loadPluginConfig($pluginId, $current);
if (isset($current[$testKey]["instance_name"]) && $current[$testKey]["instance_name"] != $options[$testKey]["instance_name"]) {
$forceDisconnexion = $pluginId;
}
}
if (file_exists($jsonPath)) {
copy($jsonPath, $jsonPath . ".bak");
}
AJXP_Utils::saveSerialFile($jsonPath, $jsonData, true, false, "json", true);
if (isset($forceDisconnexion)) {
if ($pluginId == "core.conf") {
// DISCONNECT
AuthService::disconnect();
} else {
if ($pluginId == "core.auth") {
// DELETE admin_counted file and DISCONNECT
@unlink(AJXP_CACHE_DIR . "/admin_counted");
}
}
}
}
public function switchAction($action, $httpVars, $fileVars)
{
if (!isset($this->actions[$action])) {
return;
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT'])) {
// Force legacy theme for the moment
$this->pluginConf["GUI_THEME"] = "oxygen";
}
if (!defined("AJXP_THEME_FOLDER")) {
define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res");
define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]);
}
foreach ($httpVars as $getName => $getValue) {
${$getName} = AJXP_Utils::securePath($getValue);
}
if (isset($dir) && $action != "upload") {
$dir = SystemTextEncoding::fromUTF8($dir);
}
$mess = ConfService::getMessages();
switch ($action) {
//------------------------------------
// GET AN HTML TEMPLATE
//------------------------------------
case "get_template":
HTMLWriter::charsetHeader();
$folder = CLIENT_RESOURCES_FOLDER . "/html";
if (isset($httpVars["pluginName"])) {
$folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]);
if (isset($httpVars["pluginPath"])) {
$folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]);
}
}
$crtTheme = $this->pluginConf["GUI_THEME"];
$thFolder = AJXP_THEME_FOLDER . "/html";
if (isset($template_name)) {
if (is_file($thFolder . "/" . $template_name)) {
include $thFolder . "/" . $template_name;
} else {
if (is_file($folder . "/" . $template_name)) {
include $folder . "/" . $template_name;
}
}
}
break;
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
//------------------------------------
// GET I18N MESSAGES
//------------------------------------
case "get_i18n_messages":
$refresh = false;
if (isset($httpVars["lang"])) {
ConfService::setLanguage($httpVars["lang"]);
$refresh = true;
}
HTMLWriter::charsetHeader('text/javascript');
HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh));
break;
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
//------------------------------------
// SEND XML REGISTRY
//------------------------------------
case "get_xml_registry":
$regDoc = AJXP_PluginsService::getXmlRegistry();
$changes = AJXP_Controller::filterRegistryFromRole($regDoc);
if ($changes) {
AJXP_PluginsService::updateXmlRegistry($regDoc);
}
$clone = $regDoc->cloneNode(true);
$clonePath = new DOMXPath($clone);
$serverCallbacks = $clonePath->query("//serverCallback|hooks");
foreach ($serverCallbacks as $callback) {
$processing = $callback->parentNode->removeChild($callback);
}
if (isset($_GET["xPath"])) {
//$regPath = new DOMXPath($regDoc);
$nodes = $clonePath->query($_GET["xPath"]);
AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"]));
if ($nodes->length) {
print AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML($nodes->item(0)));
}
AJXP_XMLWriter::close("ajxp_registry_part");
} else {
AJXP_Utils::safeIniSet("zlib.output_compression", "4096");
header('Content-Type: application/xml; charset=UTF-8');
print AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML());
}
break;
//------------------------------------
// DISPLAY DOC
//------------------------------------
//------------------------------------
// DISPLAY DOC
//------------------------------------
case "display_doc":
HTMLWriter::charsetHeader();
echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($_GET["doc_file"])));
break;
//------------------------------------
// GET BOOT GUI
//------------------------------------
//------------------------------------
// GET BOOT GUI
//------------------------------------
case "get_boot_gui":
HTMLWriter::internetExplorerMainDocumentHeader();
HTMLWriter::charsetHeader();
if (!is_file(TESTS_RESULT_FILE)) {
$outputArray = array();
$testedParams = array();
$passed = AJXP_Utils::runTests($outputArray, $testedParams);
if (!$passed && !isset($_GET["ignore_tests"])) {
AJXP_Utils::testResultsToTable($outputArray, $testedParams);
die;
} else {
AJXP_Utils::testResultsToFile($outputArray, $testedParams);
}
}
$START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop");
if (AuthService::usersEnabled()) {
AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : "");
AuthService::bootSequence($START_PARAMETERS);
if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) {
if (AuthService::getDefaultRootId() == -1) {
AuthService::disconnect();
} else {
$loggedUser = AuthService::getLoggedUser();
if (!$loggedUser->canRead(ConfService::getCurrentRepositoryId()) && AuthService::getDefaultRootId() != ConfService::getCurrentRepositoryId()) {
ConfService::switchRootDir(AuthService::getDefaultRootId());
}
}
}
}
AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION);
$confErrors = ConfService::getErrors();
if (count($confErrors)) {
$START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors));
}
// PRECOMPUTE BOOT CONF
if (!preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) && !preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
$START_PARAMETERS["PRELOADED_BOOT_CONF"] = $this->computeBootConf();
}
// PRECOMPUTE REGISTRY
if (!isset($START_PARAMETERS["FORCE_REGISTRY_RELOAD"])) {
$regDoc = AJXP_PluginsService::getXmlRegistry();
$changes = AJXP_Controller::filterRegistryFromRole($regDoc);
if ($changes) {
AJXP_PluginsService::updateXmlRegistry($regDoc);
}
$clone = $regDoc->cloneNode(true);
$clonePath = new DOMXPath($clone);
$serverCallbacks = $clonePath->query("//serverCallback|hooks");
foreach ($serverCallbacks as $callback) {
$callback->parentNode->removeChild($callback);
}
$START_PARAMETERS["PRELOADED_REGISTRY"] = AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML());
}
$JSON_START_PARAMETERS = json_encode($START_PARAMETERS);
$crtTheme = $this->pluginConf["GUI_THEME"];
if (ConfService::getConf("JS_DEBUG")) {
if (!isset($mess)) {
$mess = ConfService::getMessages();
}
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html";
} else {
include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html";
}
} else {
if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html");
} else {
$content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html");
}
if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) {
$content = str_replace("ajaxplorer_boot.js", "ajaxplorer_boot_protolegacy.js", $content);
}
$content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false);
$content = str_replace("AJXP_REBASE", isset($START_PARAMETERS["REBASE"]) ? '<base href="' . $START_PARAMETERS["REBASE"] . '"/>' : "", $content);
if ($JSON_START_PARAMETERS) {
$content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content);
}
print $content;
}
break;
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
//------------------------------------
// GET CONFIG FOR BOOT
//------------------------------------
case "get_boot_conf":
$out = array();
AJXP_Utils::parseApplicationGetParameters($_GET, $out, $_SESSION);
$config = $this->computeBootConf();
header("Content-type:application/json;charset=UTF-8");
print json_encode($config);
break;
default:
break;
}
return false;
}
