public function toggleDisclaimer($actionName, $httpVars, $fileVars) { $u = AuthService::getLoggedUser(); $u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL); if ($httpVars["validate"] == "true") { $u->removeLock(); $u->save("superuser"); AuthService::updateUser($u); ConfService::switchUserToActiveRepository($u); $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } $res = ConfService::switchUserToActiveRepository($u, $passId); if (!$res) { AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } ConfService::getInstance()->invalidateLoadedRepositories(); } else { $u->setLock("validate_disclaimer"); $u->save("superuser"); AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); unset($_SESSION["COUNT"]); unset($_SESSION["disk"]); AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); foreach ($_SESSION as $key => $val) { if (substr($key, -4) === "disk" && substr($key, 0, 4) == "smb_") { unset($_SESSION[$key]); } } AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { $safeCredentials = AJXP_Safe::loadCredentials(); $crtUser = $safeCredentials["user"]; if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) { unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]); } AJXP_Safe::clearCredentials(); $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; if (isset($this->options["ADMIN_USER"])) { $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; } $subUsers = array(); if ($crtUser != $adminUser && $crtUser != "") { ConfService::getConfStorageImpl()->deleteUser($crtUser, $subUsers); } AuthService::disconnect(); session_destroy(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
function tryToLogUser(&$httpVars, $isLast = false) { $checkNonce = $this->pluginConf["CHECK_NONCE"] === true; $token = $this->detectVar($httpVars, "cyphered_token"); $tokenInc = $this->detectVar($httpVars, "cyphered_token_inc"); if (empty($token) || $checkNonce && empty($tokenInc)) { return false; } if (!$checkNonce) { $decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"], $token); } else { $decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"] . ":" . $tokenInc, $token); } if ($decoded == null) { return false; } $data = unserialize($decoded); if (empty($data) || !is_array($data) || !isset($data["user_id"]) || !isset($data["user_pwd"])) { $this->logDebug(__FUNCTION__, "Cyphered Token found but wrong deserizalized data"); return false; } if (AuthService::getLoggedUser() != null) { $currentUser = AuthService::getLoggedUser()->getId(); if ($currentUser != $data["user_id"]) { AuthService::disconnect(); } } $this->logDebug(__FUNCTION__, "Trying to log user " . $data["user_id"] . " from cyphered token"); $userId = $data["user_id"]; if ($checkNonce) { $keys = $this->getLastKeys(); $lastInc = 0; if (isset($keys[$userId])) { $lastInc = $keys[$userId]; } if ($tokenInc <= $lastInc) { $this->logDebug(__FUNCTION__, "Key was already used for this user id"); return false; } } $res = AuthService::logUser($data["user_id"], $data["user_pwd"], false, false, -1); if ($res > 0) { $this->logDebug(__FUNCTION__, "Success"); if ($checkNonce) { $keys[$userId] = $tokenInc; $this->storeLastKeys($keys); } $loggedUser = AuthService::getLoggedUser(); $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if (isset($httpVars["tmp_repository_id"])) { $passId = $httpVars["tmp_repository_id"]; } else { if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } } ConfService::switchUserToActiveRepository($loggedUser, $passId); return true; } $this->logDebug(__FUNCTION__, "Wrong result " . $res); return false; }
public function processUserAccessPoint($action, $httpVars, $fileVars) { switch ($action) { case "user_access_point": $setUrl = ConfService::getCoreConf("SERVER_URL"); $realUri = "/"; if (!empty($setUrl)) { $realUri = parse_url(ConfService::getCoreConf("SERVER_URL"), PHP_URL_PATH); } $requestURI = str_replace("//", "/", $_SERVER["REQUEST_URI"]); $uri = trim(str_replace(rtrim($realUri, "/") . "/user", "", $requestURI), "/"); $uriParts = explode("/", $uri); $action = array_shift($uriParts); try { $this->processSubAction($action, $uriParts); $_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array("REBASE" => "../../", "USER_GUI_ACTION" => $action); } catch (Exception $e) { $_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array("ALERT" => $e->getMessage()); } AJXP_Controller::findActionAndApply("get_boot_gui", array(), array()); unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']); break; case "reset-password-ask": // This is a reset password request, generate a token and store it. // Find user by id if (AuthService::userExists($httpVars["email"])) { // Send email $userObject = ConfService::getConfStorageImpl()->createUserObject($httpVars["email"]); $email = $userObject->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, ""); if (!empty($email)) { $uuid = AJXP_Utils::generateRandomString(48); ConfService::getConfStorageImpl()->saveTemporaryKey("password-reset", $uuid, AJXP_Utils::decodeSecureMagic($httpVars["email"]), array()); $mailer = AJXP_PluginsService::getInstance()->getUniqueActivePluginForType("mailer"); if ($mailer !== false) { $mess = ConfService::getMessages(); $link = AJXP_Utils::detectServerURL() . "/user/reset-password/" . $uuid; $mailer->sendMail(array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"{$link}\">{$link}</a>"); } else { echo 'ERROR: There is no mailer configured, please contact your administrator'; } } } // Prune existing expired tokens ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20); echo "SUCCESS"; break; case "reset-password": ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20); // This is a reset password if (isset($httpVars["key"]) && isset($httpVars["user_id"])) { $key = ConfService::getConfStorageImpl()->loadTemporaryKey("password-reset", $httpVars["key"]); ConfService::getConfStorageImpl()->deleteTemporaryKey("password-reset", $httpVars["key"]); $uId = $httpVars["user_id"]; if (AuthService::ignoreUserCase()) { $uId = strtolower($uId); } if ($key != null && strtolower($key["user_id"]) == $uId && AuthService::userExists($uId)) { AuthService::updatePassword($key["user_id"], $httpVars["new_pass"]); } else { echo 'PASS_ERROR'; break; } } AuthService::disconnect(); echo 'SUCCESS'; break; default: break; } }
/** * @param String $pluginId * @param String $options */ public function _savePluginConfig($pluginId, $options) { $jsonData = CoreConfLoader::getBootstrapConf(); if (!is_array($jsonData)) { $jsonData = array(); } $jsonData[$pluginId] = $options; if ($pluginId == "core.conf" || $pluginId == "core.auth" || $pluginId == "core.cache") { $testKey = $pluginId == "core.conf" || $pluginId == "core.cache" ? "UNIQUE_INSTANCE_CONFIG" : "MASTER_INSTANCE_CONFIG"; $current = array(); $this->_loadPluginConfig($pluginId, $current); if (isset($current[$testKey]["instance_name"]) && $current[$testKey]["instance_name"] != $options[$testKey]["instance_name"]) { $forceDisconnexion = $pluginId; } } CoreConfLoader::saveBootstrapConf($jsonData); if (isset($forceDisconnexion)) { if ($pluginId == "core.conf") { // DISCONNECT AuthService::disconnect(); } else { if ($pluginId == "core.auth") { // DELETE admin_counted file and DISCONNECT @unlink(AJXP_CACHE_DIR . "/admin_counted"); } } } }
/** * Loader used by the generic loader. * @param string $hash */ public static function loadShareByHash($hash) { AJXP_Logger::debug(__CLASS__, __FUNCTION__, "Do something"); AJXP_PluginsService::getInstance()->initActivePlugins(); if (isset($_GET["lang"])) { ConfService::setLanguage($_GET["lang"]); } $shareCenter = self::getShareCenter(); $data = $shareCenter->getShareStore()->loadShare($hash); $mess = ConfService::getMessages(); if ($shareCenter->getShareStore()->isShareExpired($hash, $data)) { AuthService::disconnect(); self::loadMinisite($data, $hash, $mess["share_center.165"]); return; } if (!empty($data) && is_array($data)) { if (isset($data["SECURITY_MODIFIED"]) && $data["SECURITY_MODIFIED"] === true) { header("HTTP/1.0 401 Not allowed, script was modified"); exit; } if ($data["SHARE_TYPE"] == "minisite") { self::loadMinisite($data, $hash); } else { self::loadPubliclet($data); } } else { $setUrl = ConfService::getCoreConf("SERVER_URL"); $data = array(); if (!empty($setUrl)) { $data["AJXP_APPLICATION_BASE"] = $setUrl; } self::loadMinisite($data, $hash, $mess["share_center.166"]); } }
function tryToLogUser(&$httpVars, $isLast = false) { $checkNonce = $this->pluginConf["CHECK_NONCE"] === true; $token = $this->detectVar($httpVars, "cyphered_token"); $tokenInc = $this->detectVar($httpVars, "cyphered_token_inc"); if (empty($token) || $checkNonce && empty($tokenInc)) { return false; } if (!$checkNonce) { $decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"], $token); } else { $decoded = $this->decrypt($this->pluginConf["PRIVATE_KEY"] . ":" . $tokenInc, $token); } if ($decoded == null) { return false; } $data = unserialize($decoded); if (empty($data) || !is_array($data) || !isset($data["user_id"]) || !isset($data["user_pwd"])) { $this->logDebug(__FUNCTION__, "Cyphered Token found but wrong deserizalized data"); return false; } if (AuthService::getLoggedUser() != null) { $currentUser = AuthService::getLoggedUser()->getId(); if ($currentUser != $data["user_id"]) { AuthService::disconnect(); } } $this->logDebug(__FUNCTION__, "Trying to log user " . $data["user_id"] . " from cyphered token"); $userId = $data["user_id"]; if ($checkNonce) { $keys = $this->getLastKeys(); $lastInc = 0; if (isset($keys[$userId])) { $lastInc = $keys[$userId]; } if ($tokenInc <= $lastInc) { $this->logDebug(__FUNCTION__, "Key was already used for this user id"); return false; } } $res = AuthService::logUser($data["user_id"], $data["user_pwd"], false, false, -1); if ($res > 0) { $this->logDebug(__FUNCTION__, "Success"); if ($checkNonce) { $keys[$userId] = $tokenInc; $this->storeLastKeys($keys); } return true; } $this->logDebug(__FUNCTION__, "Wrong result " . $res); return false; }
function logOutCAS($action, $httpVars, $fileVars) { switch ($action) { case "logout": if (isset($_SESSION['LOGGED_IN_BY_CAS'])) { AuthService::disconnect(); $this->loadConfig(); if (!empty($this->pluginConf["LOGOUT_URL"])) { $this->cas_logoutUrl = trim($this->pluginConf["LOGOUT_URL"]); } else { empty($this->pluginConf["CAS_URI"]) ? $logout_default = 'logout' : ($logout_default = '/logout'); $this->cas_logoutUrl = 'https://' . $this->cas_server . ':' . $this->cas_port . $this->cas_uri . '/logout'; } AJXP_XMLWriter::header("url"); echo $this->cas_logoutUrl; AJXP_XMLWriter::close("url"); session_unset(); session_destroy(); } else { AuthService::disconnect(); AJXP_XMLWriter::header("url"); echo "#"; AJXP_XMLWriter::close("url"); session_unset(); session_destroy(); } break; default: break; } }
function switchAction($action, $httpVars, $fileVars) { if (!isset($this->actions[$action])) { return; } if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) { // Force legacy theme for the moment $this->pluginConf["GUI_THEME"] = "oxygen"; } if (!defined("AJXP_THEME_FOLDER")) { define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res"); define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]); } foreach ($httpVars as $getName => $getValue) { ${$getName} = AJXP_Utils::securePath($getValue); } if (isset($dir) && $action != "upload") { $dir = SystemTextEncoding::fromUTF8($dir); } $mess = ConfService::getMessages(); switch ($action) { //------------------------------------ // GET AN HTML TEMPLATE //------------------------------------ case "get_template": HTMLWriter::charsetHeader(); $folder = CLIENT_RESOURCES_FOLDER . "/html"; if (isset($httpVars["pluginName"])) { $folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]); if (isset($httpVars["pluginPath"])) { $folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]); } } $crtTheme = $this->pluginConf["GUI_THEME"]; $thFolder = AJXP_THEME_FOLDER . "/html"; if (isset($template_name)) { if (is_file($thFolder . "/" . $template_name)) { include $thFolder . "/" . $template_name; } else { if (is_file($folder . "/" . $template_name)) { include $folder . "/" . $template_name; } } } break; //------------------------------------ // GET I18N MESSAGES //------------------------------------ //------------------------------------ // GET I18N MESSAGES //------------------------------------ case "get_i18n_messages": $refresh = false; if (isset($httpVars["lang"])) { ConfService::setLanguage($httpVars["lang"]); $refresh = true; } HTMLWriter::charsetHeader('text/javascript'); HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh)); break; //------------------------------------ // SEND XML REGISTRY //------------------------------------ //------------------------------------ // SEND XML REGISTRY //------------------------------------ case "get_xml_registry": $regDoc = AJXP_PluginsService::getXmlRegistry(); $changes = AJXP_Controller::filterActionsRegistry($regDoc); if ($changes) { AJXP_PluginsService::updateXmlRegistry($regDoc); } if (isset($_GET["xPath"])) { $regPath = new DOMXPath($regDoc); $nodes = $regPath->query($_GET["xPath"]); AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"])); if ($nodes->length) { print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML($nodes->item(0))); } AJXP_XMLWriter::close("ajxp_registry_part"); } else { AJXP_Utils::safeIniSet("zlib.output_compression", "4096"); header('Content-Type: application/xml; charset=UTF-8'); print AJXP_XMLWriter::replaceAjxpXmlKeywords($regDoc->saveXML()); } break; //------------------------------------ // DISPLAY DOC //------------------------------------ //------------------------------------ // DISPLAY DOC //------------------------------------ case "display_doc": HTMLWriter::charsetHeader(); echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($_GET["doc_file"]))); break; //------------------------------------ // GET BOOT GUI //------------------------------------ //------------------------------------ // GET BOOT GUI //------------------------------------ case "get_boot_gui": header("X-UA-Compatible: chrome=1"); HTMLWriter::charsetHeader(); if (!is_file(TESTS_RESULT_FILE)) { $outputArray = array(); $testedParams = array(); $passed = AJXP_Utils::runTests($outputArray, $testedParams); if (!$passed && !isset($_GET["ignore_tests"])) { die(AJXP_Utils::testResultsToTable($outputArray, $testedParams)); } else { AJXP_Utils::testResultsToFile($outputArray, $testedParams); } } $START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop"); if (AuthService::usersEnabled()) { AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : ""); AuthService::bootSequence($START_PARAMETERS); if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) { if (AuthService::getDefaultRootId() == -1) { AuthService::disconnect(); } else { $loggedUser = AuthService::getLoggedUser(); if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) && AuthService::getDefaultRootId() != ConfService::getCurrentRootDirIndex()) { ConfService::switchRootDir(AuthService::getDefaultRootId()); } } } } AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION); $confErrors = ConfService::getErrors(); if (count($confErrors)) { $START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors)); } $JSON_START_PARAMETERS = json_encode($START_PARAMETERS); $crtTheme = $this->pluginConf["GUI_THEME"]; if (ConfService::getConf("JS_DEBUG")) { if (!isset($mess)) { $mess = ConfService::getMessages(); } if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html"; } else { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html"; } } else { if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html"); } else { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html"); } if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) { $content = str_replace("ajaxplorer_boot.js", "ajaxplorer_boot_protolegacy.js", $content); } $content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false); if ($JSON_START_PARAMETERS) { $content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content); } print $content; } break; //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ case "get_boot_conf": if (isset($_GET["server_prefix_uri"])) { $_SESSION["AJXP_SERVER_PREFIX_URI"] = $_GET["server_prefix_uri"]; } $config = array(); $config["ajxpResourcesFolder"] = "plugins/gui.ajax/res"; $config["ajxpServerAccess"] = AJXP_SERVER_ACCESS; $config["zipEnabled"] = ConfService::zipEnabled(); $config["multipleFilesDownloadEnabled"] = ConfService::getCoreConf("ZIP_CREATION"); $config["customWording"] = array("welcomeMessage" => $this->pluginConf["CUSTOM_WELCOME_MESSAGE"], "title" => ConfService::getCoreConf("APPLICATION_TITLE"), "icon" => $this->pluginConf["CUSTOM_ICON"], "iconWidth" => $this->pluginConf["CUSTOM_ICON_WIDTH"], "iconHeight" => $this->pluginConf["CUSTOM_ICON_HEIGHT"], "iconOnly" => $this->pluginConf["CUSTOM_ICON_ONLY"], "titleFontSize" => $this->pluginConf["CUSTOM_FONT_SIZE"]); $config["usersEnabled"] = AuthService::usersEnabled(); $config["loggedUser"] = AuthService::getLoggedUser() != null; $config["currentLanguage"] = ConfService::getLanguage(); $config["session_timeout"] = intval(ini_get("session.gc_maxlifetime")); if (!isset($this->pluginConf["CLIENT_TIMEOUT_TIME"]) || $this->pluginConf["CLIENT_TIMEOUT_TIME"] == "") { $to = $config["session_timeout"]; } else { $to = $this->pluginConf["CLIENT_TIMEOUT_TIME"]; } $config["client_timeout"] = $to; $config["client_timeout_warning"] = $this->pluginConf["CLIENT_TIMEOUT_WARN"]; $config["availableLanguages"] = ConfService::getConf("AVAILABLE_LANG"); $config["usersEditable"] = ConfService::getAuthDriverImpl()->usersEditable(); $config["ajxpVersion"] = AJXP_VERSION; $config["ajxpVersionDate"] = AJXP_VERSION_DATE; if (stristr($_SERVER["HTTP_USER_AGENT"], "msie 6")) { $config["cssResources"] = array("css/pngHack/pngHack.css"); } if (!empty($this->pluginConf['GOOGLE_ANALYTICS_ID'])) { $config["googleAnalyticsData"] = array("id" => $this->pluginConf['GOOGLE_ANALYTICS_ID'], "domain" => $this->pluginConf['GOOGLE_ANALYTICS_DOMAIN'], "event" => $this->pluginConf['GOOGLE_ANALYTICS_EVENT']); } $config["i18nMessages"] = ConfService::getMessages(); $config["password_min_length"] = ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth"); $config["SECURE_TOKEN"] = AuthService::generateSecureToken(); $config["streaming_supported"] = "true"; $config["theme"] = $this->pluginConf["GUI_THEME"]; header("Content-type:application/json;charset=UTF-8"); print json_encode($config); break; default: break; } return false; }
public static function loadMinisite($data, $hash = '', $error = null) { if (isset($data["SECURITY_MODIFIED"]) && $data["SECURITY_MODIFIED"] === true) { $mess = ConfService::getMessages(); $error = $mess['share_center.164']; } $repository = $data["REPOSITORY"]; AJXP_PluginsService::getInstance()->initActivePlugins(); $shareCenter = AJXP_PluginsService::findPlugin("action", "share"); $confs = $shareCenter->getConfigs(); $minisiteLogo = "plugins/gui.ajax/PydioLogo250.png"; if (!empty($confs["CUSTOM_MINISITE_LOGO"])) { $logoPath = $confs["CUSTOM_MINISITE_LOGO"]; if (strpos($logoPath, "plugins/") === 0 && is_file(AJXP_INSTALL_PATH . "/" . $logoPath)) { $minisiteLogo = $logoPath; } else { $minisiteLogo = "index_shared.php?get_action=get_global_binary_param&binary_id=" . $logoPath; } } // Default value if (isset($data["AJXP_TEMPLATE_NAME"])) { $templateName = $data["AJXP_TEMPLATE_NAME"]; if ($templateName == "ajxp_film_strip" && AJXP_Utils::userAgentIsMobile()) { $templateName = "ajxp_shared_folder"; } } if (isset($repository)) { $repoObject = ConfService::getRepositoryById($repository); if (!is_object($repoObject)) { $mess = ConfService::getMessages(); $error = $mess["share_center.166"]; $templateName = "ajxp_unique_strip"; $repoObject = null; } } if (!isset($templateName) && isset($repoObject)) { $filter = $repoObject->getContentFilter(); if (!empty($filter) && count($filter->virtualPaths) == 1) { $templateName = "ajxp_unique_strip"; } else { $templateName = "ajxp_shared_folder"; } } if (!isset($templateName) && isset($error)) { $templateName = "ajxp_unique_strip"; } // UPDATE TEMPLATE $html = file_get_contents(AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/action.share/res/minisite.php"); AJXP_Controller::applyHook("tpl.filter_html", array(&$html)); $html = AJXP_XMLWriter::replaceAjxpXmlKeywords($html); $html = str_replace("AJXP_MINISITE_LOGO", $minisiteLogo, $html); $html = str_replace("AJXP_APPLICATION_TITLE", ConfService::getCoreConf("APPLICATION_TITLE"), $html); $html = str_replace("PYDIO_APP_TITLE", ConfService::getCoreConf("APPLICATION_TITLE"), $html); if (isset($repository) && isset($repoObject)) { $html = str_replace("AJXP_START_REPOSITORY", $repository, $html); $html = str_replace("AJXP_REPOSITORY_LABEL", ConfService::getRepositoryById($repository)->getDisplay(), $html); } $html = str_replace('AJXP_HASH_LOAD_ERROR', isset($error) ? $error : '', $html); $html = str_replace("AJXP_TEMPLATE_NAME", $templateName, $html); $html = str_replace("AJXP_LINK_HASH", $hash, $html); $guiConfigs = AJXP_PluginsService::findPluginById("gui.ajax")->getConfigs(); $html = str_replace("AJXP_THEME", $guiConfigs["GUI_THEME"], $html); if (isset($_GET["dl"]) && isset($_GET["file"])) { AuthService::$useSession = false; } else { session_name("AjaXplorer_Shared" . str_replace(".", "_", $hash)); session_start(); AuthService::disconnect(); } if (!empty($data["PRELOG_USER"])) { AuthService::logUser($data["PRELOG_USER"], "", true); $html = str_replace("AJXP_PRELOGED_USER", "ajxp_preloged_user", $html); } else { if (isset($data["PRESET_LOGIN"])) { $_SESSION["PENDING_REPOSITORY_ID"] = $repository; $_SESSION["PENDING_FOLDER"] = "/"; $html = str_replace("AJXP_PRELOGED_USER", $data["PRESET_LOGIN"], $html); } else { $html = str_replace("AJXP_PRELOGED_USER", "ajxp_legacy_minisite", $html); } } if (isset($hash)) { $_SESSION["CURRENT_MINISITE"] = $hash; } if (isset($_GET["dl"]) && isset($_GET["file"]) && (!isset($data["DOWNLOAD_DISABLED"]) || $data["DOWNLOAD_DISABLED"] === false)) { ConfService::switchRootDir($repository); ConfService::loadRepositoryDriver(); AJXP_PluginsService::deferBuildingRegistry(); AJXP_PluginsService::getInstance()->initActivePlugins(); AJXP_PluginsService::flushDeferredRegistryBuilding(); $errMessage = null; try { $params = $_GET; $ACTION = "download"; if (isset($_GET["ct"])) { $mime = pathinfo($params["file"], PATHINFO_EXTENSION); $editors = AJXP_PluginsService::searchAllManifests("//editor[contains(@mimes,'{$mime}') and @previewProvider='true']", "node", true, true, false); if (count($editors)) { foreach ($editors as $editor) { $xPath = new DOMXPath($editor->ownerDocument); $callbacks = $xPath->query("//action[@contentTypedProvider]", $editor); if ($callbacks->length) { $ACTION = $callbacks->item(0)->getAttribute("name"); if ($ACTION == "audio_proxy") { $params["file"] = "base64encoded:" . base64_encode($params["file"]); } break; } } } } AJXP_Controller::registryReset(); AJXP_Controller::findActionAndApply($ACTION, $params, null); } catch (Exception $e) { $errMessage = $e->getMessage(); } if ($errMessage == null) { return; } $html = str_replace('AJXP_HASH_LOAD_ERROR', $errMessage, $html); } if (isset($_GET["lang"])) { $loggedUser =& AuthService::getLoggedUser(); if ($loggedUser != null) { $loggedUser->setPref("lang", $_GET["lang"]); } else { setcookie("AJXP_lang", $_GET["lang"]); } } if (!empty($data["AJXP_APPLICATION_BASE"])) { $tPath = $data["AJXP_APPLICATION_BASE"]; } else { $tPath = !empty($data["TRAVEL_PATH_TO_ROOT"]) ? $data["TRAVEL_PATH_TO_ROOT"] : "../.."; } $serverBaseUrl = AJXP_Utils::detectServerURL(true); // Update Host dynamically if it differ from registered one. $registeredHost = parse_url($tPath, PHP_URL_HOST); $currentHost = parse_url($serverBaseUrl, PHP_URL_HOST); if ($registeredHost != $currentHost) { $tPath = str_replace($registeredHost, $currentHost, $tPath); } // Update scheme dynamically if it differ from registered one. $registeredScheme = parse_url($tPath, PHP_URL_SCHEME); $currentScheme = parse_url($serverBaseUrl, PHP_URL_SCHEME); if ($registeredScheme != $currentScheme) { $tPath = str_replace($registeredScheme . "://", $currentScheme . "://", $tPath); } $html = str_replace("AJXP_PATH_TO_ROOT", rtrim($tPath, "/") . "/", $html); HTMLWriter::internetExplorerMainDocumentHeader(); HTMLWriter::charsetHeader(); echo $html; }
public function switchAction($action, $httpVars, $fileVars) { if (!defined("AJXP_THEME_FOLDER")) { define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res"); define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]); } foreach ($httpVars as $getName => $getValue) { ${$getName} = AJXP_Utils::securePath($getValue); } $mess = ConfService::getMessages(); switch ($action) { //------------------------------------ // GET AN HTML TEMPLATE //------------------------------------ case "get_template": HTMLWriter::charsetHeader(); $folder = CLIENT_RESOURCES_FOLDER . "/html"; if (isset($httpVars["pluginName"])) { $folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]); if (isset($httpVars["pluginPath"])) { $folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]); } } $thFolder = AJXP_THEME_FOLDER . "/html"; if (isset($template_name)) { if (is_file($thFolder . "/" . $template_name)) { include $thFolder . "/" . $template_name; } else { if (is_file($folder . "/" . $template_name)) { include $folder . "/" . $template_name; } } } break; //------------------------------------ // GET I18N MESSAGES //------------------------------------ //------------------------------------ // GET I18N MESSAGES //------------------------------------ case "get_i18n_messages": $refresh = false; if (isset($httpVars["lang"])) { ConfService::setLanguage($httpVars["lang"]); $refresh = true; } if (isset($httpVars["format"]) && $httpVars["format"] == "json") { HTMLWriter::charsetHeader("application/json"); echo json_encode(ConfService::getMessages($refresh)); } else { HTMLWriter::charsetHeader('text/javascript'); HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh)); } break; //------------------------------------ // DISPLAY DOC //------------------------------------ //------------------------------------ // DISPLAY DOC //------------------------------------ case "display_doc": HTMLWriter::charsetHeader(); echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($httpVars["doc_file"]))); break; //------------------------------------ // GET BOOT GUI //------------------------------------ //------------------------------------ // GET BOOT GUI //------------------------------------ case "get_boot_gui": HTMLWriter::internetExplorerMainDocumentHeader(); HTMLWriter::charsetHeader(); if (!is_file(TESTS_RESULT_FILE)) { $outputArray = array(); $testedParams = array(); $passed = AJXP_Utils::runTests($outputArray, $testedParams); if (!$passed && !isset($httpVars["ignore_tests"])) { AJXP_Utils::testResultsToTable($outputArray, $testedParams); die; } else { AJXP_Utils::testResultsToFile($outputArray, $testedParams); } } $root = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); $configUrl = ConfService::getCoreConf("SERVER_URL"); if (!empty($configUrl)) { $root = '/' . ltrim(parse_url($configUrl, PHP_URL_PATH), '/'); if (strlen($root) > 1) { $root = rtrim($root, '/') . '/'; } } else { preg_match('/ws-(.)*\\/|settings|dashboard|welcome|user/', $root, $matches, PREG_OFFSET_CAPTURE); if (count($matches)) { $capture = $matches[0][1]; $root = substr($root, 0, $capture); } } $START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop", "APPLICATION_ROOT" => $root, "REBASE" => $root); if (AuthService::usersEnabled()) { AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : ""); AuthService::bootSequence($START_PARAMETERS); if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) { if (AuthService::getDefaultRootId() == -1) { AuthService::disconnect(); } else { $loggedUser = AuthService::getLoggedUser(); if (!$loggedUser->canRead(ConfService::getCurrentRepositoryId()) && AuthService::getDefaultRootId() != ConfService::getCurrentRepositoryId()) { ConfService::switchRootDir(AuthService::getDefaultRootId()); } } } } AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION); $confErrors = ConfService::getErrors(); if (count($confErrors)) { $START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors)); } // PRECOMPUTE BOOT CONF if (!preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) && !preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) { $preloadedBootConf = $this->computeBootConf(); AJXP_Controller::applyHook("loader.filter_boot_conf", array(&$preloadedBootConf)); $START_PARAMETERS["PRELOADED_BOOT_CONF"] = $preloadedBootConf; } // PRECOMPUTE REGISTRY if (!isset($START_PARAMETERS["FORCE_REGISTRY_RELOAD"])) { $clone = ConfService::getFilteredXMLRegistry(true, true); $clonePath = new DOMXPath($clone); $serverCallbacks = $clonePath->query("//serverCallback|hooks"); foreach ($serverCallbacks as $callback) { $callback->parentNode->removeChild($callback); } $START_PARAMETERS["PRELOADED_REGISTRY"] = AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML()); } $JSON_START_PARAMETERS = json_encode($START_PARAMETERS); $crtTheme = $this->pluginConf["GUI_THEME"]; $additionalFrameworks = $this->getFilteredOption("JS_RESOURCES_BEFORE"); $ADDITIONAL_FRAMEWORKS = ""; if (!empty($additionalFrameworks)) { $frameworkList = explode(",", $additionalFrameworks); foreach ($frameworkList as $index => $framework) { $frameworkList[$index] = '<script language="javascript" type="text/javascript" src="' . $framework . '"></script>' . "\n"; } $ADDITIONAL_FRAMEWORKS = implode("", $frameworkList); } if (ConfService::getConf("JS_DEBUG")) { if (!isset($mess)) { $mess = ConfService::getMessages(); } if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html"; } else { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html"; } } else { if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html"); } else { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html"); } if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT'])) { $ADDITIONAL_FRAMEWORKS = ""; } $content = str_replace("AJXP_ADDITIONAL_JS_FRAMEWORKS", $ADDITIONAL_FRAMEWORKS, $content); $content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false); $content = str_replace("AJXP_REBASE", isset($START_PARAMETERS["REBASE"]) ? '<base href="' . $START_PARAMETERS["REBASE"] . '"/>' : "", $content); if ($JSON_START_PARAMETERS) { $content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content); } print $content; } break; //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ case "get_boot_conf": $out = array(); AJXP_Utils::parseApplicationGetParameters($_GET, $out, $_SESSION); $config = $this->computeBootConf(); header("Content-type:application/json;charset=UTF-8"); print json_encode($config); break; default: break; } return false; }
function logoutCallback($actionName, $httpVars, $fileVars) { $crtUser = $_SESSION["AJXP_SESSION_REMOTE_USER"]; if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) { unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]); } unset($_SESSION["AJXP_SESSION_REMOTE_USER"]); unset($_SESSION["AJXP_SESSION_REMOTE_PASS"]); $adminUser = $this->options["ADMIN_USER"]; if ($login != $adminUser && $crtUser != "") { AJXP_User::deleteUser($crtUser); } AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function switchAction($action, $httpVars, $fileVars) { if (!isset($this->actions[$action])) { return; } $mess = ConfService::getMessages(); switch ($action) { case "login": if (!AuthService::usersEnabled()) { return; } $rememberLogin = ""; $rememberPass = ""; $secureToken = ""; $loggedUser = null; include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) { $loggingResult = -4; } else { $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null; $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null; $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false; $cookieLogin = isset($httpVars["cookie_login"]) ? true : false; $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]); if ($rememberMe && $loggingResult == 1) { $rememberLogin = "******"; $rememberPass = "******"; $loggedUser = AuthService::getLoggedUser(); } if ($loggingResult == 1) { session_regenerate_id(true); $secureToken = AuthService::generateSecureToken(); } if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) { $loggingResult = -4; // Force captcha reload } } $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if (isset($httpVars["tmp_repository_id"])) { $passId = $httpVars["tmp_repository_id"]; } else { if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } } $res = ConfService::switchUserToActiveRepository($loggedUser, $passId); if (!$res) { AuthService::disconnect(); $loggingResult = -3; } } if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) { AuthService::refreshRememberCookie($loggedUser); } AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken); AJXP_XMLWriter::close(); break; //------------------------------------ // CHANGE USER PASSWORD //------------------------------------ //------------------------------------ // CHANGE USER PASSWORD //------------------------------------ case "pass_change": $userObject = AuthService::getLoggedUser(); if ($userObject == null || $userObject->getId() == "guest") { header("Content-Type:text/plain"); print "SUCCESS"; break; } $oldPass = $httpVars["old_pass"]; $newPass = $httpVars["new_pass"]; $passSeed = $httpVars["pass_seed"]; if (strlen($newPass) < ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth")) { header("Content-Type:text/plain"); print "PASS_ERROR"; break; } if (AuthService::checkPassword($userObject->getId(), $oldPass, false, $passSeed)) { AuthService::updatePassword($userObject->getId(), $newPass); if ($userObject->getLock() == "pass_change") { $userObject->removeLock(); $userObject->save("superuser"); } } else { header("Content-Type:text/plain"); print "PASS_ERROR"; break; } header("Content-Type:text/plain"); print "SUCCESS"; break; case "logout": AuthService::disconnect(); $loggingResult = 2; session_destroy(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, null, null, null); AJXP_XMLWriter::close(); break; case "get_seed": $seed = AuthService::generateSeed(); if (AuthService::suspectBruteForceLogin()) { HTMLWriter::charsetHeader('application/json'); print json_encode(array("seed" => $seed, "captcha" => true)); } else { HTMLWriter::charsetHeader("text/plain"); print $seed; } //exit(0); break; case "get_secure_token": HTMLWriter::charsetHeader("text/plain"); print AuthService::generateSecureToken(); //exit(0); break; case "get_captcha": include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; CaptchaProvider::sendCaptcha(); //exit(0) ; break; case "back": AJXP_XMLWriter::header("url"); echo AuthService::getLogoutAddress(false); AJXP_XMLWriter::close("url"); //exit(1); break; default: break; } return ""; }
public function postVerificationCode($action, $httpVars, $fileVars) { if ($action != "duo_post_verification_code") { return; } $u = AuthService::getLoggedUser(); if ($u == null) { return; } $sigResponse = $httpVars["sig_response"]; require_once $this->getBaseDir() . "/duo_php/duo_web.php"; $appUnique = $this->getFilteredOption("DUO_AUTH_AKEY"); $iKey = $this->getFilteredOption("DUO_AUTH_IKEY"); $sKey = $this->getFilteredOption("DUO_AUTH_SKEY"); $verif = Duo::verifyResponse($iKey, $sKey, $appUnique, $sigResponse); if ($verif != null && $verif == $u->getId()) { $u->removeLock(); $u->save("superuser"); $u->recomputeMergedRole(); AuthService::updateUser($u); ConfService::switchUserToActiveRepository($u); $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } $res = ConfService::switchUserToActiveRepository($u, $passId); if (!$res) { AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } } else { AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } }
AuthService::logUser(null, null); // Check that current user can access current repository, try to switch otherwise. $loggedUser = AuthService::getLoggedUser(); if ($loggedUser == null) { // Try prelogging user if the session expired but the logging data is in fact still present // For example, for basic_http auth. AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : ""); $loggedUser = AuthService::getLoggedUser(); if ($loggedUser == null) { $requireAuth = true; } } if ($loggedUser != null) { $res = ConfService::switchUserToActiveRepository($loggedUser, isset($httpVars["tmp_repository_id"]) ? $httpVars["tmp_repository_id"] : "-1"); if (!$res) { AuthService::disconnect(); $requireAuth = true; } } } else { AJXP_Logger::debug(ConfService::getCurrentRepositoryId()); } //Set language $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null && $loggedUser->getPref("lang") != "") { ConfService::setLanguage($loggedUser->getPref("lang")); } else { if (isset($_COOKIE["AJXP_lang"])) { ConfService::setLanguage($_COOKIE["AJXP_lang"]); } }
public function switchAction($action, $httpVars, $fileVars) { switch ($action) { case "logout": AuthService::disconnect(); $loggingResult = 2; session_destroy(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, null, null, null); AJXP_XMLWriter::close(); break; case "get_seed": $seed = AuthService::generateSeed(); if (AuthService::suspectBruteForceLogin()) { HTMLWriter::charsetHeader('application/json'); print json_encode(array("seed" => $seed, "captcha" => true)); } else { HTMLWriter::charsetHeader("text/plain"); print $seed; } break; case "get_captcha": include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; CaptchaProvider::sendCaptcha(); //exit(0) ; break; case "back": AJXP_XMLWriter::header("url"); echo AuthService::getLogoutAddress(false); AJXP_XMLWriter::close("url"); //exit(1); break; default: break; } return ""; }
/** * @param String $pluginId * @param String $options */ public function _savePluginConfig($pluginId, $options) { $jsonPath = $this->getPluginWorkDir(true) . "/bootstrap.json"; $jsonData = AJXP_Utils::loadSerialFile($jsonPath, false, "json"); if (!is_array($jsonData)) { $jsonData = array(); } $jsonData[$pluginId] = $options; if ($pluginId == "core.conf" || $pluginId == "core.auth") { $testKey = $pluginId == "core.conf" ? "UNIQUE_INSTANCE_CONFIG" : "MASTER_INSTANCE_CONFIG"; $current = array(); $this->_loadPluginConfig($pluginId, $current); if (isset($current[$testKey]["instance_name"]) && $current[$testKey]["instance_name"] != $options[$testKey]["instance_name"]) { $forceDisconnexion = $pluginId; } } if (file_exists($jsonPath)) { copy($jsonPath, $jsonPath . ".bak"); } AJXP_Utils::saveSerialFile($jsonPath, $jsonData, true, false, "json", true); if (isset($forceDisconnexion)) { if ($pluginId == "core.conf") { // DISCONNECT AuthService::disconnect(); } else { if ($pluginId == "core.auth") { // DELETE admin_counted file and DISCONNECT @unlink(AJXP_CACHE_DIR . "/admin_counted"); } } } }
public function switchAction($action, $httpVars, $fileVars) { if (!isset($this->actions[$action])) { return; } if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT'])) { // Force legacy theme for the moment $this->pluginConf["GUI_THEME"] = "oxygen"; } if (!defined("AJXP_THEME_FOLDER")) { define("CLIENT_RESOURCES_FOLDER", AJXP_PLUGINS_FOLDER . "/gui.ajax/res"); define("AJXP_THEME_FOLDER", CLIENT_RESOURCES_FOLDER . "/themes/" . $this->pluginConf["GUI_THEME"]); } foreach ($httpVars as $getName => $getValue) { ${$getName} = AJXP_Utils::securePath($getValue); } if (isset($dir) && $action != "upload") { $dir = SystemTextEncoding::fromUTF8($dir); } $mess = ConfService::getMessages(); switch ($action) { //------------------------------------ // GET AN HTML TEMPLATE //------------------------------------ case "get_template": HTMLWriter::charsetHeader(); $folder = CLIENT_RESOURCES_FOLDER . "/html"; if (isset($httpVars["pluginName"])) { $folder = AJXP_INSTALL_PATH . "/" . AJXP_PLUGINS_FOLDER . "/" . AJXP_Utils::securePath($httpVars["pluginName"]); if (isset($httpVars["pluginPath"])) { $folder .= "/" . AJXP_Utils::securePath($httpVars["pluginPath"]); } } $crtTheme = $this->pluginConf["GUI_THEME"]; $thFolder = AJXP_THEME_FOLDER . "/html"; if (isset($template_name)) { if (is_file($thFolder . "/" . $template_name)) { include $thFolder . "/" . $template_name; } else { if (is_file($folder . "/" . $template_name)) { include $folder . "/" . $template_name; } } } break; //------------------------------------ // GET I18N MESSAGES //------------------------------------ //------------------------------------ // GET I18N MESSAGES //------------------------------------ case "get_i18n_messages": $refresh = false; if (isset($httpVars["lang"])) { ConfService::setLanguage($httpVars["lang"]); $refresh = true; } HTMLWriter::charsetHeader('text/javascript'); HTMLWriter::writeI18nMessagesClass(ConfService::getMessages($refresh)); break; //------------------------------------ // SEND XML REGISTRY //------------------------------------ //------------------------------------ // SEND XML REGISTRY //------------------------------------ case "get_xml_registry": $regDoc = AJXP_PluginsService::getXmlRegistry(); $changes = AJXP_Controller::filterRegistryFromRole($regDoc); if ($changes) { AJXP_PluginsService::updateXmlRegistry($regDoc); } $clone = $regDoc->cloneNode(true); $clonePath = new DOMXPath($clone); $serverCallbacks = $clonePath->query("//serverCallback|hooks"); foreach ($serverCallbacks as $callback) { $processing = $callback->parentNode->removeChild($callback); } if (isset($_GET["xPath"])) { //$regPath = new DOMXPath($regDoc); $nodes = $clonePath->query($_GET["xPath"]); AJXP_XMLWriter::header("ajxp_registry_part", array("xPath" => $_GET["xPath"])); if ($nodes->length) { print AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML($nodes->item(0))); } AJXP_XMLWriter::close("ajxp_registry_part"); } else { AJXP_Utils::safeIniSet("zlib.output_compression", "4096"); header('Content-Type: application/xml; charset=UTF-8'); print AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML()); } break; //------------------------------------ // DISPLAY DOC //------------------------------------ //------------------------------------ // DISPLAY DOC //------------------------------------ case "display_doc": HTMLWriter::charsetHeader(); echo HTMLWriter::getDocFile(AJXP_Utils::securePath(htmlentities($_GET["doc_file"]))); break; //------------------------------------ // GET BOOT GUI //------------------------------------ //------------------------------------ // GET BOOT GUI //------------------------------------ case "get_boot_gui": HTMLWriter::internetExplorerMainDocumentHeader(); HTMLWriter::charsetHeader(); if (!is_file(TESTS_RESULT_FILE)) { $outputArray = array(); $testedParams = array(); $passed = AJXP_Utils::runTests($outputArray, $testedParams); if (!$passed && !isset($_GET["ignore_tests"])) { AJXP_Utils::testResultsToTable($outputArray, $testedParams); die; } else { AJXP_Utils::testResultsToFile($outputArray, $testedParams); } } $START_PARAMETERS = array("BOOTER_URL" => "index.php?get_action=get_boot_conf", "MAIN_ELEMENT" => "ajxp_desktop"); if (AuthService::usersEnabled()) { AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : ""); AuthService::bootSequence($START_PARAMETERS); if (AuthService::getLoggedUser() != null || AuthService::logUser(null, null) == 1) { if (AuthService::getDefaultRootId() == -1) { AuthService::disconnect(); } else { $loggedUser = AuthService::getLoggedUser(); if (!$loggedUser->canRead(ConfService::getCurrentRepositoryId()) && AuthService::getDefaultRootId() != ConfService::getCurrentRepositoryId()) { ConfService::switchRootDir(AuthService::getDefaultRootId()); } } } } AJXP_Utils::parseApplicationGetParameters($_GET, $START_PARAMETERS, $_SESSION); $confErrors = ConfService::getErrors(); if (count($confErrors)) { $START_PARAMETERS["ALERT"] = implode(", ", array_values($confErrors)); } // PRECOMPUTE BOOT CONF if (!preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) && !preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) { $START_PARAMETERS["PRELOADED_BOOT_CONF"] = $this->computeBootConf(); } // PRECOMPUTE REGISTRY if (!isset($START_PARAMETERS["FORCE_REGISTRY_RELOAD"])) { $regDoc = AJXP_PluginsService::getXmlRegistry(); $changes = AJXP_Controller::filterRegistryFromRole($regDoc); if ($changes) { AJXP_PluginsService::updateXmlRegistry($regDoc); } $clone = $regDoc->cloneNode(true); $clonePath = new DOMXPath($clone); $serverCallbacks = $clonePath->query("//serverCallback|hooks"); foreach ($serverCallbacks as $callback) { $callback->parentNode->removeChild($callback); } $START_PARAMETERS["PRELOADED_REGISTRY"] = AJXP_XMLWriter::replaceAjxpXmlKeywords($clone->saveXML()); } $JSON_START_PARAMETERS = json_encode($START_PARAMETERS); $crtTheme = $this->pluginConf["GUI_THEME"]; if (ConfService::getConf("JS_DEBUG")) { if (!isset($mess)) { $mess = ConfService::getMessages(); } if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html")) { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui_debug.html"; } else { include AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui_debug.html"; } } else { if (is_file(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html")) { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/themes/{$crtTheme}/html/gui.html"); } else { $content = file_get_contents(AJXP_INSTALL_PATH . "/plugins/gui.ajax/res/html/gui.html"); } if (preg_match('/MSIE 7/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 8/', $_SERVER['HTTP_USER_AGENT'])) { $content = str_replace("ajaxplorer_boot.js", "ajaxplorer_boot_protolegacy.js", $content); } $content = AJXP_XMLWriter::replaceAjxpXmlKeywords($content, false); $content = str_replace("AJXP_REBASE", isset($START_PARAMETERS["REBASE"]) ? '<base href="' . $START_PARAMETERS["REBASE"] . '"/>' : "", $content); if ($JSON_START_PARAMETERS) { $content = str_replace("//AJXP_JSON_START_PARAMETERS", "startParameters = " . $JSON_START_PARAMETERS . ";", $content); } print $content; } break; //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ //------------------------------------ // GET CONFIG FOR BOOT //------------------------------------ case "get_boot_conf": $out = array(); AJXP_Utils::parseApplicationGetParameters($_GET, $out, $_SESSION); $config = $this->computeBootConf(); header("Content-type:application/json;charset=UTF-8"); print json_encode($config); break; default: break; } return false; }