}
// attempt to delete
if (Sections::delete($item['id'])) {
// log item deletion
$label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title']));
$description = Sections::get_permalink($item);
Logger::remember('sections/delete.php: ' . $label, $description);
// this can appear anywhere
Cache::clear();
// back to the anchor page or to the index page
if (is_object($overlay) && ($back_url = $overlay->get_url_after_deleting())) {
Safe::redirect($back_url);
} elseif (is_object($anchor)) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url());
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'sections/');
}
}
// deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
Logger::error(i18n::s('The action has not been confirmed.'));
} else {
// all sub-sections have not been deleted
if (($stats = Sections::stat_for_anchor('section:' . $item['id'])) && $stats['count']) {
Logger::error(i18n::s('Warning: related content will be deleted as well.'));
}
// all articles have not been deleted
if ($count = Articles::count_for_anchor('section:' . $item['id'])) {
Logger::error(i18n::s('Warning: related content will be deleted as well.'));
}
// commands
$overlay->attributes[$name][$sub_name] = str_replace('\\', '\\\\', $sub_value);
}
} else {
$overlay->attributes[$name] = str_replace('\\', '\\\\', $value);
}
}
// update the record
$item['overlay'] = serialize($overlay->attributes);
// touch the related anchor
if ($article = Anchors::get('article:' . $item['id'])) {
$article->touch('vote', $item['id'], isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y');
}
// update the database
if (!Articles::put($item)) {
} elseif ($next && !headers_sent()) {
Safe::redirect($next);
// ask for manual click
} else {
$context['text'] .= '<p>' . i18n::s('Thank you for your contribution') . "</p>\n";
// link to the poll, depending on access rights
$menu = array();
if ($permitted) {
$menu = array_merge($menu, array(Articles::get_permalink($item) => i18n::s('View poll results')));
}
// back to the front page
$menu = array_merge($menu, array($context['url_to_root'] => i18n::s('Front page')));
$context['text'] .= Skin::build_list($menu, 'menu_bar');
}
}
// render the skin
render_skin();
$anchor = Anchors::get($id);
}
// load localized strings
i18n::bind('behaviors');
// load the skin, maybe with a variant
load_skin('agreements', $anchor);
// no subject
if (!is_object($anchor)) {
Logger::error(i18n::s('No item has the provided id.'));
} else {
// initialize the list of agreements
if (!isset($_SESSION['agreements']) || !is_array($_SESSION['agreements'])) {
$_SESSION['agreements'] = array();
}
// append the new agreement
$_SESSION['agreements'][] = $anchor->get_reference();
// revisit referer
if (isset($_SERVER['HTTP_REFERER'])) {
Safe::redirect($_SERVER['HTTP_REFERER']);
}
}
// the path to this page
if (is_object($anchor)) {
$context['path_bar'] = $anchor->get_path_bar();
}
// the title of the page
if (is_object($anchor)) {
$context['page_title'] = $anchor->get_title();
}
// render the skin
render_skin();
// we only consider php scripts, of course
if (strlen($item) < 5 || substr($item, -4) != '.php') {
continue;
}
// do not execute twins, to ensure that scripts are ran only once
if (file_exists($context['path_to_root'] . 'scripts/run_once/' . $item . '.done')) {
continue;
}
// ok, we have to execute this one
$scripts[] = $item;
}
// close the directory
Safe::closedir($dir);
// no script has been found; if the server has been switched off, go silently to the control panel
if (!@count($scripts) && file_exists('../parameters/switch.off')) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'control/');
}
}
/**
* dynamically generate the page
*
* @see skins/index.php
*/
function send_body()
{
global $context, $local;
// $local is required to localize included scripts
// include every script that has to be run once
global $scripts, $scripts_count;
if (@count($scripts)) {
// the alphabetical order may be used to control script execution order
}
// load the skin
load_skin('users');
// the path to this page
$context['path_bar'] = array('users/' => i18n::s('People'));
// the title of the page
if (isset($item['nick_name'])) {
$context['page_title'] = sprintf(i18n::s('Select a picture for %s'), $item['nick_name']);
}
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// anonymous users are invited to log in or to register
} elseif (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('users/select_avatar.php'));
} elseif (!isset($item['id'])) {
include '../error.php';
// permission denied
} elseif (!$permitted) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// the avatar has been changed
} elseif (isset($_REQUEST['avatar'])) {
// change the avatar in the profile
$item['avatar_url'] = $_REQUEST['avatar'];
// no password change
unset($item['password']);
if (Users::put($item)) {
Users::clear($item);
}
} elseif (!$permitted) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
// touch the related anchor before actual deletion, since the location has to be accessible at that time
if (is_object($anchor)) {
$anchor->touch('location:delete', $item['id']);
}
// if no error, back to the anchor or to the index page
if (Locations::delete($item['id'])) {
Locations::clear($item);
if (is_object($anchor)) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url());
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/');
}
}
// deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('The action has not been confirmed.'));
// ask for confirmation
} else {
// commands
$menu = array();
$menu[] = Skin::build_submit_button(i18n::s('Yes, I want to delete this location'), NULL, NULL, 'confirmed');
if (is_object($anchor)) {
$menu[] = Skin::build_link($anchor->get_url(), i18n::s('Cancel'), 'span');
}
// the submit button
include_once 'servers.php';
include_once '../services/call.php';
// ping
// load the skin
load_skin('servers');
// the path to this page
$context['path_bar'] = array('servers/' => i18n::s('Servers'));
// the title of the page
$context['page_title'] = i18n::s('Ping the cloud');
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// anonymous users are invited to log in or to register
} elseif (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('servers/ping.php'));
} elseif (!Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// do the ping
} elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'ping') {
// list servers to be advertised
if ($servers = Servers::list_for_ping(0, 20, 'ping')) {
$context['text'] .= '<p>' . i18n::s('Servers that have been notified') . '</p><ul>';
// ping each server
foreach ($servers as $server_url => $attributes) {
list($server_ping, $server_label) = $attributes;
$milestone = get_micro_time();
$result = @Call::invoke($server_ping, 'weblogUpdates.ping', array(strip_tags($context['site_name']), $context['url_to_home'] . $context['url_to_root']), 'XML-RPC');
if ($result[0]) {
$label = round(get_micro_time() - $milestone, 2) . ' sec.';
<?php
/*
* Redirect automaticaly a user to its profile
* or invite him to log in (and then redirect)
* can be a usefull target for a link in email for example.
*
* @author Alexis Raimbault
* @reference
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
include_once '../shared/global.php';
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode($context['url_to_home'] . $context['url_to_root'] . 'users/profile.php'));
} else {
Safe::redirect(Surfer::get_permalink());
}
// deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
// touch the related anchor before actual deletion, since the item has to be accessible at that time
if (is_object($anchor)) {
$anchor->touch('comment:delete', $item['id']);
}
// if no error, back to the anchor or to the index page
if (Comments::delete($item['id'])) {
Comments::clear($item);
if ($render_overlaid && isset($_REQUEST['follow_up']) && $_REQUEST['follow_up'] == 'close') {
echo "deleting done";
finalize_page(true);
} elseif (is_object($anchor)) {
Safe::redirect($anchor->get_url('comments'));
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'comments/');
}
}
// deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
Logger::error(i18n::s('The action has not been confirmed.'));
} else {
// commands
$menu = array();
$delete_label = '';
if (is_object($overlay)) {
$delete_label = $overlay->get_label('delete_confirmation', 'comments');
}
if (!$delete_label) {
$delete_label = i18n::s('Yes, I want to delete this comment');
}
if (is_object($anchor)) {
$anchor->touch('category:delete', $item['id']);
}
// attempt to delete
if (Categories::delete($item['id'])) {
// log item deletion
$label = sprintf(i18n::c('Deletion: %s'), strip_tags($item['title']));
$description = Categories::get_permalink($item);
Logger::remember('categories/delete.php: ' . $label, $description);
// this can appear anywhere
Cache::clear();
// back to the anchor page or to the index page
if (is_object($anchor)) {
Safe::redirect($anchor->get_url());
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'categories/');
}
}
// deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
Logger::error(i18n::s('The action has not been confirmed.'));
} else {
// commands
$menu = array();
$menu[] = Skin::build_submit_button(i18n::s('Yes, I want to delete this category'), NULL, NULL, 'confirmed');
if (isset($item['id'])) {
$menu[] = Skin::build_link(Categories::get_permalink($item), i18n::s('Cancel'), 'span');
}
// the submit button
$context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . "\n" . Skin::finalize_list($menu, 'menu_bar') . '<input type="hidden" name="id" value="' . $item['id'] . '" />' . "\n" . '<input type="hidden" name="confirm" value="yes" />' . "\n" . '</p></form>' . "\n";
// set the focus
$context['text'] .= '<p><a href="../skins/configure.php">' . sprintf(i18n::s('%s: %s'), i18n::s('Configure'), i18n::s('Page factory')) . "</a></p>\n";
// end of verifications
} else {
// the title of the page
$context['page_title'] = i18n::s('Control Panel');
// server is closed
if (file_exists($context['path_to_root'] . 'parameters/switch.off')) {
// title
Logger::error(i18n::s('The server is currently switched off. All users are redirected to the closed page.'));
// link to the switch page
if (Surfer::is_associate()) {
$context['text'] = '<p style="text-decoration: blink;"><a href="switch.php?action=on">' . i18n::s('Switch the server on again') . '</a></p>';
}
// there is no switch file, redirect to the setup assistant
} elseif (!file_exists($context['path_to_root'] . 'parameters/switch.on')) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'setup.php');
}
// server is running on demonstration mode
if (file_exists($context['path_to_root'] . 'parameters/demo.flag')) {
Logger::error(i18n::s('The server is running in demonstration mode, and restrictions apply, even to associates.'));
}
// this is a tabbed page
$all_tabs = array();
//
// the Configuration Panels tab is reserved to associates
//
if (Surfer::is_associate()) {
$text = '<p>' . i18n::s('Click on following links to review or change parameters of this server.') . '</p>';
$commands = array();
// configuration scripts that are part of the core -- some complex commands
if (Surfer::has_all()) {
// page language, if any
if (isset($item['language']) && $item['language'] && $item['language'] != 'none') {
$context['page_language'] = $item['language'];
}
// page canonical link
$context['page_link'] = Articles::get_permalink($item);
// not found -- help web crawlers
if (!isset($item['id'])) {
include '../error.php';
// permission denied
} elseif (!$permitted) {
// make it clear to crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
} elseif (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Articles::get_permalink($item)));
} elseif (isset($_REQUEST['requested']) && ($requested = Users::get($_REQUEST['requested'])) && $requested['email']) {
// prepare the mail message
$to = Mailer::encode_recipient($requested['email'], $requested['full_name']);
$subject = sprintf(i18n::c('%s: %s'), i18n::c('Request'), strip_tags($item['title']));
$message = Articles::build_notification('apply', $item, $overlay);
$headers = Mailer::set_thread('article:' . $item['id']);
// allow for skinnable template
$message = Skin::build_mail_message($message);
// build multiple parts, for HTML rendering
$message = Mailer::build_multipart($message);
// send the message to requested user
if (Mailer::post(Surfer::from(), $to, $subject, $message, NULL, $headers)) {
$text = sprintf(i18n::s('Your request has been transmitted to %s. Check your mailbox for feed-back.'), Skin::build_link(Users::get_permalink($requested), Codes::beautify_title($requested['full_name']), 'user'));
$context['text'] .= Skin::build_block($text, 'note');
}
// forward to the updated page
} else {
// touch the related anchor
$anchor->touch('file:update', $_REQUEST['id'], isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y');
// clear cache
Files::clear($_REQUEST);
// increment the post counter of the surfer
Users::increment_posts(Surfer::get_id());
// record surfer activity
Activities::post('file:' . $_REQUEST['id'], 'upload');
if ($render_overlaid) {
echo 'post done';
die;
}
// forward to the anchor page
Safe::redirect($anchor->get_url('files'));
}
// display the form on GET
} else {
$with_form = TRUE;
}
// display the form
if ($with_form) {
// prevent updates from section owner or associate
if (isset($item['assign_id']) && $item['assign_id'] && !Surfer::is($item['assign_id'])) {
$context['text'] .= Skin::build_block(sprintf(i18n::s('This file has been reserved by %s %s, and it is likely that an updated version will be made available soon.'), Users::get_link($item['assign_name'], $item['assign_address'], $item['assign_id']), Skin::build_date($item['assign_date'])), 'caution');
}
// the form to edit a file
$context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form" enctype="multipart/form-data"><div>';
$fields = array();
//
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// not found
} elseif (!isset($item['id'])) {
include '../error.php';
// an anchor is mandatory
} elseif (!is_object($anchor)) {
Safe::header('Status: 404 Not Found', TRUE, 404);
Logger::error(i18n::s('No anchor has been found.'));
// permission denied
} elseif (!$permitted) {
// surfer has to be authenticated
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Versions::get_url($item['id'], 'restore')));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// restoration
} else {
// update the database
if (Versions::restore($item['id'])) {
// provide some feed-back
$context['text'] .= '<p>' . i18n::s('The page has been successfully restored.') . '</p>';
// follow-up commands
$context['text'] .= Skin::build_link($anchor->get_url(), i18n::s('Done'), 'button');
// clear the cache; the article may be listed at many places
Cache::clear();
}
* @author GnapZ
* @reference
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
// common definitions and initial processing
include_once '../shared/global.php';
include_once 'files.php';
// load the skin
load_skin('files');
// the path to this page
$context['path_bar'] = array('control/' => i18n::s('Control Panel'));
// the title of the page
$context['page_title'] = sprintf(i18n::s('%s: %s'), i18n::s('Configure'), i18n::s('Files'));
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('files/configure.php'));
} elseif (!Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// display the input form
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'POST') {
// load current parameters, if any
Safe::load('parameters/files.include.php');
// the form
$context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><div>';
//
// supported extensions
//
$extensions = '';
// supported extensions
$label = i18n::s('Supported extensions');
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// passwords have to be confirmed
} elseif (!isset($_REQUEST['password']) || !$_REQUEST['password'] || strcmp($_REQUEST['confirm'], $_REQUEST['password'])) {
Logger::error(i18n::s('Please confirm your new password.'));
$with_form = TRUE;
// stop robots and replay attacks
} elseif (Surfer::may_be_a_robot()) {
Logger::error(i18n::s('Please prove you are not a robot.'));
$with_form = TRUE;
// display the form on error
} elseif (!Users::put($_REQUEST)) {
$with_form = TRUE;
// save one click to associates
} elseif (Surfer::is_associate()) {
Safe::redirect(Users::get_permalink($item));
} else {
// splash message
$context['text'] .= '<p>' . i18n::s('Password has been changed.') . '</p>';
// back to the anchor page
$links = array();
$links[] = Skin::build_link(Users::get_permalink($item), i18n::s('Done'), 'button');
$context['text'] .= Skin::finalize_list($links, 'assistant_bar');
}
// display the form on GET
} else {
$with_form = TRUE;
}
// display the form
if ($with_form) {
// splash message
// the title of the page
if (isset($item['title'])) {
$context['page_title'] = $item['title'];
}
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// not found
} elseif (!isset($item['id'])) {
include '../error.php';
// permission denied
} elseif (!$permitted) {
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Categories::get_url($item['id'], 'print')));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// display the category
} else {
// the introduction text
$context['text'] .= Skin::build_block($item['introduction'], 'introduction');
// the beautified description, which is the actual page body
$context['text'] .= Skin::build_block($item['description'], 'description');
// // date of last update
// $context['text'] .= i18n::s('Last update').' '.Skin::build_date($item['edit_date']);
//
// the section of sub-categories
//
$subject = $_REQUEST['subject'];
} elseif (isset($context['arguments'][0])) {
$subject = $context['arguments'][0];
}
$subject = strip_tags($subject);
// load localized strings
i18n::bind('agents');
// load the skin
load_skin('agents');
// the path to this page
$context['path_bar'] = array('control/' => i18n::s('Control Panel'));
// default page title
$context['page_title'] = i18n::s('Background processing');
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('agents/'));
} elseif (!Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// give information
} else {
//
// tabbed panels
//
$panels = array();
//
// last events
//
$events = '';
// display last events
$items = Logger::get_tail(50, 'all');
delete_all($path . '/' . $node);
Safe::rmdir($target_translated);
// delete the node
} else {
Safe::unlink($target_translated);
}
// statistics
global $deleted_nodes;
$deleted_nodes++;
}
Safe::closedir($handle);
}
}
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('scripts/stage.php'));
} elseif (!Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// process uploaded data
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
// a file has been uploaded
if (isset($_FILES['upload']['name']) && $_FILES['upload']['name'] && $_FILES['upload']['name'] != 'none') {
// remember external name
$external_id = $_FILES['upload']['name'];
// access the temporary uploaded file
$id = $_FILES['upload']['tmp_name'];
// zero bytes transmitted
$_REQUEST['file_size'] = $_FILES['upload']['size'];
if (!$_FILES['upload']['size']) {
Logger::error(i18n::s('Nothing has been received.'));
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
// common definitions and initial processing
include_once '../shared/global.php';
include_once '../scripts/scripts.php';
// load localized strings
i18n::bind('control');
// load the skin
load_skin('control');
// the path to this page
$context['path_bar'] = array('control/' => i18n::s('Control Panel'));
// the title of the page
$context['page_title'] = i18n::s('Update file permissions');
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('control/chmod.php'));
} elseif (!Surfer::is_associate() && !(file_exists($context['path_to_root'] . 'parameters/switch.on') || file_exists($context['path_to_root'] . 'parameters/switch.off'))) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// forward to the index page
$menu = array('control/' => i18n::s('Control Panel'));
$context['text'] .= Skin::build_list($menu, 'menu_bar');
// do the action
} elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'confirm') {
// list running scripts
$context['text'] .= '<p>' . i18n::s('Listing files...') . BR . "\n";
// locate script files starting at root
$scripts = Scripts::list_scripts_at(NULL);
if (is_array($scripts)) {
$context['text'] .= BR . sprintf(i18n::s('%d scripts have been found.'), count($scripts)) . "\n";
}
// load the skin, maybe with a variant
load_skin('articles', $anchor);
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// not found
} elseif (!is_object($anchor)) {
include '../../error.php';
// permission denied
} elseif (!$anchor->is_owned()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// no overlay
} elseif (!is_object($overlay) || !is_callable(array($overlay, 'get_start_url'))) {
Logger::error(i18n::s('You are not allowed to perform this operation.'));
} elseif (count($context['error'])) {
} elseif (!($follow_up = $overlay->get_start_url())) {
Logger::error(i18n::s('You are not allowed to perform this operation.'));
} else {
// remember the action
$overlay->start_meeting();
// redirect to the meeting page
Safe::redirect($follow_up);
}
// page title
if (is_object($anchor)) {
$context['page_title'] = $anchor->get_title();
}
// render the skin
render_skin();
$input = '<input type="radio" name="type" value="petition" /> ' . i18n::s('Ideal to express a broad support of some idea. Every signature can be commented.');
$fields[] = array($label, $input);
// poll
$label = i18n::s('Poll');
$input = '<input type="radio" name="type" value="poll" /> ' . i18n::s('The quickest way to identify trends. Any surfer can select among offered options, and YACS will sum up all clicks.');
$fields[] = array($label, $input);
// build the form
$context['text'] .= Skin::build_form($fields);
$fields = array();
// the submit button
$context['text'] .= '<p class="assistant_bar">' . Skin::build_submit_button(i18n::s('Start'), i18n::s('Press [s] to submit data'), 's') . '</p>' . "\n";
// end of the form
$context['text'] .= '</div></form>';
// create a page
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'articles/edit.php?variant=' . urlencode(strip_tags($_REQUEST['type'])));
}
// create a wiki
} elseif ($action == 'wiki') {
// page title
$context['page_title'] = i18n::s('Add a wiki');
// get section parameters
if (!isset($_REQUEST['title']) || !$_REQUEST['title']) {
// splash
$context['text'] .= '<p>' . i18n::s('With YACS, each wiki is an independant section, with options to limit the number of contributors or readers. Each post in a wiki may feature images, photos, files, comments, trackbacks and related links.') . '</p>' . '<p>' . i18n::s('You can either create one general-purpose wiki, or run this script several time and create a set of more specialised wikis.') . '</p>';
// a form to get section parameters
$context['text'] .= '<form method="post" action="' . $context['script_url'] . '" onsubmit="return validateDocumentPost(this)" id="main_form"><div>' . "\n" . '<input type="hidden" name="action" value="wiki" />';
$fields = array();
// the anchor
$label = i18n::s('Wiki anchor');
$input = '<select name="anchor"><option value="">' . i18n::s('-- Root level') . "</option>\n" . Sections::get_options('none', NULL) . '</select>';
// the target file
$id = NULL;
$name = NULL;
// load the skin
load_skin('skins');
// the path to this page
$context['path_bar'] = array('skins/' => i18n::s('Themes'));
// the title of the page
$context['page_title'] = i18n::s('Upload a theme');
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// anonymous users are invited to log in or to register
} elseif (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('skins/upload.php'));
} elseif (!Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// process uploaded data
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
// nothing has been uploaded
if (!$_FILES['upload']['name'] || $_FILES['upload']['name'] == 'none') {
Logger::error(i18n::s('Nothing has been received.'));
} else {
// access the temporary uploaded file
$id = $_FILES['upload']['tmp_name'];
$name = $_FILES['upload']['name'];
// zero bytes transmitted
$_REQUEST['file_size'] = $_FILES['upload']['size'];
if (!$_FILES['upload']['size']) {
}
// the title of the page
$context['page_title'] = i18n::s('Use an image');
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// not found
} elseif (!isset($item['id'])) {
Safe::header('Status: 404 Not Found', TRUE, 404);
Logger::error(i18n::s('No item has been found.'));
// no anchor
} elseif (!is_object($anchor)) {
Safe::header('Status: 404 Not Found', TRUE, 404);
Logger::error(i18n::s('No anchor has been found.'));
// operation is restricted to associates and editors
} elseif (!Surfer::is_associate() && !$anchor->is_assigned()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// set this image as the anchor icon
} else {
// back to the anchor page if no error
if (!($error = $anchor->touch('image:set_as_icon', $id))) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url());
}
Logger::error($error);
}
// failed operation
$context['text'] .= '<p>' . i18n::s('Operation has failed.') . '</p>';
// render the skin
render_skin();
} elseif (!$permitted) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// deletion is confirmed
} elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') {
// touch the related anchor before actual deletion, since the table has to be accessible at that time
if (is_object($anchor)) {
$anchor->touch('table:delete', $item['id']);
}
// delete and go back to the anchor or to the index page
if (Tables::delete($item['id'])) {
Tables::clear($item);
if (is_object($anchor)) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url());
} else {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'articles/');
}
}
// deletion has to be confirmed
} elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
Logger::error(i18n::s('The action has not been confirmed.'));
} else {
// commands
$menu = array();
$menu[] = Skin::build_submit_button(i18n::s('Yes, I want to delete this table'), NULL, NULL, 'confirmed');
if (is_object($anchor)) {
$menu[] = Skin::build_link($anchor->get_url(), i18n::s('Cancel'), 'span');
}
// the submit button
$context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . "\n" . Skin::finalize_list($menu, 'menu_bar') . '<input type="hidden" name="id" value="' . $item['id'] . '" />' . "\n" . '<input type="hidden" name="confirm" value="yes" />' . "\n" . '</p></form>' . "\n";
// set the focus
}
// the title of the page
if (is_object($anchor) && ($title = $anchor->get_title())) {
$context['page_title'] = sprintf(i18n::s('Files: %s'), $title);
} else {
$context['page_title'] = i18n::s('Files');
}
// an anchor is mandatory
if (!is_object($anchor)) {
Safe::header('Status: 404 Not Found', TRUE, 404);
Logger::error(i18n::s('No anchor has been found.'));
// permission denied
} elseif (!$permitted) {
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('files/list.php?id=' . $anchor->get_reference()));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// stop hackers
} elseif ($page > 10) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// display the index
} else {
// insert anchor prefix and suffix, plus any available icon
$context['prefix'] .= $anchor->get_prefix();
$layout = Layouts::new_('decorated', 'file');
// provide anthor information to layout
if (is_object($layout)) {
$context['current_item'] = 'server:' . $item['id'];
}
// the path to this page
$context['path_bar'] = array('servers/' => i18n::s('Servers'));
// the title of the page
if ($item['title']) {
$context['page_title'] = $item['title'];
}
// not found
if (!$item['id']) {
include '../error.php';
// permission denied
} elseif (!$permitted) {
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Servers::get_url($item['id'])));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// re-enforce the canonical link
} elseif ($context['self_url'] && ($canonical = $context['url_to_home'] . $context['url_to_root'] . Servers::get_url($item['id'])) && strncmp($context['self_url'], $canonical, strlen($canonical))) {
Safe::header('Status: 301 Moved Permanently', TRUE, 301);
Safe::header('Location: ' . $canonical);
Logger::error(Skin::build_link($canonical));
// display the server profile
} else {
$text = '';
// initialize the rendering engine
Codes::initialize(Servers::get_url($item['id']));
// the nick name
if (!Articles::put_attributes($_REQUEST) || is_object($overlay) && !$overlay->remember('update', $_REQUEST, 'article:' . $_REQUEST['id'])) {
$item = $_REQUEST;
$with_form = TRUE;
// else display the updated page
} else {
// do whatever is necessary on page update
Articles::finalize_update($anchor, $_REQUEST, $overlay, isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y', isset($_REQUEST['notify_watchers']) && $_REQUEST['notify_watchers'] == 'Y', isset($_REQUEST['notify_followers']) && $_REQUEST['notify_followers'] == 'Y');
// cascade changes on access rights
if ($_REQUEST['active'] != $item['active']) {
Anchors::cascade('article:' . $item['id'], $_REQUEST['active']);
}
// the page has been modified
$context['text'] .= '<p>' . i18n::s('The page has been successfully updated.') . '</p>';
// display the updated page
if (!($recipients = Mailer::build_recipients('article:' . $item['id']))) {
Safe::redirect(Articles::get_permalink($item));
}
// list persons that have been notified
$context['text'] .= $recipients;
// follow-up commands
$follow_up = i18n::s('What do you want to do now?');
$menu = array();
$menu = array_merge($menu, array(Articles::get_permalink($_REQUEST) => i18n::s('View the page')));
if (Surfer::may_upload()) {
$menu = array_merge($menu, array('files/edit.php?anchor=' . urlencode('article:' . $item['id']) => i18n::s('Add a file')));
}
if ((!isset($item['publish_date']) || $item['publish_date'] <= NULL_DATE) && Surfer::is_empowered()) {
$menu = array_merge($menu, array(Articles::get_url($item['id'], 'publish') => i18n::s('Publish the page')));
}
$follow_up .= Skin::build_list($menu, 'menu_bar');
$context['text'] .= Skin::build_block($follow_up, 'bottom');
} else {
$context['page_title'] = i18n::s('Select categories for this page');
}
// stop crawlers
if (Surfer::is_crawler()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// not found
} elseif (!is_object($anchor)) {
Safe::header('Status: 404 Not Found', TRUE, 404);
Logger::error(i18n::s('No item has been found.'));
// permission denied
} elseif (!$permitted) {
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Categories::get_url($member, 'select')));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// build a form to associates some categories to this item
} else {
// actual update
if (isset($_REQUEST['anchor']) && isset($_REQUEST['member'])) {
// on error display the form again
if ($error = Members::toggle($_REQUEST['anchor'], $_REQUEST['member'], isset($_REQUEST['father']) ? $_REQUEST['father'] : '')) {
Logger::error($error);
}
}
// the current list of linked categories
$categories =& Members::list_categories_by_title_for_member($member, 0, CATEGORIES_LIST_SIZE, 'raw');
// clear the tab we are in, if any
if (is_object($anchor)) {
$context['current_focus'] = $anchor->get_focus();
}
// the title of the page
if (isset($item['title'])) {
$context['page_title'] = $item['title'];
}
// not found
if (!isset($item['id'])) {
include '../error.php';
// permission denied
} elseif (!Articles::allow_access($item, $anchor)) {
// anonymous users are invited to log in or to register
if (!Surfer::is_logged()) {
Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Articles::get_url($item['id'], 'export')));
}
// permission denied to authenticated user
Safe::header('Status: 401 Unauthorized', TRUE, 401);
Logger::error(i18n::s('You are not allowed to perform this operation.'));
// display the article
} else {
// file header
$text = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<!DOCTYPE article SYSTEM "' . $context['url_to_home'] . $context['url_to_root'] . 'articles/article.dtd">' . "\n" . '<?xml-stylesheet type="text/css" href="' . $context['url_to_home'] . $context['url_to_root'] . 'articles/article.css" ?>' . "\n";
// item actual content
$text .= Articles::to_xml($item, $overlay);
//
// transfer to the user agent
//
// handle the output correctly
render_raw('text/xml; charset=' . $context['charset']);