function getMessage() { if (OSCOM::getConfig('store_sessions') == '') { if (!is_dir(session_save_path())) { return OSCOM::getDef('warning_session_directory_non_existent', ['session_path' => session_save_path()]); } elseif (!FileSystem::isWritable(session_save_path())) { return OSCOM::getDef('warning_session_directory_not_writeable', ['session_path' => session_save_path()]); } } }
public static function initialize() { ini_set('display_errors', false); ini_set('html_errors', false); ini_set('ignore_repeated_errors', true); if (FileSystem::isWritable(static::getDirectory(), true)) { if (!is_dir(static::getDirectory())) { mkdir(static::getDirectory(), 0777, true); } } if (FileSystem::isWritable(static::getDirectory())) { ini_set('log_errors', true); ini_set('error_log', static::getDirectory() . 'errors-' . date('Ymd') . '.txt'); } }
function tep_opendir($path) { $path = rtrim($path, '/') . '/'; $exclude_array = array('.', '..', '.DS_Store', 'Thumbs.db'); $result = array(); if ($handle = opendir($path)) { while (false !== ($filename = readdir($handle))) { if (!in_array($filename, $exclude_array)) { $file = array('name' => $path . $filename, 'is_dir' => is_dir($path . $filename), 'writable' => FileSystem::isWritable($path . $filename)); $result[] = $file; if ($file['is_dir'] == true) { $result = array_merge($result, tep_opendir($path . $filename)); } } } closedir($handle); } return $result; }
<?php echo HTML::inputField('CFG_ADMINISTRATOR_USERNAME', null, 'required aria-required="true" id="adminUsername"'); ?> <span class="help-block">The administrator username to use for the administration tool.</span> </div> <div class="form-group has-feedback"> <label for="adminPassword">Administrator Password</label> <?php echo HTML::inputField('CFG_ADMINISTRATOR_PASSWORD', null, 'required aria-required="true" id="adminPassword"'); ?> <span class="help-block">The password to use for the administrator account.</span> </div> <?php if (FileSystem::isWritable($dir_fs_document_root) && FileSystem::isWritable($dir_fs_document_root . 'admin')) { ?> <div class="form-group has-feedback"> <label for="adminDir">Administration Directory Name</label> <?php echo HTML::inputField('CFG_ADMIN_DIRECTORY', 'admin', 'required aria-required="true" id="adminDir"'); ?> <span class="help-block">This is the directory where the administration section will be installed. You should change this for security reasons.</span> </div> <?php } ?> <div class="form-group has-feedback">
public static function clearAll() { if (FileSystem::isWritable(static::$path)) { foreach (glob(static::$path . '*.cache') as $c) { unlink($c); } } }
} if (tep_not_null($date_scheduled)) { $date_scheduled = substr($date_scheduled, 0, 4) . substr($date_scheduled, 5, 2) . substr($date_scheduled, 8, 2); $OSCOM_Db->save('banners', ['status' => '0', 'date_scheduled' => $date_scheduled], ['banners_id' => (int) $banners_id]); } OSCOM::redirect(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page']); } else { $action = 'new'; } break; case 'deleteconfirm': $banners_id = HTML::sanitize($_GET['bID']); if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') { $Qbanner = $OSCOM_Db->get('banners', 'banners_image', ['banners_id' => (int) $banners_id]); if (tep_not_null($Qbanner->value('banners_image')) && is_file(OSCOM::getConfig('dir_root', 'Shop') . 'images/' . $Qbanner->value('banners_image'))) { if (FileSystem::isWritable(OSCOM::getConfig('dir_root', 'Shop') . 'images/' . $Qbanner->value('banners_image'))) { unlink(OSCOM::getConfig('dir_root', 'Shop') . 'images/' . $Qbanner->value('banners_image')); } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_image_is_not_writeable'), 'error'); } } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_image_does_not_exist'), 'error'); } } $OSCOM_Db->delete('banners', ['banners_id' => (int) $banners_id]); $OSCOM_Db->delete('banners_history', ['banners_id' => (int) $banners_id]); $OSCOM_MessageStack->add(OSCOM::getDef('success_banner_removed'), 'success'); OSCOM::redirect(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page']); break; case 'preview': $banners_id = HTML::sanitize($_GET['banner']);
break; case 'deleteconfirm': if (strstr($_GET['file'], '..')) { OSCOM::redirect(FILENAME_BACKUP); } if (unlink($backup_directory . '/' . $_GET['file'])) { $OSCOM_MessageStack->add(OSCOM::getDef('success_backup_deleted'), 'success'); OSCOM::redirect(FILENAME_BACKUP); } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir($backup_directory)) { if (FileSystem::isWritable($backup_directory)) { $dir_ok = true; } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_backup_directory_not_writeable'), 'error'); } } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_backup_directory_does_not_exist'), 'error'); } $show_listing = true; require $oscTemplate->getFile('template_top.php'); if (empty($action)) { ?> <div class="pull-right"> <?php echo HTML::button(OSCOM::getDef('image_backup'), 'fa fa-clone', OSCOM::link('backup.php', 'action=backup'), null, 'btn-info') . HTML::button(OSCOM::getDef('image_restore'), 'fa fa-repeat', OSCOM::link('backup.php', 'action=restorelocal'), null, 'btn-info');
public static function resetLog($version) { if (static::logExists($version) && FileSystem::isWritable(OSCOM::BASE_DIR . 'Work/OnlineUpdates/' . $version . '-log.txt')) { unlink(OSCOM::BASE_DIR . 'Work/OnlineUpdates/' . $version . '-log.txt'); } }
$dir_fs_document_root .= '\\'; } else { $dir_fs_document_root .= '/'; } } $http_url = parse_url($_POST['HTTP_WWW_ADDRESS']); $http_server = $http_url['scheme'] . '://' . $http_url['host']; $http_catalog = $http_url['path']; if (isset($http_url['port']) && !empty($http_url['port'])) { $http_server .= ':' . $http_url['port']; } if (substr($http_catalog, -1) != '/') { $http_catalog .= '/'; } $admin_folder = 'admin'; if (isset($_POST['CFG_ADMIN_DIRECTORY']) && !empty($_POST['CFG_ADMIN_DIRECTORY']) && FileSystem::isWritable($dir_fs_document_root) && FileSystem::isWritable($dir_fs_document_root . 'admin')) { $admin_folder = preg_replace('/[^a-zA-Z0-9]/', '', trim($_POST['CFG_ADMIN_DIRECTORY'])); if (empty($admin_folder)) { $admin_folder = 'admin'; } } if ($admin_folder != 'admin') { @rename($dir_fs_document_root . 'admin', $dir_fs_document_root . $admin_folder); } $dbServer = trim($_POST['DB_SERVER']); $dbUsername = trim($_POST['DB_SERVER_USERNAME']); $dbPassword = trim($_POST['DB_SERVER_PASSWORD']); $dbDatabase = trim($_POST['DB_DATABASE']); $dbTablePrefix = trim($_POST['DB_TABLE_PREFIX']); $timezone = trim($_POST['TIME_ZONE']); $file_contents = <<<ENDCFG
<?php use OSC\OM\FileSystem; use OSC\OM\OSCOM; $configfile_array = [OSCOM::BASE_DIR . 'Conf/global.php', OSCOM::BASE_DIR . 'Sites/Shop/site_conf.php', OSCOM::BASE_DIR . 'Sites/Admin/site_conf.php']; foreach ($configfile_array as $key => $f) { if (!is_file($f)) { continue; } elseif (!FileSystem::isWritable($f)) { // try to chmod and try again @chmod($f, 0777); if (!FileSystem::isWritable($f)) { continue; } } // file exists and is writable unset($configfile_array[$key]); } $warning_array = []; if (PHP_VERSION < 5.5) { $warning_array[] = 'The minimum required PHP version is v5.5 - please ask your host or server administrator to upgrade the PHP version to continue installation.'; } if (!extension_loaded('pdo') || !extension_loaded('pdo_mysql')) { $warning_array[] = 'The PDO MySQL driver extension (pdo_mysql) is not installed or enabled in PHP. Please enable it in the PHP configuration to continue installation.'; } if (!extension_loaded('curl')) { $warning_array[] = 'The cURL extension (curl) is not installed or enabled in PHP. Please enable it in the PHP configuration to continue installation.'; } $https_url = 'https://' . $_SERVER['HTTP_HOST']; if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) { $https_url .= $_SERVER['REQUEST_URI'];
function pass() { return !FileSystem::isWritable(OSCOM::getConfig('dir_root', 'Shop') . 'includes/configure.php'); }
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'reset': Cache::clear($_GET['block']); break; case 'resetAll': Cache::clearAll(); break; } OSCOM::redirect(FILENAME_CACHE); } // check if the cache directory exists if (is_dir(Cache::getPath())) { if (!FileSystem::isWritable(Cache::getPath())) { $OSCOM_MessageStack->add(OSCOM::getDef('error_cache_directory_not_writeable'), 'error'); } } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_cache_directory_does_not_exist'), 'error'); } $cache_files = []; foreach (glob(Cache::getPath() . '*.cache') as $c) { $key = basename($c, '.cache'); if (($pos = strpos($key, '-')) !== false) { $cache_files[substr($key, 0, $pos)][] = $key; } else { $cache_files[$key][] = $key; } } require $oscTemplate->getFile('template_top.php');
$file_source = null; if (substr($d, 0, 8) == 'catalog/') { $file_source = OSCOM::getConfig('dir_root', 'Shop') . substr($d, 8); } elseif (substr($d, 0, 6) == 'admin/') { $file_source = OSCOM::getConfig('dir_root') . substr($d, 6); } if (isset($file_source)) { if (file_exists($file_source)) { if (is_dir($file_source)) { foreach (FileSystem::getDirectoryContents($file_source) as $dr) { if (!FileSystem::isWritable($dr, true) || !FileSystem::isWritable(dirname($dr), true)) { $errors[] = FileSystem::displayPath($dr); } } } if (!FileSystem::isWritable($file_source, true) || !FileSystem::isWritable(dirname($file_source), true)) { $errors[] = FileSystem::displayPath($file_source); } } } } } if (!empty($errors)) { throw new \Exception('### ERROR ###' . "\n" . 'Could not write to the following files and directories - please check their file permissions:' . "\n\n" . implode("\n", $errors)); } OnlineUpdate::log('Starting the update process', $_POST['version']); $OU = null; if (is_file($work_dir . '/' . $_POST['version'] . '/Update.php')) { include $work_dir . '/' . $_POST['version'] . '/Update.php'; $OU = new OSC\OM\OnlineUpdate\Update(); if ($OU->version != $meta['version']) {
function check_destination() { $OSCOM_MessageStack = Registry::get('MessageStack'); if (!FileSystem::isWritable($this->destination)) { if (is_dir($this->destination)) { if ($this->message_location == 'direct') { $OSCOM_MessageStack->add(OSCOM::getDef('error_destination_not_writeable', ['destination' => $this->destination]), 'error'); } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_destination_not_writeable', ['destination' => $this->destination]), 'error'); } } else { if ($this->message_location == 'direct') { $OSCOM_MessageStack->add(OSCOM::getDef('error_destination_does_not_exist', ['destination' => $this->destination]), 'error'); } else { $OSCOM_MessageStack->add(OSCOM::getDef('error_destination_does_not_exist', ['destination' => $this->destination]), 'error'); } } return false; } else { return true; } }
if ($store_logo->save()) { $OSCOM_Db->save('configuration', ['configuration_value' => $store_logo->filename, 'last_modified' => 'now()'], ['configuration_key' => 'STORE_LOGO']); $OSCOM_MessageStack->add(OSCOM::getDef('success_logo_updated'), 'success'); } else { $error = true; } } else { $error = true; } if ($error == false) { OSCOM::redirect(FILENAME_STORE_LOGO); } break; } } if (!FileSystem::isWritable(OSCOM::getConfig('dir_root', 'Shop') . 'images/')) { $OSCOM_MessageStack->add(OSCOM::getDef('error_images_directory_not_writeable', ['sec_dir_permissions_link' => OSCOM::link(FILENAME_SEC_DIR_PERMISSIONS)]), 'error'); } require $oscTemplate->getFile('template_top.php'); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo OSCOM::getDef('heading_title'); ?> </td> </tr> </table></td>
protected function init() { global $PHP_SELF, $login_request, $cfgModules, $oscTemplate; $OSCOM_Cookies = new Cookies(); Registry::set('Cookies', $OSCOM_Cookies); try { $OSCOM_Db = Db::initialize(); Registry::set('Db', $OSCOM_Db); } catch (\Exception $e) { include OSCOM::getConfig('dir_root', 'Shop') . 'includes/error_documents/maintenance.php'; exit; } Registry::set('Hooks', new Hooks()); Registry::set('MessageStack', new MessageStack()); // set the application parameters $Qcfg = $OSCOM_Db->get('configuration', ['configuration_key as k', 'configuration_value as v']); //, null, null, null, 'configuration'); // TODO add cache when supported by admin while ($Qcfg->fetch()) { define($Qcfg->value('k'), $Qcfg->value('v')); } // Used in the "Backup Manager" to compress backups define('LOCAL_EXE_GZIP', 'gzip'); define('LOCAL_EXE_GUNZIP', 'gunzip'); define('LOCAL_EXE_ZIP', 'zip'); define('LOCAL_EXE_UNZIP', 'unzip'); // set php_self in the global scope $req = parse_url($_SERVER['SCRIPT_NAME']); $PHP_SELF = substr($req['path'], strlen(OSCOM::getConfig('http_path'))); $OSCOM_Session = Session::load(); Registry::set('Session', $OSCOM_Session); $OSCOM_Session->start(); $OSCOM_Language = new Language(); Registry::set('Language', $OSCOM_Language); // set the language if (!isset($_SESSION['language']) || isset($_GET['language'])) { if (isset($_GET['language']) && !empty($_GET['language']) && $OSCOM_Language->exists($_GET['language'])) { $OSCOM_Language->set($_GET['language']); } $_SESSION['language'] = $OSCOM_Language->get('code'); } // redirect to login page if administrator is not yet logged in if (!isset($_SESSION['admin'])) { $redirect = false; $current_page = $PHP_SELF; // if the first page request is to the login page, set the current page to the index page // so the redirection on a successful login is not made to the login page again if ($current_page == FILENAME_LOGIN && !isset($_SESSION['redirect_origin'])) { $current_page = FILENAME_DEFAULT; } if ($current_page != FILENAME_LOGIN) { if (!isset($_SESSION['redirect_origin'])) { $_SESSION['redirect_origin'] = ['page' => $current_page, 'get' => []]; } // try to automatically login with the HTTP Authentication values if it exists if (!isset($_SESSION['auth_ignore'])) { if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) { $_SESSION['redirect_origin']['auth_user'] = $_SERVER['PHP_AUTH_USER']; $_SESSION['redirect_origin']['auth_pw'] = $_SERVER['PHP_AUTH_PW']; } } $redirect = true; } if (!isset($login_request) || isset($_GET['login_request']) || isset($_POST['login_request']) || isset($_COOKIE['login_request']) || isset($_SESSION['login_request']) || isset($_FILES['login_request']) || isset($_SERVER['login_request'])) { $redirect = true; } if ($redirect == true) { OSCOM::redirect(FILENAME_LOGIN, isset($_SESSION['redirect_origin']['auth_user']) ? 'action=process' : ''); } } // include the language translations $OSCOM_Language->loadDefinitions('main'); // Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634) $system_locale_numeric = setlocale(LC_NUMERIC, 0); setlocale(LC_ALL, explode(';', OSCOM::getDef('system_locale'))); setlocale(LC_NUMERIC, $system_locale_numeric); $current_page = basename($PHP_SELF); if ($OSCOM_Language->definitionsExist(pathinfo($current_page, PATHINFO_FILENAME))) { $OSCOM_Language->loadDefinitions(pathinfo($current_page, PATHINFO_FILENAME)); } $oscTemplate = new \oscTemplate(); $cfgModules = new \cfg_modules(); if (!FileSystem::isWritable(ErrorHandler::getDirectory())) { Registry::get('MessageStack')->add('The log directory is not writable. Please allow the web server to write to: ' . FileSystem::displayPath(ErrorHandler::getDirectory())); } }