function plugin_brokenlink_action() { global $vars, $_brokenlink_msg; $retval = array('msg' => $_brokenlink_msg['msg_title'], 'body' => ''); if (empty($vars['page'])) { $retval['body'] = $_brokenlink_msg['msg_param_error']; return $retval; } // ユーザ認証されていない $id = Auth::check_auth(); if (empty($id)) { $retval['body'] = $_brokenlink_msg['msg_not_access']; return $retval; } if (!exist_plugin('xbel')) { $retval['body'] = $_brokenlink_msg['msg_not_found_xbel']; return $retval; } $links = xbel::get_link_list($vars['page']); $data = ''; foreach ($links as $href => $aname) { $rc = http_request($href, 'HEAD'); switch ($rc['rc']) { case 200: // Ok // Ok case 301: // Moved Permanently // Moved Permanently case 401: // Unauthorized continue; default: $data .= '-[[' . $aname . '>' . $href . ']] (' . $rc['rc'] . ")\n"; } } if ($data == '') { $data = $_brokenlink_msg['msg_all_ok']; } $retval['body'] = RendererFactorty::factory($data); return $retval; }
function htdigest_menu($msg = ' ') { global $realm, $js_tags, $js_blocks, $_htdigest_msg; $js_tags[] = array('type' => 'text/javascript', 'src' => JS_URI . 'plugin/crypt/md4.js'); $js_tags[] = array('type' => 'text/javascript', 'src' => JS_URI . 'plugin/crypt/md5.js'); $js_tags[] = array('type' => 'text/javascript', 'src' => JS_URI . 'plugin/crypt/sha1.js'); $js_tags[] = array('type' => 'text/javascript', 'src' => JS_URI . 'plugin/crypt/des.js'); $js_tags[] = array('type' => 'text/javascript', 'src' => JS_URI . 'plugin/crypt/base64.js'); // 使用する場合は、変更させることもコピーさせることも不要なので、抑止する $disabled = USE_APACHE_WRITE_FUNC ? 'disabled="disabled"' : ''; $func = 'save'; $role_level = Auth::get_role_level(); if ($role_level > 2) { $user_disabled = 'disabled="disabled"'; $user = Auth::check_auth(); $func = 'update'; $msg_pass = $_htdigest_msg['msg_pass_old']; } else { $user_disabled = $user = ''; $msg_pass = $role_level == 2 ? $_htdigest_msg['msg_pass_admin'] : ''; } $script = get_script_uri(); $j = <<<EOD \$('#set_hash').click(function(){ var a1,ctr,pref,hash,des_key; var fn = function(){ switch(objForm.algorithm.value) { case 'MD4': hash = hex_md4(a1); break; case 'SHA-1': hash = hex_sha1(a1); break; default: objForm.submit.disabled = false; hash = hex_md5(a1); } }; var objForm = eval("document.htdigest"); // objForm.submit.disabled = true; \$('form[name="htdigest"] input[type="submit"]').disabled(true); if (objForm.passwd.value == "" || objForm.key.value == "") { objForm.hash.value = ""; objForm.algorithm.value = ""; } else { ctr = objForm.scheme.length; for (i=0; i<ctr; i++) { if (objForm.scheme[i].checked) { objForm.algorithm.value = objForm.scheme[i].value; break; } } EOD; if ($role_level > 2) { // a1 $j .= "a1 = objForm.username.value+':'+objForm.realm.value+':'+objForm.key.value;\n"; } else { // adminpass $j .= "a1 = objForm.key.value;\n"; } $j .= <<<EOD fn(); des_key = hash; a1 = objForm.username.value+':'+objForm.realm.value+':'+objForm.passwd.value; fn(); objForm.hash.value = base64encode( des(des_key, hash, 1, 0) ); objForm.passwd.value = ""; } if (objForm.hash.value == "") { objForm.hash_view.value = ""; } else { objForm.hash_view.value = objForm.username.value+':'+objForm.realm.value+':'+hash; } }); EOD; $js_blocks[] = $j; $x = <<<EOD <fieldset> \t<legend>htdigest</legend> \t<p>{$msg}</p> \t<form name="htdigest" action="{$script}" method="post"> \t\t<input type="hidden" name="cmd" value="htdigest" /> \t\t<input type="hidden" name="func" value="{$func}" /> \t\t<input type="hidden" name="algorithm" /> \t\t<input type="hidden" name="hash" /> \t\t<table class="indented"> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['realm']}</th> \t\t\t\t<td><input type="text" name="realm" size="30" value="{$realm}" /></td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['UserName']}</th> \t\t\t\t<td><input type="text" name="username" size="10" value="{$user}" {$user_disabled} /></td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['Passwd']}</th> \t\t\t\t<td><input type="password" name="passwd" size="10" /> {$_htdigest_msg['msg_pass_new']}</td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['Crypt']}</th> \t\t\t\t<td><input type="password" name="key" size="10" /> {$msg_pass}</td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['Calculate']}</th> \t\t\t\t<td> \t\t\t\t\t<input type="radio" name="scheme" value="MD5" checked="checked" id="md5" /><label for="md5">MD5</label> \t\t\t\t\t<input type="radio" name="scheme" value="SHA-1" id="sha1" /><label for="sha1">SHA-1</label> \t\t\t\t\t<input type="radio" name="scheme" value="MD4" id="md4" /><label for="md4">MD4</label> \t\t\t\t\t \t\t\t\t\t<input type="button" id="set_hash" value="{$_htdigest_msg['CALC']}" /> \t\t\t\t</td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<th>{$_htdigest_msg['Result']}</th> \t\t\t\t<td><input type="text" name="hash_view" size="80" {$disabled} /></td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<td colspan="2"><input type="submit" class="btn btn-secondary" name="submit" value="{$_htdigest_msg['Update']}" disabled="disabled" /></td> \t\t\t</tr> \t\t</table> \t</form> </fieldset> EOD; return $x; }
/** * ログの表示指示項目の設定 * @static */ public function get_view_field() { $rc = self::set_fieldname($this->kind); // 認証済の判定 $user = Auth::check_auth(); $kind_view = empty($user) ? 'guest' : 'view'; $chk = array(); if (isset($this->config[$this->kind][$kind_view])) { if ($this->config[$this->kind][$kind_view] === 'all') { return $rc; } else { $tmp = explode(':', $this->config[$this->kind][$kind_view]); // 妥当性チェック foreach ($tmp as $_tmp) { $sw = 0; foreach ($rc as $_name) { if ($_name === $_tmp) { $sw = 1; break; } } if (!$sw) { continue; } $chk[] = $_tmp; } unset($tmp, $sw); } } return $chk; }
function basic_auth() { global $realm; if ($realm == '') { global $_msg_auth; $m_auth = $_msg_auth; } else { $m_auth = $realm; } unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); header('WWW-Authenticate: Basic realm="' . $m_auth . '"'); header('HTTP/1.0 401 Unauthorized'); return Auth::check_auth(); }
/** * アクションプラグイン処理 */ function plugin_logview_action() { global $vars, $_logview_msg, $_logview_logname; global $sortable_tracker, $_LANG, $vars; static $count = 0; $kind = isset($vars['kind']) ? $vars['kind'] : null; $title = $kind !== null ? sprintf($_logview_msg['msg_title'], $kind) : $_LANG['skin']['log']; // タイトルを設定 $page = isset($vars['page']) ? $vars['page'] : null; $ajax = isset($vars['ajax']) ? $vars['ajax'] : null; $is_role_adm = Auth::check_role('role_adm'); // 設定を読む $log = Utility::loadConfig('config-log.ini.php'); // ゲスト表示ができない場合は、認証を要求する if ($kind !== null && empty($log[$kind]['guest'])) { $obj = new Auth(); $user = $obj->check_auth(); if (empty($user)) { PluginRenderer::executePluginAction('login'); unset($obj); return array('msg' => $title, 'body' => '<p class="alert-warning">' . $_logview_msg['msg_not_auth'] . '</p>'); } } unset($obj); if (empty($page)) { return array('msg' => 'Page name is missing', 'body' => '<p class="alert-warning">Page name is missing.</p>'); } $wiki = Factory::Wiki($page); if (!$wiki->isReadable()) { return array('msg' => 'not readable', 'body' => '<p class="alert-warning">You have no permission to read this log.</p>'); } if ($kind === null) { if (!IS_MOBILE) { $body = '<div class="tabs" role="application">' . "\n"; $body .= '<ul role="tablist">'; $cnt = 0; foreach ($log as $key => $val) { $link_text = isset($_logview_logname[$key]) ? $_logview_logname[$key] : $key; if ($val['use'] === 1) { $body .= '<li role="tab"><a href="' . $wiki->uri('logview', array('kind' => $key)) . '">' . $link_text . '</a></li>'; } /* else { $body .= '<li><a href="'.get_cmd_uri('logview',$page,null,array('kind'=>$key)).'" data-ajax="raw" data-disabled="true">'.$link_text.'</a></li>'; } */ } $body .= '</ul></div>' . "\n"; if ($kind === null) { return array('msg' => $title, 'body' => $body); } $body .= '<div class="no-js" role="tabpanel">'; $nodata = $body . '<p>' . $_logview_msg['msg_nodata'] . '</p></div></div>'; } else { $body = '<div data-role="controlgroup" data-type="horizontal">' . "\n"; $cnt = 0; foreach ($log as $key => $val) { $link_text = isset($_LANG['skin']['log_' . $key]) ? $_LANG['skin']['log_' . $key] : $key; if ($val['use'] === 1) { $body .= '<a href="' . $wiki->uri('logview', array('kind' => $key)) . '" data-role="button">' . $link_text . '</a>'; } /* else { $body .= '<a href="'.get_cmd_uri('logview',$page,null,array('kind'=>$key)).'" data-ajax="raw" data-disabled="true">'.$link_text.'</a>'; } */ } $body .= '</div>' . "\n" . '<div class="ui-body ui-body-c"></div>'; if ($kind === null) { return array('msg' => $title, 'body' => $body); } } } else { $body = ''; } // 保存データの項目名を取得 $logfile = LogFactory::factory($kind, $page); $view = $logfile->get_view_field(); // 表示したい項目設定 $count++; $body[] = '<div class="table_wrapper">'; $body[] = '<table class="table table-bordered table_logview" data-pagenate="true">'; $body[] = '<thead>'; $body[] = '<tr>'; $cols = 0; // タイトルの処理 foreach ($view as $_view) { if ($_view === 'local_id' && $is_role_adm) { continue; } $body[] = '<th>' . $_logview_msg[$_view] . '</th>'; $cols++; } $body[] = '</tr>'; $body[] = '</thead>'; $body[] = '<tbody>'; $nodata = '<p class="alert alert-warning">' . $_logview_msg['msg_nodata'] . '</p>'; // USER-AGENT クラス $obj_ua = new UserAgent(USE_UA_OPTION); $guess = $log['guess_user']['use'] ? LogFactory::factory('guess_user')->get() : LogFactory::factory('update', $page)->getSigunature(); $ctr = 0; // データの編集 $lines = $logfile->get(); if (!$lines) { return array('msg' => $title, 'body' => $nodata); } foreach ($lines as $data) { if (!VIEW_ROBOTS && $obj_ua->is_robots($data['ua'])) { continue; } // ロボットは対象外 $body[] = '<tr>'; foreach ($view as $field) { switch ($field) { case 'ts': // タイムスタンプ (UTIME) $body[] = '<td>' . get_date('Y-m-d H:i:s', $data['ts']) . ' ' . get_passage($data['ts']) . '</td>'; break; case '@guess_diff': case '@diff': // 差分内容 $update = $field == '@diff' ? true : false; // FIXME: バックアップ/差分 なしの新規の場合 // バックアップデータの確定 $body[] = '<td class="style_td">'; $age = $logfile->get_backup_age($data['ts'], $update); switch ($age) { case -1: // データなし $body[] = '<a href="' . $wiki->uri() . '" rel="nofollow">none</a>'; break; case 0: // diff $body[] = '<a href="' . ($logfile->diff_exist() ? $wiki->uri('diff') : $wiki->uri()) . '" rel="nofollow">now</a>'; break; default: // あり $body[] = '<a class="ext" href="' . $wiki->uri('backup', null, array('age' => $age, 'action' => 'visualdiff')) . '" rel="nofollow">' . $age . '</a>'; break; } $body[] = '</td>'; break; case 'host': // ホスト名 (FQDN) $body[] = ' <td>'; if ($data['ip'] != $data['host']) { // 国名取得 list($flag_icon, $flag_name) = $obj_ua->get_icon_flag($data['host']); if (!empty($flag_icon) && $flag_icon != 'jp') { $body[] = '<span class="flag flag-' . $flag_icon . '" title="' . $flag_name . '" ></span>'; } // ドメイン取得 $domain = $obj_ua->get_icon_domain($data['host']); if (!empty($domain)) { // $body .= '<img src="'.$path_domain.$domain.'.png"'. // ' alt="'.$data['host'].'" title="'.$data['host'].'" />'; $body[] = '<span class="flag flag-' . $domain . '" title="' . $data['host'] . '" ></span>'; } } if ($data['ip'] !== '::1') { $body[] = '<a href="http://robtex.com/ip/' . $data['ip'] . '.html" rel="external nofollow">' . $data['host'] . '</a></td>'; } else { $body[] = $data['host'] . '</td>'; } break; case '@guess': // 推測 $body[] = '<td>' . Utility::htmlsc(logview_guess_user($data, $guess), ENT_QUOTES) . '</td>'; break; case 'ua': // ブラウザ情報 (USER-AGENT) $body[] = ' <td>'; $os = $obj_ua->get_icon_os($data['ua']); if (!empty($os)) { $body[] = '<span class="os os-' . $os . '" title="' . $os . '"></span>'; } $browser = $obj_ua->get_icon_broeswes($data['ua']); if (!empty($browser)) { $body[] = '<span class="browser browser-' . $browser . '" title="' . Utility::htmlsc($data['ua'], ENT_QUOTES) . '"></span>'; } $body[] = '</td>'; break; case 'local_id': if ($is_role_adm) { continue; } default: $body[] = '<td>' . Utility::htmlsc($data[$field], ENT_QUOTES) . '</td>'; } } $body[] = '</tr>'; $ctr++; } unset($obj_ua); if ($ctr == 0) { return array('msg' => $title, 'body' => $nodata); } $body[] = '</tbody>'; $body[] = '</table>'; $body[] = '</div>'; switch ($kind) { case 'login': case 'check': $body .= logview_user_list($fld, $page, $kind); break; } if ($ajax !== 'raw') { $body[] = '</div>'; $body[] = '</div>'; } else { echo join("\n", $body); exit; } return array('msg' => $title, 'body' => join("\n", $body)); }