function ewiki_announcements($id, $data, $action) { global $ewiki_plugins, $ewiki_config; if (!isset($GLOBALS['ewiki_auth_user'])) { return; } $notifyDates = ewiki_get_uservar("NotifyDates", FALSE); if (!$notifyDates) { $notifyDates = $ewiki_config["DefaultNotify"]; } else { $notifyDates = unserialize($notifyDates); } foreach ($notifyDates as $pageName => $date) { $data = ewiki_db::GET($pageName); if (EWIKI_PROTECTED_MODE && EWIKI_PROTECTED_MODE_HIDING && !ewiki_auth($pageName, $data, "view")) { continue; } if ($data['lastmodified'] > $date) { $dispDate = $data['lastmodified']; $dispPage = $pageName; break; } } if (!isset($dispPage)) { return; } $notifyDates[$dispPage] = $dispDate; ewiki_set_uservar("NotifyDates", serialize($notifyDates)); $o = ewiki_page('view/' . $dispPage); //page_final plugins have been run, unset them unset($ewiki_plugins["page_final"]); return $o; }
function ewiki_page_wiki_dump_send($imgs = 1, $fullhtml = 0, $virtual = 0, $rootid, $depth = 1, $arctype = EWIKI_WIKIDUMP_DEFAULTTYPE, $complevel = 1) { global $ewiki_config, $ewiki_plugins; #-- disable protected email foreach ($ewiki_plugins["link_url"] as $key => $linkplugin) { if ($linkplugin == "ewiki_email_protect_link") { unset($ewiki_plugins["link_url"][$key]); } } #-- set uservars $a_uservars = ewiki_get_uservar("WikiDump", array()); if (!is_array($a_uservars)) { $a_uservars = unserialize($a_uservars); } $a_uservars[$rootid] = $depth; ewiki_set_uservar("WikiDump", $a_uservars); #-- if $fullhtml $HTML_TEMPLATE = '<html> <head>' . ewiki_t("EWIKIDUMPCSS") . ' <title>$title</title> </head> <body bgcolor="#ffffff";> <div id="PageText"> <h2>$title</h2> $content </div> </body> </html> '; #-- reconfigure ewiki_format() to generate offline pages and files $html_ext = ".htm"; if ($fullhtml) { $html_ext = ".html"; } $ewiki_config["script"] = "%s{$html_ext}"; $ewiki_config["script_binary"] = "%s"; #-- fetch also dynamic pages $a_virtual = array_keys($ewiki_plugins["page"]); #-- get all pages / binary files $a_validpages = ewiki_valid_pages(1, $virtual); $a_pagelist = ewiki_sitemap_create($rootid, $a_validpages, $depth, 1); foreach ($a_pagelist as $key => $value) { if (is_array($a_validpages[$value]["refs"])) { foreach ($a_validpages[$value]["refs"] as $refs) { if ($a_validpages[$refs]["type"] == "image") { $a_pagelist[] = $refs; } } } } foreach ($a_pagelist as $key => $value) { if ($a_validpages[$value]["type"] == "image") { $a_images[] = urlencode($value); $a_rimages[] = urlencode(preg_replace(EWIKI_DUMP_FILENAME_REGEX, "", $value)); unset($a_validpages[$value]); } } $a_sitemap = ewiki_sitemap_create($rootid, $a_validpages, $depth, 0); if ($a_pagelist) { #-- create new zip file if ($arctype == "ZIP") { $archivename = EWIKI_WIKIDUMP_ARCNAME . "{$rootid}.zip"; $archive = new ewiki_virtual_zip(); } elseif ($arctype == "TAR") { $archivename = EWIKI_WIKIDUMP_ARCNAME . "{$rootid}.tar"; $archive = new ewiki_virtual_tarball(); } else { die; } $a_pagelist = array_unique($a_pagelist); #-- convert all pages foreach ($a_pagelist as $pagename) { if (!in_array($pagename, $a_virtual)) { $id = $pagename; #-- not a virtual page $row = ewiki_db::GET($pagename); $content = ""; } elseif ($virtual) { $id = $pagename; #-- is a virtual page $pf = $ewiki_plugins["page"][$id]; $content = $pf($id, $content, "view"); if ($fullhtml) { $content = str_replace('$content', $content, str_replace('$title', $id, $HTML_TEMPLATE)); } $fn = urlencode($id); $fn = preg_replace(EWIKI_DUMP_FILENAME_REGEX, "", $fn); $fn = $fn . $html_ext; } else { continue; } if (empty($content)) { switch ($row["flags"] & EWIKI_DB_F_TYPE) { case EWIKI_DB_F_TEXT: $content = ewiki_format($row["content"]); $content = str_replace($a_images, $a_rimages, $content); $fn = preg_replace(EWIKI_DUMP_FILENAME_REGEX, "", urlencode($id)); $fn = $fn . $html_ext; if ($fullhtml) { $content = str_replace('$content', $content, str_replace('$title', $id, $HTML_TEMPLATE)); } break; case EWIKI_DB_F_BINARY: if ($row["meta"]["class"] == "image" && $imgs) { $fn = urlencode(preg_replace(EWIKI_DUMP_FILENAME_REGEX, "", $id)); $content =& $row["content"]; } else { #-- php considers switch statements as loops so continue 2 is needed to #-- hit the end of the for loop continue 2; } break; default: # don't want it continue 2; } } $content = preg_replace_callback('/(<a href=")(.*?)(\\.html">)/', create_function('$matches', 'return($matches[1].preg_replace(EWIKI_DUMP_FILENAME_REGEX,"",$matches[2]).$matches[3]);'), $content); #-- add file $archive->add($content, $fn, array("mtime" => $row["lastmodified"], "uname" => "ewiki", "mode" => 0664 | ($row["flags"] & EWIKI_DB_F_WRITEABLE ? 02 : 00)), $complevel); } #-- create index page $timer = array(); $level = -1; $fordump = 1; $str_formatted = "<ul>\n<li><a href=\"" . $rootid . $html_ext . "\">" . $rootid . "</a></li>"; $fin_level = format_sitemap($a_sitemap, $rootid, $str_formatted, $level, $timer, $fordump); $str_formatted .= "</ul>" . str_pad("", $fin_level * 6, "</ul>\n"); $str_formatted = preg_replace_callback('/(<a href=")(.*?)(\\.html">)/', create_function('$matches', 'return($matches[1].preg_replace(EWIKI_DUMP_FILENAME_REGEX,"",$matches[2]).$matches[3]);'), $str_formatted); #-- add index page $archive->add($str_formatted, "Index_{$rootid}" . $html_ext, array("mtime" => $row["lastmodified"], "uname" => "ewiki", "mode" => 0664 | ($row["flags"] & EWIKI_DB_F_WRITEABLE ? 02 : 00)), $complevel); #-- Headers Header("Content-type: application/octet-stream"); Header("Content-disposition: attachment; filename=\"{$archivename}\""); Header("Cache-control: private"); Header("Original-Filename: {$archivename}"); Header("X-Content-Type: application/octet-stream"); Header("Content-Location: {$archivename}"); #-- end output echo $archive->close(); } #-- fin die; }
/** * simple admin gui for adding user accounts. * * @param string id * @param mixed data * @param string action * @return string page output response */ function ewiki_page_liveuser_admin_add_users($id, $data, $action) { global $liveuserAuthAdmin, $liveuserPermAdmin; ob_start(); echo ewiki_make_title($id, $id, 2); // add a user if (isset($_POST['submit_addusers'])) { if (empty($_POST['text_E-Mail_Address']) || empty($_POST['group_list'])) { echo '<p>Invalid form input was provided. Please ensure that the email and group fields are set and not empty.</p>'; $o = ob_get_contents(); ob_end_clean(); return $o; } if (strlen($_POST['text_E-Mail_Address']) > 255) { echo '<p>The email field input is too long. Please ensure that it is 255 characters or less.</p>'; $o = ob_get_contents(); ob_end_clean(); return $o; } if (!empty($_POST['username_text'])) { $username = $_POST['username_text']; } else { $username = $_POST['text_E-Mail_Address']; } // ensure user does not already exist if (($auth_id = liveuser_checkEntity('user', $username)) === false) { $pwd = liveuser_generate_password(); if (($auth_id = liveuser_addEntity('user', array($username, $pwd))) !== false) { echo '<p>User ' . $username . ' was inserted into the database.<br />The following password has been set for this user: '******'</p>'; //set preferences on successful creation foreach ($_POST as $post_key => $post_value) { if (strstr($post_key, "text_")) { //only work on fields with the text_ prefix $varname = substr($post_key, 5); //remove the text_ prefix if (!ewiki_set_uservar($varname, $post_value, $username)) { //set appropriate data echo '<p>An error occurred while setting the additional preferences for the user.</p>'; } } } if (is_numeric($group_id = liveuser_checkEntity('group', $_POST['group_list'])) && $liveuserPermAdmin->addUserToGroup($auth_id, $group_id) === true) { echo '<p>User ' . $username . ' was added into the group: ' . $_POST['group_list'] . '</p>'; } else { echo '<p>An error occurred while adding the user to the group: ' . $_POST['group_list'] . '</p>'; } } else { echo '<p>An error occurred while creating the user.</p>'; } } else { echo '<p>User ' . $username . ' already exists and will not be created or modified.</p>'; } } // show form ?> <form method="post" action=""> <h3>Add a User</h3> <table> <tr><td><label for="email_text">E-Mail Address</label></td> <td><input name="text_E-Mail Address" type="text" maxlength="255" /><br /></td></tr> <tr><td><label for="username">User Name (if different from E-mail Address)</td> <td><input id="username_text" name="username_text" type="text" /></td></tr> <tr><td><label for="group_list">Group</label></td> <td><select id="group_list" name="group_list"> <?php foreach ($liveuserPermAdmin->getGroups() as $group) { echo '<option value="' . $group['name'] . '">' . $group['name'] . '</option>'; } ?> </select></tr></td> <tr><td><label for="firstname_text">First Name</label></td> <td><input name="text_First Name" type="text" /></td></tr> <tr><td><label for="middlename_text">Middle Name</label></td> <td><input name="text_Middle Name" type="text" /></td></tr> <tr><td><label for="lastname_text">Last Name</label></td> <td><input name="text_Last Name" type="text" /></td></tr> <tr><td><label for="title_text">Title</label></td> <td><input name="text_Title" type="text" /></td></tr> <tr><td><label for="comp_text">Company</label></td> <td><input name="text_Company" type="text" /></td></tr> <tr><td><label for="phone_text">Phone</label></td> <td><input name="text_Phone Number" type="text" /></td></tr> <tr><td><label for="addr_text">Address</label></td> <td><input name="text_Address" type="text" /></td></tr> <tr><td><label for="city_text">City</label></td> <td><input name="text_City" type="text" /></td></tr> <tr><td><label for="state_text">State</label></td> <td><input name="text_State" type="text" /></td></tr> <tr><td><label for="zipcode_text">Zip Code</label></td> <td><input name="text_Zip Code" type="text" /></td></tr> <tr><td><label for="country_text">Country</label></td> <td><input name="text_Country" type="text" /></td></tr> </table> <input type="submit" name="submit_addusers" /> </form> <?php $o = ob_get_contents(); ob_end_clean(); return $o; }
/** * admin gui for modifying user accounts. * * @param string id * @param mixed data * @param string action * @return string page output response */ function ewiki_page_liveuser_admin_users($id, $data, $action) { global $liveuserAuthAdmin, $liveuserPermAdmin, $ewiki_plugins; ob_start(); echo ewiki_make_title($id, $id, 2); // handle posted deletes or updates if (isset($_POST['submit_deleteusers']) || isset($_POST['submit_changeusers']) || isset($_POST['submit_adduserstogroup']) || isset($_POST['submit_removeusersfromgroup']) || isset($_POST['submit_changegroups'])) { foreach ($_POST as $key => $value) { list($prefix, $id) = explode('_', $key, 2); //get password status of current $id $username = $_POST['origname_' . $id]; $pwdstatus = ewiki_get_uservar("passwdstatus", NULL, $username); // Remove a user if ($prefix == 'chk' && is_numeric($id) && $value == 'on' && isset($_POST['submit_deleteusers'])) { if (liveuser_removeEntity('user_id', $id)) { echo '<p>User ' . $id . ' was successfully removed.</p>'; } else { echo '<p>Removal of user ' . $id . ' failed.</p>'; } } // Add a user to a group if ($prefix == 'chk' && is_numeric($id) && $value == 'on' && isset($_POST['submit_adduserstogroup'])) { if (($group_id = liveuser_checkEntity('group', $_POST['grouplist'])) !== false) { if (liveuser_checkGroupUser($group_id, $id) === false) { if ($liveuserPermAdmin->addUserToGroup($id, $group_id)) { echo '<p>User ' . $id . ' was successfully added to group ' . $_POST['grouplist'] . '.</p>'; } else { echo '<p>Addition of user ' . $id . ' to group ' . $_POST['grouplist'] . ' failed.</p>'; } } else { echo '<p>User ' . $id . ' is already a member of group ' . $_POST['grouplist'] . '.</p>'; } } else { echo '<p>Group ' . $_POST['grouplist'] . ' does not exist.</p>'; } } // Remove a user from a group if ($prefix == 'chk' && is_numeric($id) && $value == 'on' && isset($_POST['submit_removeusersfromgroup'])) { if (($group_id = liveuser_checkEntity('group', $_POST['grouplist'])) !== false) { if ($liveuserPermAdmin->removeUserFromGroup($id, liveuser_checkEntity('group', $_POST['grouplist']))) { echo '<p>User ' . $id . ' was successfully removed from group ' . $_POST['grouplist'] . '.</p>'; } else { echo '<p>Removal of user ' . $id . ' from group ' . $_POST['grouplist'] . ' failed.</p>'; } } else { echo '<p>Group ' . $_POST['grouplist'] . ' does not exist.</p>'; } } // Change the user name if ($prefix == 'chname' && is_numeric($id) && !empty($value) && $_POST['origname_' . $id] != $value && isset($_POST['submit_changeusers'])) { $event_log = ''; if (liveuser_checkEntity('user', $value) === false) { if ($liveuserAuthAdmin->updateUser($id, $value)) { $event_log .= '<p>User ' . $value . ' was successfully updated.</p>'; if (isset($ewiki_plugins['uservars_store'][0])) { if ($ewiki_plugins['uservars_store'][0]($ewiki_plugins['uservars_retrieve'][0]($_POST['origname_' . $id]), $value)) { $event_log .= '<p>User data copied to ' . $value; if ($ewiki_plugins['uservars_store'][0](array(), $_POST['origname_' . $id])) { $event_log .= ' and deleted from ' . $_POST['origname_' . $id]; } else { $event_log .= ' but not deleted from ' . $_POST['origname_' . $id]; } $event_log .= '.</p>'; } else { $event_log .= '<p>User data copy failed.</p>'; } } } else { $event_log .= '<p>Update of user ' . $value . ' failed.</p>'; } } else { $event_log .= '<p>Another user with the name ' . $value . ' already exists in the database. No change has been made.</p>'; } echo $event_log; ewiki_log("Attempted to rename " . $_POST['origname_' . $id] . " to {$value}." . $event_log, 1); } // Change user variable if ($prefix == 'chuvar' && is_numeric($id) && !empty($value) && $_POST['origchuvar_' . $id] != $value && isset($_POST['submit_changeusers'])) { if (ewiki_set_uservar($_POST['uvar_fieldname'], $value, $username)) { echo "<p>UserVar " . $_POST['uvar_fieldname'] . " successfully updated for {$username}</p>"; } else { echo "<p>Update of UserVar " . $_POST['uvar_fieldname'] . " for {$username} failed.</p>"; } } if ($prefix == "radpw" && is_numeric($id) && !empty($value) && isset($_POST['submit_changeusers'])) { if ($value == "expire" && ($pwdstatus == 'good' || is_null($pwdstatus))) { ewiki_set_uservar("passwdexpiredate", time(), $username); ewiki_set_uservar("passwdstatus", 'expired', $username); } elseif ($value == "good" && ($pwdstatus == 'expired' || is_null($pwdstatus))) { ewiki_set_uservar("passwdexpiredate", time() + 60 * 60 * 24 * EWIKI_PASSWD_LIFETIME, $username); ewiki_set_uservar("passwdstatus", 'good', $username); } } if ($prefix == 'chkrandpw' && is_numeric($id) && !empty($value) && isset($_POST['submit_changeusers'])) { $password = liveuser_generate_password(); if ($liveuserAuthAdmin->updateUser($id, $_POST['chname_' . $id], $password)) { ewiki_set_uservar("passwdexpiredate", time() - 60 * 60 * 24 * EWIKI_PASSWD_LIFETIME, $username); ewiki_set_uservar("passwdstatus", 'expired', $username); echo '<p>Password for user ' . $_POST['chname_' . $id] . " was successfully updated to \"{$password}\" and set to expire in " . EWIKI_PASSWD_LIFETIME . "days.</p>"; } else { echo '<p>Update of password for user ' . $_POST['chname_' . $id] . ' failed.</p>'; } } // Change the user's password if ($prefix == 'chpw' && is_numeric($id) && !empty($value) && isset($_POST['submit_changeusers'])) { // check for cracklib functions and validate against them if possible liveuser_admin_users_cracklib_check($_POST['chname_' . $id], $value); if ($liveuserAuthAdmin->updateUser($id, $_POST['chname_' . $id], $value)) { ewiki_set_uservar("passwdexpiredate", time() - 60 * 60 * 24 * EWIKI_PASSWD_LIFETIME, $username); ewiki_set_uservar("passwdstatus", 'expired', $username); echo '<p>Password for user ' . $_POST['chname_' . $id] . ' was successfully updated and set to expire in ' . EWIKI_PASSWD_LIFETIME . 'days.</p>'; } else { echo '<p>Update of password for user ' . $_POST['chname_' . $id] . ' failed.</p>'; } } // Remove a group if ($prefix == 'chkgroup' && is_numeric($id) && $value == 'on' && isset($_POST['submit_changegroups'])) { if (liveuser_removeEntity('group_id', $id)) { echo '<p>Group ' . $id . ' was successfully deleted.</p>'; } else { echo '<p>Deletion of group ' . $id . ' failed.</p>'; } } // Change group name if ($prefix == 'chgroupname' && is_numeric($id) && !empty($value) && $_POST['origgroupname_' . $id] != $value && isset($_POST['submit_changegroups'])) { if ($liveuserPermAdmin->updateGroup($id, $value)) { echo '<p>Group ' . $value . ' was successfully updated.</p>'; } else { echo 'Update of group ' . $value . ' failed.</p>'; } } } } // Add a user if (!empty($_POST['username_text']) && !empty($_POST['pw_text']) && isset($_POST['submit_adduser'])) { if (liveuser_checkEntity('user', $_POST['username_text']) === false) { // check for cracklib functions and validate against them if possible liveuser_admin_users_cracklib_check($_POST['chname_' . $id], $value); if (liveuser_addEntity('user', array($_POST['username_text'], $_POST['pw_text'])) !== false) { echo '<p>User ' . $_POST['username_text'] . ' was successfully created.</p>'; } else { echo '<p>Creation of user ' . $_POST['username_text'] . ' failed.</p>'; } } else { echo '<p>User ' . $_POST['username_text'] . ' already exists.</p>'; } } // Add a lot of users and add them into groups if (!empty($_POST['usernames_text']) && isset($_POST['submit_addusers'])) { $newusers = explode("\n", $_POST['usernames_text']); foreach ($newusers as $newuser) { $newuser = trim($newuser); if (($auth_id = liveuser_checkEntity('user', $newuser)) === false) { if ($_POST["pwgen_addusers"] == "on") { $password = liveuser_generate_password(); } else { $password = $newuser; } if (($auth_id = liveuser_addEntity('user', array($newuser, $password))) !== false) { echo "<p>User {$newuser} was successfully created with password {$password}.</p>"; } else { echo '<p>Creation of user ' . $newuser . ' failed.</p>'; } } else { echo '<p>User ' . $newuser . ' already exists.</p>'; } if ($auth_id !== false && !empty($_POST['usernames_grouplist'])) { if (($group_id = liveuser_checkEntity('group', $_POST['usernames_grouplist'])) !== false) { if (liveuser_checkGroupUser($group_id, $auth_id) === false) { if ($liveuserPermAdmin->addUserToGroup($auth_id, $group_id)) { echo '<p>User ' . $newuser . ' was successfully added to group ' . $_POST['usernames_grouplist'] . '.</p>'; } else { echo '<p>Addition of user ' . $newuser . ' to group ' . $_POST['usernames_grouplist'] . ' failed.</p>'; } } else { echo '<p>User ' . $newuser . ' is already a member of group ' . $_POST['usernames_grouplist'] . '.</p>'; } } else { echo '<p>Group ' . $_POST['usernames_grouplist'] . ' does not exist.</p>'; } } } } // Add a group if (!empty($_POST['groupname_text']) && isset($_POST['submit_addgroup'])) { $group_id = liveuser_checkEntity('group', $_POST['groupname_text']); if ($group_id === false) { $group_const = 'LU_G_' . strtoupper($_POST['groupname_text']); $group_id = liveuser_addEntity('group', array($group_const, $_POST['groupname_text'], null, true)); if ($group_id !== false) { echo '<p>Group ' . $_POST['groupname_text'] . ' was successfully created.</p>'; } else { echo '<p>Creation of group ' . $_POST['groupname_text'] . ' failed.</p>'; } } else { echo '<p>Group ' . $_POST['groupname_text'] . ' already exists.</p>'; } if (isset($_POST['addright']) && $group_id !== false) { $right_id = liveuser_checkEntity('right', $_POST['groupname_text']); if ($right_id === false) { $right_const = 'LU_R_' . strtoupper($_POST['groupname_text']); $right_id = liveuser_addEntity('right', array(LU_AREA_LIVEWEB, $right_const, $_POST['groupname_text'])); if ($right_id !== false) { echo '<p>Right ' . $_POST['groupname_text'] . ' was successfully created.</p>'; } else { echo '<p>Creation of right ' . $_POST['groupname_text'] . ' failed.</p>'; } } else { echo '<p>Right ' . $_POST['groupname_text'] . ' already exists.</p>'; } if ($right_id !== false) { // check if group already has the right if (liveuser_checkGroupRight($group_id, $right_id)) { echo 'Group ' . $_POST['groupname_text'] . ' already has right ' . $_POST['groupname_text'] . '.</p>'; } else { // attempt to assign right to group if ($liveuserPermAdmin->grantGroupRight($group_id, $right_id, 1) === true) { echo '<p>Right ' . $_POST['groupname_text'] . ' has been assigned to group ' . $_POST['groupname_text'] . '.</p>'; } else { echo '<p>Assignment of right ' . $_POST['groupname_text'] . ' to group ' . $_POST['groupname_text'] . ' failed.</p>'; } } } } } // Show current table listing of pages and permissions $users = $liveuserAuthAdmin->getUsers(); $groups = $liveuserPermAdmin->getGroups(); //uservars based controls if (isset($ewiki_plugins['uservars_search'][0])) { if (isset($_REQUEST['search_fieldname'])) { //set fieldname variable $fieldname = $_REQUEST['search_fieldname']; } if (strlen($_REQUEST['search_fieldvalue'])) { //set fieldvalue variable $fieldvalue = $_REQUEST['search_fieldvalue']; } if (!empty($fieldname)) { $userdata = ewiki_search_uservar($fieldname, $fieldvalue); //get data for the given fieldname/fieldvalue combination //Remove non-matching users foreach ($users as $key => $user) { if (!isset($userdata[$user['handle']])) { unset($users[$key]); } } } //Display search form ?> <form method="post" action=""> <table> <tr><td>Field Name</td><td> <input type="text" name="search_fieldname" value="<?php echo $fieldname; ?> "> </td></tr> <tr><td>Value</td><td> <input type="text" name="search_fieldvalue" value="<?php echo $fieldvalue; ?> "> </td></tr> </table> <input value="Search" type="submit" name="submit_searchaccount" /> </form> <?php } if (is_array($users) && !empty($users)) { ?> <form method="post" action=""> <h3>Edit Users</h3> <input type="hidden" name="uvar_fieldname" value="<?php echo $fieldname; ?> "> <table border="1"> <tr><th>Select</th><th>User ID</th><th>User Name<br />Password [Random]</th><th>Password Status</th><th>Groups</th> <?php if (!empty($fieldname)) { ?> <th><?php echo $fieldname; ?> <input type="hidden" name="search_fieldname" value="<?php echo $fieldname; ?> "> <input type="hidden" name="search_fieldvalue" value="<?php echo $fieldvalue; ?> "> </th> <?php } echo '</tr>'; foreach ($users as $user) { ?> <tr> <td><input name="chk_<?php echo $user['auth_user_id']; ?> " type="checkbox" /></td> <td><?php echo $user['auth_user_id']; ?> </td> <td> <input id="chname_<?php echo $user['auth_user_id']; ?> " name="chname_<?php echo $user['auth_user_id']; ?> " type="text" value="<?php echo $user['handle']; ?> " /> <input name="origname_<?php echo $user['auth_user_id']; ?> " type="hidden" value="<?php echo $user['handle']; ?> "><br /> <input id="chpw_<?php echo $user['auth_user_id']; ?> " name="chpw_<?php echo $user['auth_user_id']; ?> " type="text" value="" /> <input name="chkrandpw_<?php echo $user['auth_user_id']; ?> " type="checkbox" /> <?php echo $liveuserAuthAdmin->encryptPW($user['handle']) == $user['passwd'] ? '<div class="warning">Password == User Name</div>' : ''; ?> </td> <td> <?php $good = '<input type="radio" name="radpw_' . $user["auth_user_id"] . '" value="good" CHECKED >Good<br />' . '<input type="radio" name="radpw_' . $user["auth_user_id"] . '" value="expire">Expired<br />'; $expired = '<input type="radio" name="radpw_' . $user["auth_user_id"] . '" value="good">Good<br />' . '<input type="radio" name="radpw_' . $user["auth_user_id"] . '" value="expire" CHECKED >Expired<br />'; echo ewiki_get_uservar("passwdstatus", 'good', $user['handle']) == 'good' ? $good : $expired; echo intval((ewiki_get_uservar("passwdexpiredate", time(), $user['handle']) - time()) / (60 * 60 * 24)) . " Days<br />"; ?> </td> <td> <?php foreach ($liveuserPermAdmin->getGroups(array('where_user_id' => $user['auth_user_id'])) as $group) { echo $group['name'] . '<br />'; } ?> </td> <?php if (isset($userdata[$user['handle']])) { echo '<input id="origchuvar_' . $user['auth_user_id'] . '" name="origchuvar_' . $user['auth_user_id'] . '" type="hidden" value="' . $userdata[$user['handle']] . '">'; echo '<td> <input id="chuvar_' . $user['auth_user_id'] . '" name="chuvar_' . $user['auth_user_id'] . '" type="text" value="' . $userdata[$user['handle']] . '" /></td>'; } echo "</tr>"; } ?> </table> <input type="reset" value="Reset" /> <input type="submit" name="submit_deleteusers" value="Delete Selected" /> <input type="submit" name="submit_changeusers" value="Submit Changes" /> <?php if (is_array($groups) && !empty($groups)) { ?> <br /><br /><label for="grouplist">Group</label> <select id="grouplist" name="grouplist"> <?php foreach ($groups as $group) { echo '<option value="' . $group['name'] . '">' . $group['name'] . '</option>'; } ?> </select><br /> <input type="submit" name="submit_adduserstogroup" value="Add Selected" /> <input type="submit" name="submit_removeusersfromgroup" value="Remove Selected" /> <?php } echo '</form>'; } else { ?> <h3>Edit Users</h3> <p>No users were found in the database.</p> <?php } // Show Add a new user section ?> <form method="post" action=""> <h3>Add a User</h3> <label for="username_text">User Name</label> <input id="username_text" name="username_text" type="text" /><br /> <label for="pw_text">Password</label> <input id="pw_text" name="pw_text" type="text" /><br /> <input type="submit" name="submit_adduser" value="Add User" /> </form> <?php // Show Add multiple users section ?> <form method="post" action=""> <h3>Add Multiple Users</h3> <p>Insert one user name per line. This input will be processed as a batch, and each user will be created with a password identical to his user name or a randomly generated password if the "Generate Passwords" box is checked.</p> <textarea id="usernames_text" name="usernames_text" rows="10" cols="25"></textarea> <?php if (is_array($groups) && !empty($groups)) { ?> <label for="usernames_grouplist">Groups</label> <select id="usernames_grouplist" name="usernames_grouplist" /> <option value=""></option> <?php foreach ($groups as $group) { echo '<option value="' . $group['name'] . '">' . $group['name'] . '</option>'; } ?> </select> <?php } ?> <p><input type="checkbox" name="pwgen_addusers" checked="checked"> Generate random passwords.</p> <input type="submit" name="submit_addusers" value="Add Users" /> </form> <?php // Groups Section if (is_array($groups) && !empty($groups)) { ?> <form method="post" action=""> <h3>Edit Groups</h3> <table border="1"> <tr><th>Delete</th><th>Group ID</th><th>Group Name</th></tr> <?php foreach ($groups as $group) { ?> <tr> <td><input name="chkgroup_<?php echo $group['group_id']; ?> " type="checkbox" /></td> <td><?php echo $group['group_id']; ?> </td> <td> <input name="chgroupname_<?php echo $group['group_id']; ?> " type="text" value="<?php echo $group['name']; ?> " /> <input name="origgroupname_<?php echo $group['group_id']; ?> " type="hidden" value="<?php echo $group['name']; ?> " /> </td> </tr> <?php } ?> </table> <input type="reset" value="Reset" /> <input name="submit_changegroups" type="submit" value="Submit Changes"> </form> <?php } else { ?> <h3>Edit Groups</h3> <p>No groups were found in the database.</p> <?php } // Show Add a new group section ?> <form method="post" action=""> <h3>Add a Group</h3> <p>When creating a group, you may choose to create a right with the group, which may then be applied to user accounts via the group. If the group already exists, this form will still attempt to link a right to it. If the right already exists and is not associated with the group, it will be assigned to the group.</p> <label for="groupname_text">Group Name</label> <input id="groupname_text" name="groupname_text" type="text"><br /> <label for="addright">Add/Link Right</label> <input id="addright" name="addright" type="checkbox" checked="checked"><br /> <input type="submit" name="submit_addgroup" value="Add Group" /> </form> <?php $o = ob_get_contents(); ob_end_clean(); return $o; }
function ewiki_page_uservars_user($id, $data, $action) { global $ewiki_errmsg, $ewiki_user_gui_fields; $success = TRUE; //set user name to currently logged in user $user = $GLOBALS['ewiki_auth_user']; $o = ewiki_make_title($id, "User info for {$user}", 2); //check to see if we are editing fields and that we have a username if (isset($_REQUEST['submit_changeaccount']) && !empty($user)) { $editing = TRUE; foreach ($_REQUEST as $request_key => $request_value) { if (strstr($request_key, "text_")) { //only use the text_ inputs $varname = substr($request_key, 5); //remove the text_ prefix if (!ewiki_set_uservar($varname, $request_value, $user)) { //set the appropriate info $success = FALSE; //something failed } } } $o .= $success ? ewiki_t("USERDATAUPDATESUCCESS") : $ewiki_errmsg; } $account_uservars = ewiki_getall_uservar($user); //get user info if (!empty($account_uservars)) { //if data exists for this user $o .= '<p><form method="post" action=""><table border="1" cellpadding="1">'; foreach ($account_uservars as $field => $value) { if (isset($ewiki_user_gui_fields[$field])) { //check if this is a field we want the user to be able to edit $o .= '<tr><th>' . $field . '</th><td><input name="text_' . $field . '" type="text" value="' . $value . '"></td></tr>'; } } $o .= '</table>' . '<input value="Submit Changes" type="submit" name="submit_changeaccount" />' . '</form>'; } else { $o .= ewiki_t("USERDATANODATA"); } return $o; }
/** * changes current user's password based on form input * * @param mixed id * @param mixed data * @return mixed */ function ewiki_page_liveuser_chpw($id, $data) { global $liveuser, $liveuserAuthAdmin; // if form was not submitted, return page output for form if (!isset($_REQUEST['oldpassword'])) { return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_FORM'); } // ensure that original password is valid, and that new passwords match if ($liveuser->getProperty('passwd') != $liveuserAuthAdmin->encryptPW($_REQUEST['oldpassword'])) { return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_BADOLD') . ewiki_t('CHPW_FORM'); } else { if ($_REQUEST['newpassword1'] != $_REQUEST['newpassword2']) { return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_NOMATCH') . ewiki_t('CHPW_FORM'); } else { if ($_REQUEST['newpassword1'] == $_REQUEST['oldpassword']) { return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_SAMEOLD') . ewiki_t('CHPW_FORM'); } } } //$time=getmicrotime(); $password_status = ewiki_check_passwd($_REQUEST['newpassword1'], $liveuser->getHandle()); //$end=getmicrotime(); //echo($end-$time); if ($password_status != 'good passwd') { if ($password_status == 'read error') { return ewiki_make_title($id, $id, 2) . ewiki_t('PASS_DICTIONARY_READ_ERROR'); } else { return ewiki_make_title($id, $id, 2) . ewiki_t($password_status) . '<!--' . $password_status . '-->' . ewiki_t('CHPW_FORM'); } } // return success if ($liveuserAuthAdmin->updateUser($liveuser->getProperty('authUserId'), $liveuser->getHandle(), $_REQUEST['newpassword2']) === true) { ewiki_set_uservar("passwdstatus", 'good', $GLOBALS['ewiki_auth_user']); ewiki_set_uservar("passwdexpiredate", time() + 60 * 60 * 24 * EWIKI_PASSWD_LIFETIME, $GLOBALS['ewiki_auth_user']); return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_SUCCESS'); } else { return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_ERROR'); } }
function ewiki_page_exall($id = 0, $data = 0, $action = 0) { global $ewiki_plugins, $ewiki_config; //$timestart=getmicrotime(); $action = str_replace("all", "", strtolower($id)); $invalid = false; $initials = ewiki_get_uservar("Initials"); $exinitials = ewiki_get_uservar("ExtractorInitials"); if (isset($_GET['q']) && $_GET['q'] != "") { if ($_GET['q'] != 'ALL') { $str_usr = str_replace(array("or", " ", "and"), array("|", "", "|"), $_GET['q']); //$str_usr=$_GET['q']; //initials were entered if (!(stristr($_GET['q'], "or") && stristr($_GET['q'], "and"))) { if (stristr($_GET['q'], "and")) { $operator = "and"; } $extractFor = $_GET['q']; } else { $invalid = true; } } } elseif (strlen($initials)) { $str_usr = $initials; $extractFor = $str_usr; } elseif (strlen($exinitials)) { $str_usr = $exinitials; $extractFor = $str_usr; } else { $str_usr = "******"; //no initials were entered $o = ewiki_make_title($id, ewiki_t(strtoupper($action) . "TITLE"), 2); } if (isset($extractFor)) { $o = ewiki_make_title($id, ewiki_t(strtoupper($action) . "FOR") . $extractFor, 2); if ($extractFor != $exinitials && $extractFor != $initials && strlen($extractFor) == 2) { ewiki_set_uservar("ExtractorInitials", $extractFor); } } else { $o = ewiki_make_title($id, ewiki_t(strtoupper($action) . "TITLE"), 2); } $o .= ewiki_t("EXALLCONTROLS", array("controlid" => $id)); //prints text, textbox, and button $o .= '<p>'; if (strlen($initials)) { $o .= '<a href="' . ewiki_script("", $id, array('q' => $initials)) . '">' . ewiki_t(strtoupper($action) . "FOR") . $initials . "</a> "; } if (strlen($exinitials) && $exinitials != $initials) { $o .= '<a href="' . ewiki_script("", $id, array('q' => $exinitials)) . '">' . ewiki_t(strtoupper($action) . "FOR") . $exinitials . "</a> "; } $o .= '<a href="' . ewiki_script("", $id, array('q' => 'ALL')) . '">' . ewiki_t(strtoupper($action) . "FORALL") . "</a> " . '</p>'; if ($invalid) { return $o . ewiki_t("EXALLERROR"); } //define types of todo/policy items $ext_types = $ewiki_config["extracttypes"][$action]; //get data from database $data = ewiki_db::GETALL(array("content", "pagename", "flags")); while ($content = $data->get()) { $str_null = NULL; if (($content["flags"] & EWIKI_DB_F_TYPE) == EWIKI_DB_F_TEXT) { //code hijacked from action_extracttodo and modified preg_match_all("/^([;:#\\*\\- ]*)((@@(" . implode("|", $ext_types) . ")) ((" . $str_usr . ")+.*)(:.*))\$/im", $content["content"], $matches); if (!empty($matches[0])) { $extractedContent = NULL; for ($index = 0; $index < sizeof($matches[0]); $index++) { //extract each todo/policy item if ($operator == "and") { $all = true; $a_users = explode("|", $str_usr); foreach ($a_users as $str_user) { if (!stristr($matches[5][$index], $str_user)) { $all = false; } } if (!$all) { continue; } } //security layer if (EWIKI_PROTECTED_MODE && EWIKI_PROTECTED_MODE_HIDING && !ewiki_auth($content["id"], $str_null, $action)) { continue; //skip rest of loop and start from beginning } $extractedContent .= "*" . $matches[2][$index] . "@@\n"; } if ($extractedContent != NULL) { $o .= $ewiki_plugins["render"][0]("!!!" . ewiki_t(strtoupper($action) . "FROM") . "[" . $content["id"] . "]"); $o .= "<div class='ewiki_page_todolist'>" . $ewiki_plugins["render"][0]($extractedContent, 1, EWIKI_ALLOW_HTML || @$content["flags"] & EWIKI_DB_F_HTML) . "</div>"; } } } } $o .= $ewiki_plugins["render"][0](ewiki_t(strtoupper($action) . "POSTSCRIPT")); /*$timeend=getmicrotime(); $o.="time: ".($timeend-$timestart);*/ return $o; }