/**
* Manages a module
*
* @since 1.0
* @package facileManager
*/
function manageModule($module_name = null, $action = null)
{
global $__FM_CONFIG;
if (!$module_name || !in_array($module_name, getAvailableModules())) {
return false;
}
$current_active_modules = getOption('fm_active_modules', $_SESSION['user']['account_id']);
$command = is_array($current_active_modules) ? 'update' : 'insert';
switch ($action) {
case 'activate':
/** Ensure $module_name is not already active */
if (in_array($module_name, getActiveModules())) {
return;
}
/** Ensure $module_name is installed */
if (getOption('version', 0, $module_name) === false) {
return;
}
$current_active_modules[] = $module_name;
return setOption('fm_active_modules', $current_active_modules, 'auto', true, $_SESSION['user']['account_id']);
break;
case 'deactivate':
/** Ensure $module_name is not already deactivated */
if (!in_array($module_name, getActiveModules())) {
return;
}
$new_array = array();
foreach ($current_active_modules as $module) {
if ($module == $module_name) {
continue;
}
$new_array[] = $module;
}
return setOption('fm_active_modules', $new_array, 'update', true, $_SESSION['user']['account_id']);
break;
case 'uninstall':
if (!in_array($module_name, getAvailableModules())) {
return;
}
if (function_exists('uninstallModuleSchema')) {
$output = uninstallModuleSchema($__FM_CONFIG['db']['name'], $module_name);
}
if ($output != 'Success') {
return false;
}
return true;
break;
}
return false;
}
/**
* Gets all available user capabilities
*
* @since 2.0
* @package facileManager
*
* @return array
*/
function getAvailableUserCapabilities()
{
global $fm_name;
$fm_user_caps = null;
if (file_exists(ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $fm_name . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php')) {
include ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $fm_name . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php';
}
foreach (getActiveModules() as $module) {
if (file_exists(ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php')) {
include ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . 'extra' . DIRECTORY_SEPARATOR . 'capabilities.inc.php';
}
}
return $fm_user_caps;
}
if ($page->branch == 'Webkit') {
$template = $page->delta_file('index', 'html');
} else {
$template = "$page->branch/index.html";
}
Modules::init($page->branch, $page->certs, $page->platform);
// iphone can customize without reloading
if($page->delta == 'iphone') {
$modules = Modules::$default_order;
} else {
$modules = getModuleOrder();
$activemodules = getActiveModules();
// Process the various possible actions
if($_REQUEST['action'] == 'swap') {
$module_1 = $_REQUEST['module1'];
$module_2 = $_REQUEST['module2'];
$position_1 = intval($_REQUEST['position1']);
$position_2 = intval($_REQUEST['position2']);
//make sure cookie is consistent with action
// if so swap them
if( ($modules[$position_1] == $module_1) && ($modules[$position_2] == $module_2) ) {
$modules[$position_1] = $module_2;
$modules[$position_2] = $module_1;
}
}
/**
* Checks if the user is authenticated
*
* @since 1.0
* @package facileManager
*
* @return boolean
*/
function isLoggedIn()
{
global $fm_name;
if (defined('INSTALL')) {
return false;
}
/** No auth_method defined */
if (getOption('fm_db_version') >= 18) {
if (!getOption('auth_method')) {
if (!isset($_COOKIE['myid'])) {
session_set_cookie_params(strtotime('+1 week'));
@session_start();
$_SESSION['user']['logged_in'] = true;
$_SESSION['user']['id'] = 1;
$_SESSION['user']['account_id'] = 1;
$modules = getActiveModules(true);
if (!isset($_SESSION['module'])) {
$_SESSION['module'] = is_array($modules) && count($modules) ? $modules[0] : $fm_name;
}
setcookie('myid', session_id(), strtotime('+1 week'));
}
session_set_cookie_params(strtotime('+1 week'));
if (!empty($_COOKIE['myid'])) {
@session_id($_COOKIE['myid']);
@session_start();
}
return true;
}
}
/** Auth method defined so let's validate */
if (isset($_COOKIE['myid'])) {
$myid = $_COOKIE['myid'];
/** Init the session. */
session_set_cookie_params(strtotime('+1 week'));
session_id($myid);
@session_start();
/** Check if they're logged in. */
if (isset($_SESSION['user']['logged_in']) && $_SESSION['user']['logged_in']) {
/** Set the last login info */
if (strtotime("-1 hour") > $_SESSION['user']['last_login']) {
$_SESSION['user']['last_login'] = strtotime("-15 minutes");
$_SESSION['user']['ipaddr'] = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $_SERVER['REMOTE_ADDR'];
}
/** Should the user be logged in? */
if (getNameFromID($_SESSION['user']['id'], 'fm_users', 'user_', 'user_id', 'user_status') != 'active') {
header('Location: ' . $GLOBALS['RELPATH'] . '?logout');
}
return true;
}
}
return false;
}
/**
* Displays the form to add new user
*
* @since 1.0
* @package facileManager
*/
function printUsersForm($data = '', $action = 'add', $form_bits = array(), $button_text = 'Save', $button_id = 'submit', $action_page = 'admin-users.php', $print_form_head = true, $display_type = 'popup')
{
global $__FM_CONFIG, $fm_name, $fm_login;
$user_id = 0;
$user_login = $user_password = $cpassword = null;
$ucaction = ucfirst($action);
$disabled = isset($_GET['id']) && $_SESSION['user']['id'] == $_GET['id'] ? 'disabled' : null;
$button_disabled = null;
$user_email = $user_default_module = null;
$hidden = $user_perm_form = $return_form_rows = null;
$user_force_pwd_change = $user_template_only = null;
if (!empty($_POST) && !array_key_exists('is_ajax', $_POST)) {
if (is_array($_POST)) {
extract($_POST);
}
} elseif (@is_object($data[0])) {
extract(get_object_vars($data[0]));
$user_password = null;
}
$popup_title = $action == 'add' ? __('Add User') : __('Edit User');
$popup_header = buildPopup('header', $popup_title);
$popup_footer = buildPopup('footer');
if (in_array('user_login', $form_bits)) {
/** Get field length */
$field_length = getColumnLength('fm_users', 'user_login');
$username_form = $action == 'add' ? '<input name="user_login" id="user_login" type="text" value="' . $user_login . '" size="40" maxlength="' . $field_length . '" />' : '<span id="form_username">' . $user_login . '</span>';
$hidden = '<input type="hidden" name="user_id" value="' . $user_id . '" />';
$hidden .= $action != 'add' ? '<input type="hidden" name="user_login" value="' . $user_login . '" />' : null;
$return_form_rows .= '<tr>
<th width="33%" scope="row"><label for="user_login">' . _('User Login') . '</label></th>
<td width="67%">' . $username_form . '</td>
</tr>';
}
if (in_array('user_email', $form_bits)) {
/** Get field length */
$field_length = getColumnLength('fm_users', 'user_login');
$return_form_rows .= '<tr>
<th width="33%" scope="row"><label for="user_email">' . _('User Email') . '</label></th>
<td width="67%"><input name="user_email" id="user_email" type="email" value="' . $user_email . '" size="32" maxlength="' . $field_length . '" ' . $disabled . ' /></td>
</tr>';
}
if (in_array('user_auth_method', $form_bits) && getOption('auth_method')) {
if (!isset($user_auth_type)) {
$user_auth_type = 1;
}
$auth_method_types = $__FM_CONFIG['options']['auth_method'];
if (array_shift($auth_method_types) && count($auth_method_types) > 1) {
$return_form_rows .= '<tr>
<th width="33%" scope="row"><label for="user_email">' . _('Authentication Method') . '</label></th>
<td width="67%">' . buildSelect('user_auth_type', 'user_auth_type', $auth_method_types, $user_auth_type) . '</td>
</tr>';
}
}
if (in_array('user_password', $form_bits) || array_key_exists('user_password', $form_bits)) {
if ($action == 'add') {
$button_disabled = 'disabled';
}
$strength = $GLOBALS['PWD_STRENGTH'];
if (array_key_exists('user_password', $form_bits)) {
$strength = $form_bits['user_password'];
}
$return_form_rows .= '<tr class="user_password">
<th width="33%" scope="row"><label for="user_password">' . _('User Password') . '</label></th>
<td width="67%"><input name="user_password" id="user_password" type="password" value="" size="40" onkeyup="javascript:checkPasswd(\'user_password\', \'' . $button_id . '\', \'' . $strength . '\');" /></td>
</tr>
<tr class="user_password">
<th width="33%" scope="row"><label for="cpassword">' . _('Confirm Password') . '</label></th>
<td width="67%"><input name="cpassword" id="cpassword" type="password" value="" size="40" onkeyup="javascript:checkPasswd(\'cpassword\', \'' . $button_id . '\', \'' . $strength . '\');" /></td>
</tr>
<tr class="user_password">
<th width="33%" scope="row">' . _('Password Validity') . '</th>
<td width="67%"><div id="passwd_check">' . _('No Password') . '</div></td>
</tr>
<tr class="pwdhint user_password">
<th width="33%" scope="row">' . _('Hint') . '</th>
<td width="67%">' . $__FM_CONFIG['password_hint'][$strength][1] . '</td>
</tr>';
}
if (in_array('user_module', $form_bits)) {
$active_modules = $user_id == $_SESSION['user']['id'] ? getActiveModules(true) : getActiveModules();
$user_module_options = buildSelect('user_default_module', 'user_default_module', $active_modules, $user_default_module);
unset($active_modules);
$return_form_rows .= '<tr>
<th width="33%" scope="row">' . _('Default Module') . '</th>
<td width="67%">' . $user_module_options . '</td>
</tr>';
}
if (in_array('user_options', $form_bits)) {
$force_pwd_check = $user_force_pwd_change == 'yes' ? 'checked disabled' : null;
$user_template_only_check = $user_template_only == 'yes' ? 'checked' : null;
$return_form_rows .= '<tr>
<th width="33%" scope="row">' . _('Options') . '</th>
<td width="67%">
<input name="user_force_pwd_change" id="user_force_pwd_change" value="yes" type="checkbox" ' . $force_pwd_check . '/><label for="user_force_pwd_change">' . _('Force Password Change at Next Login') . '</label><br />
<input name="user_template_only" id="user_template_only" value="yes" type="checkbox" ' . $user_template_only_check . '/><label for="user_template_only">' . _('Template User') . '</label>
</td>
</tr>';
}
if (in_array('verbose', $form_bits)) {
$hidden .= '<input type="hidden" name="verbose" value="0" />' . "\n";
$return_form_rows .= '<tr>
<th width="33%" scope="row">' . _('Options') . '</th>
<td width="67%"><input name="verbose" id="verbose" type="checkbox" value="1" checked /><label for="verbose">' . _('Verbose Output') . '</label></td>
</tr>';
}
do {
if (in_array('user_perms', $form_bits)) {
/** Cannot edit perms of super-admin if logged in user is not a super-admin */
if (userCan($user_id, 'do_everything') && !currentUserCan('do_everything')) {
break;
}
$user_is_super_admin = userCan($user_id, 'do_everything');
$fm_perm_boxes = $perm_boxes = null;
$i = 1;
$fm_user_caps = getAvailableUserCapabilities();
foreach ($fm_user_caps[$fm_name] as $key => $title) {
if ($key != 'do_everything' && $user_is_super_admin) {
$checked = null;
} else {
$checked = userCan($user_id, $key) ? 'checked' : null;
}
if ($key == 'do_everything') {
$title = "<b>{$title}</b>";
}
$fm_perm_boxes .= ' <input name="user_caps[' . $fm_name . '][' . $key . ']" id="fm_perm_' . $key . '" type="checkbox" value="1" ' . $checked . '/> <label for="fm_perm_' . $key . '">' . $title . '</label>' . "\n";
/** Display checkboxes three per row */
if ($i == 3) {
$fm_perm_boxes .= "<br />\n";
$i = 0;
}
$i++;
}
if (!empty($fm_perm_boxes)) {
$perm_boxes .= <<<PERM
\t\t\t\t<tr id="userperms">
\t\t\t\t\t<th width="33%" scope="row">{$fm_name}</th>
\t\t\t\t\t<td width="67%">
\t\t\t\t\t\t<input type="hidden" name="process_user_caps" value="1" />
\t\t\t\t\t\t{$fm_perm_boxes}
\t\t\t\t\t</td>
\t\t\t\t</tr>
PERM;
}
/** Process module permissions */
$active_modules = getActiveModules();
foreach ($active_modules as $module_name) {
$module_perm_boxes = null;
$i = 1;
if (array_key_exists($module_name, $fm_user_caps)) {
foreach ($fm_user_caps[$module_name] as $key => $title) {
$checked = userCan($user_id, $key, $module_name) && !$user_is_super_admin ? 'checked' : null;
$module_perm_boxes .= ' <input name="user_caps[' . $module_name . '][' . $key . ']" id="fm_perm_' . $module_name . '_' . $key . '" type="checkbox" value="1" ' . $checked . '/> <label for="fm_perm_' . $module_name . '_' . $key . '">' . $title . '</label>' . "\n";
/** Display checkboxes three per row */
if ($i == 3) {
$module_perm_boxes .= "<br />\n";
$i = 0;
}
$i++;
}
$module_extra_functions = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module_name . DIRECTORY_SEPARATOR . 'functions.extra.php';
if (file_exists($module_extra_functions)) {
include $module_extra_functions;
$function = 'print' . $module_name . 'UsersForm';
if (function_exists($function)) {
$module_perm_boxes .= $function(getUserCapabilities($user_id), $module_name);
}
}
}
if (!empty($module_perm_boxes)) {
$perm_boxes .= <<<PERM
\t\t\t\t\t<tr id="userperms">
\t\t\t\t\t\t<th width="33%" scope="row">{$module_name}</th>
\t\t\t\t\t\t<td width="67%">
\t\t\t\t\t\t{$module_perm_boxes}
\t\t\t\t\t\t</td>
\t\t\t\t\t</tr>
\t
PERM;
}
}
if (!empty($perm_boxes)) {
$user_perm_form = sprintf('<tr><td colspan="2"><br /><br /><i>%s</i></td></tr>', _('User Permissions')) . $perm_boxes;
}
}
} while (false);
$return_form = $print_form_head ? '<form name="manage" id="manage" method="post" action="' . $action_page . '">' . "\n" : null;
if ($display_type == 'popup') {
$return_form .= $popup_header;
}
$return_form .= '
<div>
<form id="fm_user_profile">
<input type="hidden" name="action" value="' . $action . '" />' . $hidden . '
<table class="form-table" width="495px">
<tr><td colspan="2"><i>' . _('User Details') . '</i></td></tr>' . $return_form_rows . $user_perm_form;
$return_form .= '</table></div>';
if ($display_type == 'popup') {
$return_form .= '
</div>
<div class="popup-footer">
<input type="submit" id="' . $button_id . '" name="submit" value="' . $button_text . '" class="button primary" ' . $button_disabled . '/>
<input type="button" value="' . _('Cancel') . '" class="button left" id="cancel_button" />
</div>
</form>
<script>
$(document).ready(function() {
$("select").select2({
containerCss: { "min-width": "165px" },
minimumResultsForSearch: -1
});
$("select.wide_select").select2({
width: "300px",
minimumResultsForSearch: -1
});
});
</script>';
}
return $return_form;
}
if (arrayKeysExist(array('genserial', 'addserial', 'install', 'upgrade', 'ssh'), $_GET)) {
if (!defined('CLIENT')) {
define('CLIENT', true);
}
require_once 'fm-init.php';
if (file_exists(ABSPATH . 'fm-modules/' . $_POST['module_name'] . '/variables.inc.php')) {
include ABSPATH . 'fm-modules/' . $_POST['module_name'] . '/variables.inc.php';
}
include ABSPATH . 'fm-includes/version.php';
/** Check account key */
include ABSPATH . 'fm-modules/facileManager/classes/class_accounts.php';
$account_status = $fm_accounts->verifyAccount($_POST['AUTHKEY']);
if ($account_status !== true) {
$data = $account_status;
} else {
if (in_array($_POST['module_name'], getActiveModules())) {
if (array_key_exists('genserial', $_GET)) {
$module = $_POST['module_name'] ? $_POST['module_name'] : $_SESSION['module'];
$data['server_serial_no'] = generateSerialNo($module);
}
if (array_key_exists('addserial', $_GET)) {
/** Client expects an array for a good return */
$data = $_POST;
/** Does the record already exist for this account? */
basicGet('fm_' . $__FM_CONFIG[$_POST['module_name']]['prefix'] . 'servers', $_POST['server_name'], 'server_', 'server_name');
if ($fmdb->num_rows) {
$server_array = $fmdb->last_result;
$_POST['server_id'] = $server_array[0]->server_id;
$update_server = moduleAddServer('update');
} else {
if (getOption('client_auto_register')) {
require_once "Home.php";
require_once "Modules.php";
require_once WEBROOT . "page_builder/Page.php";
//require WEBROOT . "page_builder/counter.php";
require WEBROOT . "page_builder/page_tools.php";
require WEBROOT . "customize/customize_lib.php";
$page = Page::factory();
$page->module('home');
PageViews::increment('home', $page->platform);
$whats_new_count = Home::$whats_new_count;
$top_item = Home::$whats_new->getTopItemName();
Modules::init($page->branch, $page->certs, $page->platform);
$old_modules = getModuleOrder();
$moduleorder = Modules::refreshAll($old_modules, $page->branch);
setModuleOrder($moduleorder);
$modules = getActiveModules($page->branch);
$modules = Modules::refreshActive($old_modules, $modules, $page->branch);
$modules = Modules::add_required($modules, $page->branch);
setActiveModules($modules);
$all_modules = Modules::$default_order;
//$fh = fopen('/tmp/headers-' . time() . '.txt', 'w');
//fwrite($fh, str_replace('",', "\",\n", json_encode($_SERVER)) . '\n');
//fclose($fh);
$page->prevent_caching('Basic');
$page->prevent_caching('Touch');
$page->cache();
/*
function url($module) {
// we rewrite urls for modules which require certificates
// to make sure the user at least once sees the get certificates page
$url = Modules::url($module);
ini_set('display_errors', false);
error_reporting(0);
}
/** Include module variables */
include ABSPATH . 'fm-modules/' . $fm_name . '/variables.inc.php';
if (isset($_SESSION['module'])) {
include ABSPATH . 'fm-modules/' . $_SESSION['module'] . '/variables.inc.php';
}
/** Handle module change request */
if (isset($_REQUEST['module']) && !isset($_REQUEST['action'])) {
setUserModule($_REQUEST['module']);
header('Location: ' . $GLOBALS['RELPATH']);
exit;
}
/** Ensure selected module is indeed active */
if (isset($_SESSION['module']) && $_SESSION['module'] != $fm_name && !in_array($_SESSION['module'], getActiveModules())) {
$_SESSION['module'] = $fm_name;
header('Location: ' . $GLOBALS['RELPATH'] . 'admin-modules.php');
exit;
}
if (!defined('UPGRADE')) {
/** Once logged in process the menuing */
if ($fm_login->isLoggedIn()) {
if (isUpgradeAvailable()) {
$fm_login->logout();
header('Location: ' . $GLOBALS['RELPATH']);
exit;
}
}
}
/** Handle sort orders */
$module_display = sprintf('<p>%s</p>', _('The following modules have been detected:')) . @buildBulkActionMenu($bulk_actions_list, 'module_list') . $header;
foreach ($modules as $module_name) {
/** Include module variables */
@(include ABSPATH . 'fm-modules/' . $module_name . '/variables.inc.php');
$activate_link = $upgrade_link = $status_options = null;
$class = array();
$uninstall_link = sprintf('<a href="?action=uninstall&module=%s"><span class="not_installed" onClick="return del(\'%s\');">%s</span></a>' . "\n", $module_name, _('Are you sure you want to delete this module?'), _('Uninstall'));
/** Get module status */
$module_version = getOption('version', 0, $module_name);
if ($module_version !== false) {
if (in_array($module_name, getActiveModules())) {
$activate_link = sprintf('<a href="?action=deactivate&module=%s">%s</a>' . "\n", $module_name, _('Deactivate'));
$class[] = 'active';
}
if (version_compare($module_version, $__FM_CONFIG[$module_name]['version'], '>=')) {
if (!in_array($module_name, getActiveModules())) {
$activate_link = sprintf('<span class="activate_link"><a href="?action=activate&module=%s">%s</a></span>' . "\n", $module_name, _('Activate')) . $uninstall_link;
}
} else {
include ABSPATH . 'fm-includes/version.php';
if (version_compare($fm_version, $__FM_CONFIG[$module_name]['required_fm_version']) >= 0) {
$upgrade_link = sprintf('<span class="upgrade_link"><a href="#" id="module_upgrade" name="%s" />%s</a></span>' . "\n", $module_name, _('Update Database Now'));
} else {
$upgrade_link .= sprintf('<span class="upgrade_link">' . _('%s v%s or later is required<br />before this module can be upgraded.') . '</span>', $fm_name, $__FM_CONFIG[$module_name]['required_fm_version']);
}
$activate_link = $uninstall_link;
$class[] = 'upgrade';
}
$status_options = $activate_link . "\n";
} else {
$module_version = $__FM_CONFIG[$module_name]['version'];
