private function show_smilies() { $smilies = config_file("smilies"); $this->output->open_tag("smilies"); foreach ($smilies as $smiley) { $smiley = explode("\t", chop($smiley)); $text = array_shift($smiley); $image = array_pop($smiley); $this->output->add_tag("smiley", $image, array("text" => $text)); } $this->output->close_tag(); }
public function execute() { $menu = array("Authentication & authorization" => array("Users" => array("cms/user", "users.png"), "Roles" => array("cms/role", "roles.png"), "Organisations" => array("cms/organisation", "organisations.png"), "Access" => array("cms/access", "access.png"), "Flags" => array("cms/flag", "flags.png"), "User switch" => array("cms/switch", "switch.png")), "Content" => array("Agenda" => array("cms/agenda", "agenda.png"), "Dictionary" => array("cms/dictionary", "dictionary.png"), "F.A.Q." => array("cms/faq", "faq.png"), "Files" => array("cms/file", "file.png"), "Forum" => array("cms/forum", "forum.png"), "Guestbook" => array("cms/guestbook", "guestbook.png"), "Languages" => array("cms/language", "language.png"), "Links" => array("cms/links", "links.png"), "Menu" => array("cms/menu", "menu.png"), "News" => array("cms/news", "news.png"), "Pages" => array("cms/page", "page.png"), "Polls" => array("cms/poll", "poll.png"), "Weblog" => array("cms/weblog", "weblog.png")), "Photo album" => array("Albums" => array("cms/album", "album.png"), "Collections" => array("cms/collection", "collection.png"), "Photos" => array("cms/photo", "photo.png")), "Newsletter" => array("Newsletter" => array("cms/newsletter", "newsletter.png"), "Subscriptions" => array("cms/subscriptions", "subscriptions.png")), "System" => array("Logging" => array("cms/logging", "logging.png"), "Action log" => array("cms/action", "action.png"), "Settings" => array("cms/settings", "settings.png"), "API test" => array("cms/apitest", "apitest.png"))); /* Show warnings */ if ($this->user->is_admin) { if (module_exists("setup")) { $this->output->add_system_warning("The setup module is still available. Remove it from settings/public_modules.conf."); } if ($this->user->id == 1 && $this->user->password == "c10b391ff5e75af6ee8469539e6a5428f09eff7e693d6a8c4de0e5525cd9b287") { $this->output->add_system_warning("Don't forget to change the password of the admin account!"); } if ($this->settings->secret_website_code == "CHANGE_ME_INTO_A_RANDOM_STRING") { $this->output->add_system_warning("Don't forget to change the secret_website_code setting."); } if (is_true(DEBUG_MODE)) { $this->output->add_system_warning("Website is running in debug mode. Set DEBUG_MODE in settings/website.conf to 'no'."); } } if ($this->page->pathinfo[1] != null) { $this->output->add_system_warning("The administration module '%s' does not exist.", $this->page->pathinfo[1]); } /* Show icons */ if (is_false(MULTILINGUAL)) { unset($menu["Content"]["Languages"]); } $access_list = page_access_list($this->db, $this->user); $private_modules = config_file("private_modules"); $this->output->open_tag("menu"); foreach ($menu as $text => $section) { $this->output->open_tag("section", array("text" => $text, "class" => strtr(strtolower($text), " &", "__"))); foreach ($section as $text => $info) { list($module, $icon) = $info; if (in_array($module, $private_modules) == false) { continue; } if (isset($access_list[$module])) { $access = $access_list[$module] > 0; } else { $access = true; } $this->output->add_tag("entry", $module, array("text" => $text, "access" => show_boolean($access), "icon" => $icon)); } $this->output->close_tag(); } $this->output->close_tag(); }
public function save_oke($page) { $result = true; if (valid_input(trim($page["url"]), VALIDATE_URL, VALIDATE_NONEMPTY) == false) { $this->output->add_message("URL is empty or contains invalid characters."); $result = false; } else { if (strpos($page["url"], "//") !== false || $page["url"][0] !== "/") { $this->output->add_message("Invalid URL."); $result = false; } } if (in_array($page["language"], array_keys(config_array(SUPPORTED_LANGUAGES))) == false) { $this->output->add_message("Language not supported."); $result = false; } if (($layouts = $this->get_layouts()) != false) { if (in_array($page["layout"], $layouts) == false) { $this->output->add_message("Invalid layout."); $result = false; } } if (trim($page["title"]) == "") { $this->output->add_message("Empty title not allowed."); $result = false; } if (valid_input($page["language"], VALIDATE_NONCAPITALS, 2) == false) { $this->output->add_message("Invalid language code."); $result = false; } $module = ltrim($page["url"], "/"); $public_pages = page_to_module(config_file("public_pages")); $private_pages = page_to_module(config_file("private_pages")); if (in_array($module, $public_pages) || in_array($module, $private_pages)) { $this->output->add_message("URL belongs to a module."); $result = false; } else { $query = "select * from pages where id!=%d and url=%s limit 1"; if (($page = $this->db->execute($query, $page["id"], $page["url"])) != false) { if (count($page) > 0) { $this->output->add_message("URL belongs to another page."); $result = false; } } } return $result; }
public function get_public_urls() { /* Modules on disk */ $exclude = array("captcha.png", "logout", "offline", "password", "sitemap.xml"); $urls = array_diff(config_file("public_modules"), $exclude); /* Pages from database */ $query = "select url from pages where private=%d"; if (($pages = $this->db->execute($query, NO)) != false) { foreach ($pages as $page) { array_push($urls, ltrim($page["url"], "/")); } } sort($urls); return $urls; }
public function execute() { $menu = array("Authentication, authorization & system" => array("Users" => array("cms/user", "users.png"), "Roles" => array("cms/role", "roles.png"), "Organisations" => array("cms/organisation", "organisations.png"), "Access" => array("cms/access", "access.png"), "User switch" => array("cms/switch", "switch.png"), "Action log" => array("cms/action", "action.png"), "Settings" => array("cms/settings", "settings.png")), "Content" => array("Files" => array("cms/file", "file.png"), "Hostnames" => array("cms/hostname", "hostname.gif"), "Menu" => array("cms/menu", "menu.png"), "Pages" => array("cms/page", "page.png"), "Webservers" => array("cms/webserver", "webserver.png"))); /* Show warnings */ if ($this->user->is_admin) { if ($this->user->id == 1 && $this->user->password == "610706e9a48f85476e04d270bd6dc7492cdcd9ad7e91878007dff629ab11f195") { $this->output->add_system_warning("Don't forget to change the password of the admin account!"); } if ($this->settings->secret_website_code == "CHANGE_ME_INTO_A_RANDOM_STRING") { $this->output->add_system_warning("Don't forget to change the secret_website_code setting."); } if (is_true(DEBUG_MODE)) { $this->output->add_system_warning("Website is running in debug mode. Set DEBUG_MODE in settings/website.conf to 'no'."); } } if ($this->page->pathinfo[1] != null) { $this->output->add_system_warning("The administration module '%s' does not exist.", $this->page->pathinfo[1]); } /* Show icons */ if (is_false(MULTILINGUAL)) { unset($menu["Content"]["Languages"]); } $access_list = page_access_list($this->db, $this->user); $private_pages = config_file("private_pages"); $this->output->open_tag("menu"); foreach ($menu as $text => $section) { $this->output->open_tag("section", array("text" => $text, "class" => strtr(strtolower($text), " &", "__"))); foreach ($section as $text => $info) { list($page, $icon) = $info; if (in_array($page, $private_pages) == false) { continue; } if (isset($access_list[$page])) { $access = $access_list[$page] > 0; } else { $access = true; } $this->output->add_tag("entry", $page, array("text" => $text, "access" => show_boolean($access), "icon" => $icon)); } $this->output->close_tag(); } $this->output->close_tag(); }
public function __construct() { $arguments = func_get_args(); call_user_func_array(array("parent", "__construct"), $arguments); if ($this->language === null) { return; } /* Add supported languages */ foreach ($this->language->supported as $lang => $label) { $this->elements[$lang] = array("label" => $label, "type" => "text", "overview" => false, "required" => true); } /* Set page options */ $modules = page_to_module(array_merge(config_file("public_pages"), config_file("private_pages"))); sort($modules); array_unshift($modules, "*"); $modules = array_combine($modules, $modules); $this->elements["page"]["options"] = $modules; }
exit; } if(isset($_GET["scripts"])){echo scripts();exit;} if(isset($_GET["tabs"])){tabs();exit;} if(isset($_GET["databases"])){databases_status();exit;} if(isset($_GET["ufdbg-community"])){community_status();exit;} if(isset($_GET["maintenance"])){maintenance_status();exit;} if(isset($_GET["CompileMissingdb"])){CompileMissingdb();exit;} if(isset($_GET["MaintenanceReCompileDB"])){maintenance_status_list_compile();exit;} if(isset($_GET["CompileAlldbs"])){CompileAlldbs();exit;} if(isset($_GET["schedule"])){schedule();exit;} if(isset($_GET["EnableSchedule"])){schedule_save();exit;} if(isset($_GET["maintenance-status-list"])){maintenance_status_list();exit;} if(isset($_GET["config-file"])){config_file();exit;} if(isset($_GET["events"])){events();exit;} popup(); function popup(){ $page=CurrentPageName(); $html="<div id='ufdbguard-tabs'></div> <script>LoadAjax('ufdbguard-tabs','$page?tabs=yes');</script>";echo $html; } function tabs(){ $page=CurrentPageName(); $users=new usersMenus(); $array["databases"]='{databases}'; $array["maintenance"]='{maintenance}';
function module_exists($module) { if (in_array($module, config_file("public_modules"))) { return true; } else { if (in_array($module, config_file("private_modules"))) { return true; } } return false; }
exit; } if (isset($_GET["schedule"])) { schedule(); exit; } if (isset($_GET["EnableSchedule"])) { schedule_save(); exit; } if (isset($_GET["maintenance-status-list"])) { maintenance_status_list(); exit; } if (isset($_GET["config-file"])) { config_file(); exit; } if (isset($_GET["events"])) { events(); exit; } popup(); function popup() { $page = CurrentPageName(); $html = "<div id='ufdbguard-tabs'></div>\n\t<script>LoadAjax('ufdbguard-tabs','{$page}?tabs=yes');</script>"; echo $html; } function tabs() {
/** * Try to write configuration file, return false if not successful * @return bool */ function config_write_file() { global $messages, $CFG; $config_file = 'config.php'; if (is_writable($CFG->dirroot . $config_file) || is_writable($CFG->dirroot)) { $f = @fopen($CFG->dirroot . $config_file, 'w'); if (!$f) { $messages[] = __gettext('Could not write configuration file in your elgg directory.'); } else { // write file fwrite($f, config_file()); fclose($f); } } else { $messages[] = __gettext('Could not write configuration file in your elgg directory.'); } if (empty($messages)) { return true; } else { return false; } }
/** * Function: using_yaml * Are they using YAML config storage? */ function using_yaml() { return basename(config_file()) != "config.php" and basename(database_file()) != "database.php" or !database_file(); }
public function translate_smilies() { /* Load configuration */ if ($this->smilies === null) { $this->smilies = array(); foreach (config_file("smilies") as $line) { $line = explode("\t", chop($line)); $text = array_shift($line); $image = array_pop($line); $this->smilies[$text] = $image; } } /* Translate smilies */ foreach ($this->smilies as $text => $image) { $image = "<img src=\"/images/smilies/" . $image . "\">"; $text_len = strlen($text); if ($this->message == $text) { $this->message = $image; continue; } if (substr($this->message, 0, $text_len + 1) == $text . " ") { $this->message = $image . substr($this->message, $text_len); } $this->message = str_replace(" " . $text, " " . $image, $this->message); } return $this->message; }
public function access_allowed($page) { static $access = array(); /* Always access */ $allowed = array(LOGOUT_MODULE); if ($this->is_admin || in_array($page, $allowed)) { return true; } /* Public module */ if (in_array($page, page_to_module(config_file("public_pages")))) { return true; } /* Public page in database */ $query = "select count(*) as count from pages where url=%s and private=%d"; if (($result = $this->db->execute($query, "/" . $page, NO)) == false) { return false; } else { if ($result[0]["count"] > 0) { return true; } } /* No roles, no access */ if (count($this->record["role_ids"]) == 0) { return false; } /* Cached? */ if (isset($access[$page])) { return $access[$page]; } /* Check access */ $conditions = $rids = array(); foreach ($this->record["role_ids"] as $rid) { array_push($conditions, "%d"); array_push($rids, $rid); } if (in_array($page, page_to_module(config_file("private_pages")))) { /* Pages on disk (modules) */ $query = "select %S from roles where id in (" . implode(", ", $conditions) . ")"; if (($access = $this->db->execute($query, $page, $rids)) == false) { return false; } } else { /* Pages in database */ $query = "select a.level from page_access a, pages p " . "where a.page_id=p.id and p.url=%s and a.level>0 " . "and a.role_id in (" . implode(", ", $conditions) . ")"; if (($access = $this->db->execute($query, "/" . $page, $rids)) == false) { return false; } } $access[$page] = max(array_flatten($access)) > 0; return $access[$page]; }
public function select_module($page) { if ($this->module !== null && $this->module !== LOGIN_MODULE) { return; } /* Old browser */ if (preg_match("/MSIE [5678]/", $_SERVER["HTTP_USER_AGENT"]) > 0) { $this->module = "banshee/browser"; return; } /* Public module */ if (($this->module = $this->module_on_disk($page, config_file("public_modules"))) !== null) { $module_count = substr_count($this->module, "/") + 1; $this->parameters = array_slice($this->pathinfo, $module_count); return; } else { if (($this->module = $this->page_in_database($page, NO)) !== null) { return; } } /* Change profile before access to private pages */ if ($this->user->logged_in && $page != LOGOUT_MODULE) { if ($this->user->status == USER_STATUS_CHANGEPWD && isset($_SESSION["user_switch"]) == false) { $page = "profile"; $this->type = ""; } } /* Private module */ if (($this->module = $this->module_on_disk($page, config_file("private_modules"))) === null) { $this->module = $this->page_in_database($page, YES); } if ($this->module == null) { /* Page does not exist. */ $this->module = ERROR_MODULE; $this->http_code = 404; $this->type = ""; } else { if ($this->user->logged_in == false) { /* User not logged in. */ $this->module = LOGIN_MODULE; $this->type = ""; } else { if ($this->user->access_allowed($this->__get("page") . $this->type) == false) { /* Access denied because not with right role. */ $this->module = ERROR_MODULE; $this->http_code = 403; $this->type = ""; $this->user->log_action("unauthorized request for page %s", $page); } else { /* Access allowed. */ $this->is_public = false; $_SESSION["last_private_visit"] = time(); $module_count = substr_count($this->module, "/") + 1; $this->parameters = array_slice($this->pathinfo, $module_count); } } } }
function page_access_list($db, $user) { $access_rights = array(); /* Public pages on disk */ $public = page_to_module(config_file("public_pages")); foreach ($public as $page) { $access_rights[$page] = 1; } /* Private pages on disk */ $private_pages = page_to_module(config_file("private_pages")); foreach ($private_pages as $page) { $access_rights[$page] = $user->is_admin ? YES : NO; } if ($user->logged_in && $user->is_admin == false) { $query = "select * from roles where id in " . "(select role_id from user_role where user_id=%d)"; if (($roles = $db->execute($query, $user->id)) === false) { return false; } foreach ($roles as $role) { $role = array_slice($role, 2); foreach ($role as $page => $level) { $level = (int) $level; if ($user->is_admin && $level == NO) { $level = YES; } if (isset($access_rights[$page]) == false) { $access_rights[$page] = $level; } else { if ($access_rights[$page] < $level) { $access_rights[$page] = $level; } } } } } /* Pages in database */ if (($pages = $db->execute("select * from pages")) === false) { return false; } foreach ($pages as $page) { $access_rights[ltrim($page["url"], "/")] = is_false($page["private"]) || $user->is_admin ? YES : NO; } if ($user->logged_in && $user->is_admin == false) { $conditions = $rids = array(); foreach ($user->role_ids as $rid) { array_push($conditions, "role_id=%d"); array_push($rids, $rid); } $query = "select p.url,a.level from pages p, page_access a " . "where p.id=a.page_id and (" . implode(" or ", $conditions) . ")"; if (($pages = $db->execute($query, $rids)) === false) { return false; } foreach ($pages as $page) { $url = ltrim($page["url"], "/"); if ($access_rights[$url] < $page["level"]) { $access_rights[$url] = $page["level"]; } } } return $access_rights; }