/** * Initialisation des paramètres de PWD */ function initSettings() { global $gSettings; $gSettings = loadSettings(); if ($gSettings === FALSE) { $gSettings = array(); $gSettings['options']['groupes']['groupe'] = array(); $gSettings['sites']['site'] = array(); saveSettings($gSettings); } }
/** * Initialise une authentification en utilisant les paramêtre renseignés dans gepi * * @param string|NULL $auth The authentication source. Si non précisé, utilise la source configurée dans gepi. */ public function __construct($auth = null) { if ($auth == null) { if (isset($_SESSION['utilisateur_saml_source'])) { //on prend la source précisée précedemment en session. //Cela sert si le mode d'authentification a changé au cours de la session de l'utilisateur $auth = $_SESSION['utilisateur_saml_source']; } else { //on va sélectionner la source d'authentification gepi $path = dirname(dirname(dirname(dirname(dirname(dirname(__FILE__)))))); include_once("$path/secure/connect.inc.php"); // Database connection require_once("$path/lib/mysql.inc"); require_once("$path/lib/settings.inc"); // Load settings if (!loadSettings()) { die("Erreur chargement settings"); } $auth = getSettingValue('auth_simpleSAML_source'); } } $config = SimpleSAML_Configuration::getOptionalConfig('authsources.php'); $sources = $config->getOptions(); if (!count($sources)) { echo 'Erreur simplesaml : Aucune source configurée dans le fichier authsources.php'; die; } if (!in_array($auth, $sources)) { //si la source précisée n'est pas trouvée, utilisation par défaut d'une source proposant tout les choix possible //(voir le fichier authsources.php) if ($auth == 'unset') { //l'admin a réglé la source à unset, ce n'est pas la peine de mettre un message d'erreur } else { echo 'Erreur simplesaml : source '.$auth.' non configurée. Utilisation par défaut de la source : «Authentification au choix entre toutes les sources configurees».'; } $auth = 'Authentification au choix entre toutes les sources configurees'; } //on utilise une variable en session pour se souvenir quelle est la source utilisé pour cette session. Utile pour le logout, si entretemps l'admin a changé la source d'authentification. $_SESSION['utilisateur_saml_source'] = $auth; //print_r($config);die; $this->authSourceConfig = $config->getArray($auth); assert('is_string($auth)'); $this->authSource = $auth; parent::__construct($auth); }
function loadBehaviors($type) { $settings = loadSettings(); $files = array(); if ($handle = opendir($settings['base_game'] . '/scripts/behaviors/' . $type . '/')) { while (false !== ($entry = readdir($handle))) { if ($entry != "." && $entry != "..") { $files[] = substr($entry, 0, -3); } } closedir($handle); } return $files; }
function InitializeConfig() { global $config_db_name, $config_db, $version; // Configuration Database $config_db_name = dirname(__FILE__) . '/rest.config.sqlite3'; try { $config_db = new PDO("sqlite:{$config_db_name}"); $config_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $ex) { // Print PDOException message die($ex->getMessage()); } // Check for configuration DB if (file_exists($config_db_name)) { // $this->showMessage("DB Found"); // Check for Versioning Table if (!checkTable('version')) { // $this->showMessage("Versioning Table Missing"); createVersionTable(); } // Check Table Version $tblVer = checkTableVersion('version', $version); if ($tblVer === false) { // $this->showMessage('Adding Version Details'); addVersionRecord('version'); } if ($tblVer === -99) { // $this->showMessage('Updating Version Details'); updateVersionRecord('version'); } // Check Users Table if (!checkTable('users')) { createUsersTable(); } else { // Check Version $tblVer = checkTableVersion('users', $version); } // Load Database Configurations loadDBConnections(); // Load Published Tables loadPublishedTables(); // Load System Settings loadSettings(); } else { die("Sorry, system cannot be setup configuration file...."); } }
/** * This is run before each unit test; it empties the database. */ protected function setUp() { GepiDataPopulator::depopulate($this->con); mysqli_query($GLOBALS["mysqli"], 'delete from setting'); mysqli_query($GLOBALS["mysqli"], 'delete from droits'); mysqli_query($GLOBALS["mysqli"], 'delete from droits_aid'); mysqli_query($GLOBALS["mysqli"], 'delete from aid_productions'); mysqli_query($GLOBALS["mysqli"], 'delete from edt_setting'); mysqli_query($GLOBALS["mysqli"], 'delete from lettres_tcs'); mysqli_query($GLOBALS["mysqli"], 'delete from etiquettes_formats'); mysqli_query($GLOBALS["mysqli"], 'delete from lettres_types'); mysqli_query($GLOBALS["mysqli"], 'delete from lettres_cadres'); mysqli_query($GLOBALS["mysqli"], 'delete from ct_types_documents'); mysqli_query($GLOBALS["mysqli"], 'delete from absences_motifs'); mysqli_query($GLOBALS["mysqli"], 'delete from model_bulletin'); mysqli_query($GLOBALS["mysqli"], 'delete from absences_actions'); $fd = fopen(dirname(__FILE__) ."/../../../../sql/data_gepi.sql", "r"); if (!$fd) { echo "Erreur : fichier sql/data_gepi.sql non trouve\n"; die; } while (!feof($fd)) { $query = fgets($fd, 5000); $query = trim($query); if((substr($query,-1)==";")&&(substr($query,0,3)!="-- ")) { $reg = mysqli_query($GLOBALS["mysqli"], $query); if (!$reg) { echo "ERROR : '$query' \n"; echo "Erreur retournée : ".mysqli_error($GLOBALS["mysqli"])."\n"; $result_ok = 'no'; } } } fclose($fd); loadSettings(); AbsenceEleveSaisiePeer::disableAgregation(); AbsenceEleveTraitementPeer::disableAgregation(); parent::setUp(); }
as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. To read the license please visit http://www.gnu.org/copyleft/gpl.html *******************************************************************************/ // prevent direct invocation if (!isset($cfg['user']) || isset($_REQUEST['cfg'])) { @ob_end_clean(); @header("location: ../../../index.php"); exit; } /******************************************************************************/ // load global settings + overwrite per-user settings loadSettings('tf_settings'); // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.indexSettings.tmpl"); // set template-vars tmplSetIndexPageFormVars(); // tmplSetTitleBar("Administration - Index Settings"); tmplSetAdminMenu(); tmplSetFoot(); tmplSetIidVars(); // parse template $tmpl->pparse();
</div> </div> <div class="clear"> </div> <div id="footer"> <div id="btm_cont"> </div> <div id="ft_btm"> <?php loadLinks('footer'); ?> <?php loadSettings('copyright'); ?> <?php BsocketB('public-xhtml-footer'); ?> <br /> <!--Credits --> <a href="http://ramblingsoul.com">CSS Template</a> by Rambling Soul<br /> Images from<a href="http://sxc.hu"> sxc.hu</a> <!--/Credits --> </div> </div>
/** * Attempt to log in using the given username and password. * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * * @param string $username The username the user wrote. * @param string $password The password the user wrote. * @param string $organization The id of the organization the user chose. * @return array Associative array with the users attributes. */ protected function login($username, $password, $organization) { assert('is_string($username)'); assert('is_string($password)'); assert('is_string($organization)'); if ($organization != '') { //$organization contient le numéro de rne setcookie('RNE', $organization, null, '/'); } $path = dirname(dirname(dirname(dirname(dirname(dirname(dirname(dirname(__FILE__)))))))); require_once("$path/secure/connect.inc.php"); // Database connection require_once("$path/lib/mysql.inc"); require_once("$path/lib/mysqli.inc.php"); require_once("$path/lib/settings.inc"); require_once("$path/lib/settings.inc.php"); require_once("$path/lib/old_mysql_result.php"); // Load settings if (!loadSettings()) { die("Erreur chargement settings"); } // Global configuration file require_once("$path/lib/global.inc.php"); // Libraries include "$path/lib/share.inc.php"; // Session related functions require_once("$path/lib/Session.class.php"); $session_gepi = new Session(); # L'instance de Session permettant de gérer directement les authentifications # SSO, on ne s'embête pas : $auth = $session_gepi->authenticate_gepi($username, $password); if ($auth != "1") { # Echec d'authentification. $session_gepi->record_failed_login($username); session_write_close(); SimpleSAML_Logger::error('gepiauth:' . $this->authId . ': not authenticated. Probably wrong username/password.'); throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } SimpleSAML_Logger::info('gepiauth:' . $this->authId . ': authenticated'); # On interroge la base de données pour récupérer des attributs qu'on va retourner $query = mysqli_query($GLOBALS["mysqli"], "SELECT nom, prenom, email, statut FROM utilisateurs WHERE (login = '******')"); $row = mysqli_fetch_object($query); //on vérifie le status if ($this->requiredStatut != null) { if ($this->requiredStatut != $row->statut) { # Echec d'authentification pour ce statut $session_gepi->close('2'); session_write_close(); SimpleSAML_Logger::error('gepiauth:' . $this->authId . ': not authenticated. Statut is wrong.'); throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } } $attributes = array(); $attributes['login_gepi'] = array($username); $attributes['nom'] = array($row->nom); $attributes['prenom'] = array($row->prenom); $attributes['statut'] = array($row->statut); $attributes['email'] = array($row->email); $sql = "SELECT id_matiere FROM j_professeurs_matieres WHERE (id_professeur = '" . $username . "') ORDER BY ordre_matieres LIMIT 1"; $matiere_principale = sql_query1($sql); $attributes['matieres'] = array($matiere_principale); SimpleSAML_Logger::info('gepiauth:' . $this->authId . ': Attributes: ' . implode(',', array_keys($attributes))); return $attributes; }
function rest_get() { $_SESSION['user_id'] = "'api'"; if (!@count($GLOBALS['request']) == 0) { $request_uri = $GLOBALS['_SERVER']['REQUEST_URI']; preg_match('/\\/api(\\/index.php|)\\/(.*)\\?apikey=(.*)/', $request_uri, $matches); if (count($matches) == 0) { rest_error('REQUEST_SENT_NOT_UNDERSTANDABLE'); } $GLOBALS['request'] = explode('/', $matches[2]); } if (apikey_checker($GLOBALS['apikey'])) { global $server, $user, $pass, $database, $pre, $link; teampass_connect(); $category_query = ""; if ($GLOBALS['request'][0] == "read") { if ($GLOBALS['request'][1] == "category") { // get ids if (strpos($GLOBALS['request'][2], ";") > 0) { $condition = "id_tree IN %ls"; $condition_value = explode(';', $GLOBALS['request'][2]); } else { $condition = "id_tree = %s"; $condition_value = $GLOBALS['request'][2]; } DB::debugMode(false); // get items in this module $response = DB::query("SELECT id,label,login,pw, pw_iv FROM " . prefix_table("items") . " WHERE inactif='0' AND " . $condition, $condition_value); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; } /* load folders */ $response = DB::query("SELECT id,parent_id,title,nleft,nright,nlevel FROM " . prefix_table("nested_tree") . " WHERE parent_id=%i ORDER BY `title` ASC", $GLOBALS['request'][2]); $rows = array(); $i = 0; foreach ($response as $row) { $response = DB::query("SELECT id,label,login,pw, pw_iv FROM " . prefix_table("items") . " WHERE inactif = %i AND id_tree=%i", "0", $row['id']); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; } } } else { if ($GLOBALS['request'][1] == "userpw") { $username = $GLOBALS['request'][2]; if (strcmp($username, "admin") == 0) { // forbid admin access } $response = DB::query("SELECT fonction_id FROM " . prefix_table("users") . " WHERE login='******'"); foreach ($response as $data) { $role_str = $data['fonction_id']; } $folder_arr = array(); $roles = explode(";", $role_str); foreach ($roles as $role) { $response = DB::query("SELECT folder_id FROM " . prefix_table("roles_values") . " WHERE role_id='" . $role . "'"); foreach ($response as $data) { $folder_id = $data['folder_id']; if (!array_key_exists($folder_id, $folder_arr)) { array_push($folder_arr, $folder_id); } } } $folder_str = implode(";", $folder_arr); // get ids if (strpos($folder_str, ";") > 0) { $condition = "id_tree IN %ls"; $condition_value = explode(';', $folder_str); } else { $condition = "id_tree = %s"; $condition_value = $folder_str; } DB::debugMode(false); $data = ""; // get items in this module $response = DB::query("SELECT id,label,url,login,pw, pw_iv FROM " . prefix_table("items") . " WHERE inactif='0' AND " . $condition, $condition_value); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; } /* load folders */ $response = DB::query("SELECT id,parent_id,title,nleft,nright,nlevel FROM " . prefix_table("nested_tree") . " WHERE parent_id=%i ORDER BY `title` ASC", $folder_str); $rows = array(); $i = 0; foreach ($response as $row) { $response = DB::query("SELECT id,label,url,login,pw, pw_iv FROM " . prefix_table("items") . " WHERE inactif = %i AND id_tree=%i", "0", $row['id']); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; } } } elseif ($GLOBALS['request'][1] == "items") { $array_items = explode(';', $GLOBALS['request'][2]); // check if not empty if (count($array_items) == 0) { rest_error('NO_ITEM'); } // only accepts numeric foreach ($array_items as $item) { if (!is_numeric($item)) { rest_error('ITEM_MALFORMED'); } } $response = DB::query("SELECT id,label,login,pw, pw_iv, id_tree FROM " . prefix_table("items") . " WHERE inactif = %i AND id IN %ls", "0", $array_items); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; } } } if (isset($json) && $json) { echo json_encode($json); } else { rest_error('EMPTY'); } } elseif ($GLOBALS['request'][0] == "find") { if ($GLOBALS['request'][1] == "item") { $array_category = explode(';', $GLOBALS['request'][2]); $item = $GLOBALS['request'][3]; foreach ($array_category as $category) { if (!preg_match_all("/^([\\w\\:\\'\\-\\sàáâãäåçèéêëìíîïðòóôõöùúûüýÿ]+)\$/i", $category, $result)) { rest_error('CATEGORY_MALFORMED'); } } if (!preg_match_all("/^([\\w\\:\\'\\-\\sàáâãäåçèéêëìíîïðòóôõöùúûüýÿ]+)\$/i", $item, $result)) { rest_error('ITEM_MALFORMED'); } elseif (empty($item) || count($array_category) == 0) { rest_error('MALFORMED'); } if (count($array_category) > 1 && count($array_category) < 5) { for ($i = count($array_category); $i > 0; $i--) { $slot = $i - 1; if (!$slot) { $category_query .= "select id from " . prefix_table("nested_tree") . " where title LIKE '" . $array_category[$slot] . "' AND parent_id = 0"; } else { $category_query .= "select id from " . prefix_table("nested_tree") . " where title LIKE '" . $array_category[$slot] . "' AND parent_id = ("; } } for ($i = 1; $i < count($array_category); $i++) { $category_query .= ")"; } } elseif (count($array_category) == 1) { $category_query = "select id from " . prefix_table("nested_tree") . " where title LIKE '" . $array_category[0] . "' AND parent_id = 0"; } else { rest_error('NO_CATEGORY'); } DB::debugMode(false); $response = DB::query("SELECT id, label, login, pw, pw_iv, id_tree\n FROM " . prefix_table("items") . "\n WHERE \n inactif = %i \n AND id_tree = (%s)\n AND label LIKE %ss", "0", $category_query, $item); foreach ($response as $data) { // prepare output $id = $data['id']; $json[$id]['id'] = mb_convert_encoding($data['id'], mb_detect_encoding($data['id']), 'UTF-8'); $json[$id]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$id]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $json[$id]['url'] = mb_convert_encoding($data['url'], mb_detect_encoding($data['url']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$id]['pw'] = $crypt_pw['string']; $json[$id]['folder_id'] = $data['id_tree']; $json[$id]['status'] = utf8_encode("OK"); } if (isset($json) && $json) { echo json_encode($json); } else { rest_error('EMPTY'); } } } elseif ($GLOBALS['request'][0] == "add") { if ($GLOBALS['request'][1] == "item") { // get item definition $array_item = explode(';', urldecode($GLOBALS['request'][2])); if (count($array_item) != 9) { rest_error('ITEMBADDEFINITION'); } $item_label = $array_item[0]; $item_pwd = $array_item[1]; $item_desc = $array_item[2]; $item_folder_id = $array_item[3]; $item_login = $array_item[4]; $item_email = $array_item[5]; $item_url = $array_item[6]; $item_tags = $array_item[7]; $item_anyonecanmodify = $array_item[8]; // added so one can sent data including the http or https ! // anyway we have to urlencode this data $item_url = urldecode($item_url); // same for the email $item_email = urldecode($item_email); // do some checks if (!empty($item_label) && !empty($item_pwd) && !empty($item_folder_id)) { // Check length if (strlen($item_pwd) > 50) { rest_error('PASSWORDTOOLONG'); } // Check Folder ID DB::query("SELECT * FROM " . prefix_table("nested_tree") . " WHERE id = %i", $item_folder_id); $counter = DB::count(); if ($counter == 0) { rest_error('NOSUCHFOLDER'); } // check if element doesn't already exist DB::query("SELECT * FROM " . prefix_table("items") . " WHERE label = %s AND inactif = %i", addslashes($item_label), "0"); $counter = DB::count(); if ($counter != 0) { $itemExists = 1; // prevent the error if the label already exists // so lets just add the time() as a random factor $item_label .= " (" . time() . ")"; } else { $itemExists = 0; } if ($itemExists == 0) { $encrypt = cryption($item_pwd, SALT, "", "encrypt"); if (empty($encrypt['string'])) { rest_error('PASSWORDEMPTY'); } // ADD item try { DB::insert(prefix_table("items"), array("label" => $item_label, "description" => $item_desc, 'pw' => $encrypt['string'], 'pw_iv' => $encrypt['iv'], "email" => $item_email, "url" => $item_url, "id_tree" => intval($item_folder_id), "login" => $item_login, "inactif" => 0, "restricted_to" => "", "perso" => 0, "anyone_can_modify" => intval($item_anyonecanmodify))); $newID = DB::InsertId(); // log DB::insert(prefix_table("log_items"), array("id_item" => $newID, "date" => time(), "id_user" => API_USER_ID, "action" => "at_creation")); // Add tags $tags = explode(' ', $item_tags); foreach ((array) $tags as $tag) { if (!empty($tag)) { DB::insert(prefix_table("tags"), array("item_id" => $newID, "tag" => strtolower($tag))); } } // Update CACHE table DB::insert(prefix_table("cache"), array("id" => $newID, "label" => $item_label, "description" => $item_desc, "tags" => $item_tags, "id_tree" => $item_folder_id, "perso" => "0", "restricted_to" => "", "login" => $item_login, "folder" => "", "author" => API_USER_ID, "renewal_period" => "0", "timestamp" => time(), "url" => "0")); echo '{"status":"item added"}'; } catch (PDOException $ex) { echo '<br />' . $ex->getMessage(); } } else { rest_error('ITEMEXISTS'); } } else { rest_error('ITEMMISSINGDATA'); } } elseif ($GLOBALS['request'][1] == "user") { // get user definition $array_user = explode(';', $GLOBALS['request'][2]); if (count($array_user) != 11) { rest_error('USERBADDEFINITION'); } $login = $array_user[0]; $name = $array_user[1]; $lastname = $array_user[2]; $password = $array_user[3]; $email = $array_user[4]; $adminby = urldecode($array_user[5]); $isreadonly = urldecode($array_user[6]); $roles = urldecode($array_user[7]); $isadmin = $array_user[8]; $ismanager = $array_user[9]; $haspf = $array_user[10]; // Empty user if (mysqli_escape_string($link, htmlspecialchars_decode($login)) == "") { rest_error('USERLOGINEMPTY'); } // Check if user already exists $data = DB::query("SELECT id, fonction_id, groupes_interdits, groupes_visibles FROM " . prefix_table("users") . "\n WHERE login LIKE %ss", mysqli_escape_string($link, stripslashes($login))); if (DB::count() == 0) { try { // find AdminRole code in DB $resRole = DB::queryFirstRow("SELECT id\n FROM " . prefix_table("roles_title") . "\n WHERE title LIKE %ss", mysqli_escape_string($link, stripslashes($adminby))); // get default language $lang = DB::queryFirstRow("SELECT `valeur` FROM " . prefix_table("misc") . " WHERE type = %s AND intitule = %s", "admin", "default_language"); // prepare roles list $rolesList = ""; foreach (explode(',', $roles) as $role) { //echo $role."-"; $tmp = DB::queryFirstRow("SELECT `id` FROM " . prefix_table("roles_title") . " WHERE title = %s", $role); if (empty($rolesList)) { $rolesList = $tmp['id']; } else { $rolesList .= ";" . $tmp['id']; } } // Add user in DB DB::insert(prefix_table("users"), array('login' => $login, 'name' => $name, 'lastname' => $lastname, 'pw' => bCrypt(stringUtf8Decode($password), COST), 'email' => $email, 'admin' => intval($isadmin), 'gestionnaire' => intval($ismanager), 'read_only' => intval($isreadonly), 'personal_folder' => intval($haspf), 'user_language' => $lang['valeur'], 'fonction_id' => $rolesList, 'groupes_interdits' => '0', 'groupes_visibles' => '0', 'isAdministratedByRole' => empty($resRole) ? '0' : $resRole['id'])); $new_user_id = DB::insertId(); // Create personnal folder if (intval($haspf) == 1) { DB::insert(prefix_table("nested_tree"), array('parent_id' => '0', 'title' => $new_user_id, 'bloquer_creation' => '0', 'bloquer_modification' => '0', 'personal_folder' => '1')); } // load settings loadSettings(); // Send email to new user @sendEmail($LANG['email_subject_new_user'], str_replace(array('#tp_login#', '#tp_pw#', '#tp_link#'), array(" " . addslashes($login), addslashes($password), $_SESSION['settings']['email_server_url']), $LANG['email_new_user_mail']), $email, ""); // update LOG logEvents('user_mngt', 'at_user_added', 'api - ' . $GLOBALS['apikey'], $new_user_id, ""); echo '{"status":"user added"}'; } catch (PDOException $ex) { echo '<br />' . $ex->getMessage(); } } else { rest_error('USERALREADYEXISTS'); } } } elseif ($GLOBALS['request'][0] == "auth") { /* ** FOR SECURITY PURPOSE, it is mandatory to use SSL to connect your teampass instance. The user password is not encrypted! ** ** ** Expected call format: .../api/index.php/auth/<PROTOCOL>/<URL>/<login>/<password>?apikey=<VALID API KEY> ** Example: https://127.0.0.1/teampass/api/index.php/auth/http/www.zadig-tge.adp.com/U1/test/76?apikey=chahthait5Aidood6johh6Avufieb6ohpaixain ** RESTRICTIONS: ** - <PROTOCOL> ==> http|https|ftp|... ** - <URL> ==> encode URL without protocol (example: http://www.teampass.net becomes www.teampass.net) ** - <login> ==> user's login ** - <password> ==> currently clear password ** ** RETURNED ANSWER: ** - format sent back is JSON ** - Example: {"<item_id>":{"label":"<pass#1>","login":"******","pw":"<pwd#1>"},"<item_id>":{"label":"<pass#2>","login":"******","pw":"<pwd#2>"}} ** */ // get user credentials if (isset($GLOBALS['request'][3]) && isset($GLOBALS['request'][4])) { // get url if (isset($GLOBALS['request'][1]) && isset($GLOBALS['request'][2])) { // is user granted? $userData = DB::queryFirstRow("SELECT `id`, `pw`, `groupes_interdits`, `groupes_visibles`, `fonction_id` FROM " . $pre . "users WHERE login = %s", $GLOBALS['request'][3]); // load passwordLib library $_SESSION['settings']['cpassman_dir'] = ".."; require_once '../sources/SplClassLoader.php'; $pwdlib = new SplClassLoader('PasswordLib', '../includes/libraries'); $pwdlib->register(); $pwdlib = new PasswordLib\PasswordLib(); if ($pwdlib->verifyPasswordHash($GLOBALS['request'][4], $userData['pw']) === true) { // define the restriction of "id_tree" of this user //db::debugMode(true); $userDef = DB::queryOneColumn('folder_id', "SELECT DISTINCT folder_id\n FROM " . prefix_table("roles_values") . "\n WHERE type IN ('R', 'W', 'ND', 'NE', 'NDNE', 'NEND') ", empty($userData['groupes_interdits']) ? "" : "\n AND folder_id NOT IN (" . str_replace(";", ",", $userData['groupes_interdits']) . ")", "\n AND role_id IN %ls\n GROUP BY folder_id", explode(";", $userData['groupes_interdits'])); // complete with "groupes_visibles" foreach (explode(";", $userData['groupes_visibles']) as $v) { array_push($userDef, $v); } // find the item associated to the url $response = DB::query("SELECT id, label, login, pw, pw_iv, id_tree, restricted_to\n FROM " . prefix_table("items") . "\n WHERE url LIKE %s\n AND id_tree IN (" . implode(",", $userDef) . ")\n ORDER BY id DESC", $GLOBALS['request'][1] . "://" . urldecode($GLOBALS['request'][2] . '%')); $counter = DB::count(); if ($counter > 0) { $json = ""; foreach ($response as $data) { // check if item visible if (empty($data['restricted_to']) || $data['restricted_to'] != "" && in_array($userData['id'], explode(";", $data['restricted_to']))) { // prepare export $json[$data['id']]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$data['id']]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$data['id']]['pw'] = $crypt_pw['string']; } } // prepare answer. If no access then inform if (empty($json)) { rest_error('AUTH_NO_DATA'); } else { echo json_encode($json); } } else { rest_error('NO_DATA_EXIST'); } } else { rest_error('AUTH_NOT_GRANTED'); } } else { rest_error('AUTH_NO_URL'); } } else { rest_error('AUTH_NO_IDENTIFIER'); } } elseif ($GLOBALS['request'][0] == "auth_tpc") { /* ** TO BE USED ONLY BY TEAMPASS-CONNECT ** */ // get user credentials if (isset($GLOBALS['request'][2]) && isset($GLOBALS['request'][3])) { // get url if (isset($GLOBALS['request'][1])) { // is user granted? $userData = DB::queryFirstRow("SELECT `id`, `pw`, `groupes_interdits`, `groupes_visibles`, `fonction_id` FROM " . $pre . "users WHERE login = %s", $GLOBALS['request'][2]); // load passwordLib library $_SESSION['settings']['cpassman_dir'] = ".."; require_once '../sources/SplClassLoader.php'; $pwdlib = new SplClassLoader('PasswordLib', '../includes/libraries'); $pwdlib->register(); $pwdlib = new PasswordLib\PasswordLib(); if ($pwdlib->verifyPasswordHash($GLOBALS['request'][3], $userData['pw']) === true) { // define the restriction of "id_tree" of this user //db::debugMode(true); $userDef = DB::queryOneColumn('folder_id', "SELECT DISTINCT folder_id\n FROM " . prefix_table("roles_values") . "\n WHERE type IN ('R', 'W', 'ND', 'NE', 'NDNE', 'NEND') ", empty($userData['groupes_interdits']) ? "" : "\n AND folder_id NOT IN (" . str_replace(";", ",", $userData['groupes_interdits']) . ")", "\n AND role_id IN %ls\n GROUP BY folder_id", explode(";", $userData['groupes_interdits'])); // complete with "groupes_visibles" foreach (explode(";", $userData['groupes_visibles']) as $v) { array_push($userDef, $v); } // decrypt url $tpc_url = base64_decode($GLOBALS['request'][1]); // find the item associated to the url $response = DB::query("SELECT id, label, login, pw, pw_iv, id_tree, restricted_to\n FROM " . prefix_table("items") . "\n WHERE url LIKE %s\n AND id_tree IN (" . implode(",", $userDef) . ")\n ORDER BY id DESC", $tpc_url . '%'); $counter = DB::count(); if ($counter > 0) { $json = ""; foreach ($response as $data) { // check if item visible if (empty($data['restricted_to']) || $data['restricted_to'] != "" && in_array($userData['id'], explode(";", $data['restricted_to']))) { // prepare export $json[$data['id']]['label'] = mb_convert_encoding($data['label'], mb_detect_encoding($data['label']), 'UTF-8'); $json[$data['id']]['login'] = mb_convert_encoding($data['login'], mb_detect_encoding($data['login']), 'UTF-8'); $crypt_pw = cryption($data['pw'], SALT, $data['pw_iv'], "decrypt"); $json[$data['id']]['pw'] = $crypt_pw['string']; } } // prepare answer. If no access then inform if (empty($json)) { rest_error('AUTH_NO_DATA'); } else { echo json_encode($json); } } else { rest_error('NO_DATA_EXIST'); } } else { rest_error('AUTH_NOT_GRANTED'); } } else { rest_error('AUTH_NO_URL'); } } else { rest_error('AUTH_NO_IDENTIFIER'); } } elseif ($GLOBALS['request'][0] == "set") { /* * Expected call format: .../api/index.php/set/<login_to_save>/<password_to_save>/<url>/<user_login>/<user_password>/<label>/<protocol>?apikey=<VALID API KEY> * Example: https://127.0.0.1/teampass/api/index.php/set/newLogin/newPassword/newUrl/myLogin/myPassword?apikey=gu6Eexaewaishooph6iethoh5woh0yoit6ohquo * * NEW ITEM WILL BE STORED IN SPECIFIC FOLDER */ // get user credentials if (isset($GLOBALS['request'][4]) && isset($GLOBALS['request'][5])) { // get url if (isset($GLOBALS['request'][1]) && isset($GLOBALS['request'][2]) && isset($GLOBALS['request'][3])) { // is user granted? $userData = DB::queryFirstRow("SELECT `id`, `pw`, `groupes_interdits`, `groupes_visibles`, `fonction_id` FROM " . $pre . "users WHERE login = %s", $GLOBALS['request'][4]); if (DB::count() == 0) { rest_error('AUTH_NO_IDENTIFIER'); } // load passwordLib library $_SESSION['settings']['cpassman_dir'] = ".."; require_once '../sources/SplClassLoader.php'; $pwdlib = new SplClassLoader('PasswordLib', '../includes/libraries'); $pwdlib->register(); $pwdlib = new PasswordLib\PasswordLib(); // is user identified? if ($pwdlib->verifyPasswordHash($GLOBALS['request'][5], $userData['pw']) === true) { // does the personal folder of this user exists? DB::queryFirstRow("SELECT `id`\n FROM " . $pre . "nested_tree\n WHERE title = %s AND personal_folder = 1", $userData['id']); if (DB::count() > 0) { // check if "teampass-connect" folder exists // if not create it $folder = DB::queryFirstRow("SELECT `id`\n FROM " . $pre . "nested_tree\n WHERE title = %s", "teampass-connect"); if (DB::count() == 0) { DB::insert(prefix_table("nested_tree"), array('parent_id' => '0', 'title' => "teampass-connect")); $tpc_folder_id = DB::insertId(); //Add complexity DB::insert(prefix_table("misc"), array('type' => 'complex', 'intitule' => $tpc_folder_id, 'valeur' => '0')); // rebuild tree $tree = new SplClassLoader('Tree\\NestedTree', '../includes/libraries'); $tree->register(); $tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title'); $tree->rebuild(); } else { $tpc_folder_id = $folder['id']; } // encrypt password $encrypt = cryption($GLOBALS['request'][2], SALT, "", "encrypt"); // is there a protocol? if (isset($GLOBALS['request'][7]) || empty($GLOBALS['request'][7])) { $protocol = "http://"; } else { $protocol = urldecode($GLOBALS['request'][7]) . "://"; } // add new item DB::insert(prefix_table("items"), array('label' => "Credentials for " . urldecode($GLOBALS['request'][3]), 'description' => "Imported with Teampass-Connect", 'pw' => $encrypt['string'], 'pw_iv' => $encrypt['iv'], 'email' => "", 'url' => urldecode($GLOBALS['request'][3]), 'id_tree' => $tpc_folder_id, 'login' => $GLOBALS['request'][1], 'inactif' => '0', 'restricted_to' => $userData['id'], 'perso' => '0', 'anyone_can_modify' => '0', 'complexity_level' => '0')); $newID = DB::insertId(); // log logItems($newID, "Credentials for " . urldecode($GLOBALS['request'][3] . '%'), $userData['id'], 'at_creation', $GLOBALS['request'][1]); $json['status'] = "ok"; // prepare answer. If no access then inform if (empty($json)) { rest_error('AUTH_NO_DATA'); } else { echo json_encode($json); } } else { rest_error('NO_PF_EXIST_FOR_USER'); } } else { rest_error('AUTH_NOT_GRANTED'); } } else { rest_error('SET_NO_DATA'); } } else { rest_error('AUTH_NO_IDENTIFIER'); } } elseif ($GLOBALS['request'][0] == "set_tpc") { /* * TO BE USED ONLY BY TEAMPASS-CONNECT */ // get user credentials if (isset($GLOBALS['request'][2]) && isset($GLOBALS['request'][3])) { // get url if (isset($GLOBALS['request'][1])) { // is user granted? $userData = DB::queryFirstRow("SELECT `id`, `pw`, `groupes_interdits`, `groupes_visibles`, `fonction_id` FROM " . $pre . "users WHERE login = %s", $GLOBALS['request'][2]); if (DB::count() == 0) { rest_error('AUTH_NO_IDENTIFIER'); } // load passwordLib library $_SESSION['settings']['cpassman_dir'] = ".."; require_once '../sources/SplClassLoader.php'; $pwdlib = new SplClassLoader('PasswordLib', '../includes/libraries'); $pwdlib->register(); $pwdlib = new PasswordLib\PasswordLib(); // is user identified? if ($pwdlib->verifyPasswordHash($GLOBALS['request'][3], $userData['pw']) === true) { // does the personal folder of this user exists? DB::queryFirstRow("SELECT `id`\n FROM " . $pre . "nested_tree\n WHERE title = %s AND personal_folder = 1", $userData['id']); if (DB::count() > 0) { // check if "teampass-connect" folder exists // if not create it $folder = DB::queryFirstRow("SELECT `id`\n FROM " . $pre . "nested_tree\n WHERE title = %s", "teampass-connect"); if (DB::count() == 0) { DB::insert(prefix_table("nested_tree"), array('parent_id' => '0', 'title' => "teampass-connect")); $tpc_folder_id = DB::insertId(); //Add complexity DB::insert(prefix_table("misc"), array('type' => 'complex', 'intitule' => $tpc_folder_id, 'valeur' => '0')); // rebuild tree $tree = new SplClassLoader('Tree\\NestedTree', '../includes/libraries'); $tree->register(); $tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title'); $tree->rebuild(); } else { $tpc_folder_id = $folder['id']; } // prepare TPC parameters $tpc_param = explode('/', base64_decode($GLOBALS['request'][1])); // encrypt password $encrypt = cryption(urldecode($tpc_param[1]), SALT, "", "encrypt"); // is there a label? if (empty($tpc_param[3])) { $label = "Credentials for " . urldecode($tpc_param[2]); } else { $label = urldecode($tpc_param[3]); } // add new item DB::insert(prefix_table("items"), array('label' => $label, 'description' => "Imported with Teampass-Connect", 'pw' => $encrypt['string'], 'pw_iv' => $encrypt['iv'], 'email' => "", 'url' => urldecode($tpc_param[2]), 'id_tree' => $tpc_folder_id, 'login' => urldecode($tpc_param[0]), 'inactif' => '0', 'restricted_to' => $userData['id'], 'perso' => '0', 'anyone_can_modify' => '0', 'complexity_level' => '0')); $newID = DB::insertId(); // log logItems($newID, $label, $userData['id'], 'at_creation', ''); $json['status'] = "ok"; // prepare answer. If no access then inform if (empty($json)) { rest_error('AUTH_NO_DATA'); } else { echo json_encode($json); } } else { rest_error('NO_PF_EXIST_FOR_USER'); } } else { rest_error('AUTH_NOT_GRANTED'); } } else { rest_error('SET_NO_DATA'); } } else { rest_error('AUTH_NO_IDENTIFIER'); } } elseif ($GLOBALS['request'][0] == "delete") { $_SESSION['settings']['cpassman_dir'] = ".."; if ($GLOBALS['request'][1] == "folder") { $array_category = explode(';', $GLOBALS['request'][2]); if (count($array_category) > 0 && count($array_category) < 5) { // load passwordLib library require_once '../sources/SplClassLoader.php'; // prepare tree $tree = new SplClassLoader('Tree\\NestedTree', '../includes/libraries'); $tree->register(); $tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title', 'personal_folder'); // this will delete all sub folders and items associated for ($i = 0; $i < count($array_category); $i++) { // Get through each subfolder $folders = $tree->getDescendants($array_category[$i], true); print_r($folders); if (count($folders) > 0) { foreach ($folders as $folder) { if (($folder->parent_id > 0 || $folder->parent_id == 0) && $folder->personal_folder != 1) { //Store the deleted folder (recycled bin) DB::insert(prefix_table("misc"), array('type' => 'folder_deleted', 'intitule' => "f" . $array_category[$i], 'valeur' => $folder->id . ', ' . $folder->parent_id . ', ' . $folder->title . ', ' . $folder->nleft . ', ' . $folder->nright . ', ' . $folder->nlevel . ', 0, 0, 0, 0')); //delete folder DB::delete(prefix_table("nested_tree"), "id = %i", $folder->id); //delete items & logs $items = DB::query("SELECT id\n FROM " . prefix_table("items") . "\n WHERE id_tree=%i", $folder->id); foreach ($items as $item) { DB::update(prefix_table("items"), array('inactif' => '1'), "id = %i", $item['id']); //log DB::insert(prefix_table("log_items"), array('id_item' => $item['id'], 'date' => time(), 'id_user' => API_USER_ID, 'action' => 'at_delete')); } //Update CACHE table updateCacheTable("delete_value", $array_category[$i]); } } } } } else { rest_error('NO_CATEGORY'); } $json['status'] = 'OK'; } elseif ($GLOBALS['request'][1] == "item") { $array_items = explode(';', $GLOBALS['request'][2]); for ($i = 0; $i < count($array_items); $i++) { DB::update(prefix_table("items"), array('inactif' => '1'), "id = %i", $array_items[$i]); //log DB::insert(prefix_table("log_items"), array('id_item' => $array_items[$i], 'date' => time(), 'id_user' => API_USER_ID, 'action' => 'at_delete')); //Update CACHE table updateCacheTable("delete_value", $array_items[$i]); } $json['status'] = 'OK'; } if ($json) { echo json_encode($json); } else { rest_error('EMPTY'); } } else { rest_error('METHOD'); } } }
TorrentFlux is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with TorrentFlux; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ // ADODB support. require_once 'db.php'; require_once "settingsfunctions.php"; // Create Connection. $db = getdb(); loadSettings(); session_start("TorrentFlux"); require_once "config.php"; include "themes/" . $cfg["default_theme"] . "/index.php"; global $cfg; if (isset($_SESSION['user'])) { header("location: index.php"); exit; } ob_start(); // authentication switch ($cfg['auth_type']) { case 3: /* Basic-Passthru */ /* Basic-Passthru */ case 2:
* @author Florian Lippert <*****@*****.**> (2003-2009) * @author Froxlor team <*****@*****.**> (2010-) * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt * @package Panel * */ define('AREA', 'admin'); /** * Include our init.php, which manages Sessions, Language etc. */ $need_db_sql_data = true; $need_root_db_sql_data = true; require "./lib/init.php"; if (($page == 'settings' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { $settings_data = loadConfigArrayDir('./actions/admin/settings/'); $settings = loadSettings($settings_data, $db); if (isset($_POST['send']) && $_POST['send'] == 'send') { $_part = isset($_GET['part']) ? $_GET['part'] : ''; if ($_part == '') { $_part = isset($_POST['part']) ? $_POST['part'] : ''; } if ($_part != '') { if ($_part == 'all') { $settings_all = true; $settings_part = false; } else { $settings_all = false; $settings_part = true; } $only_enabledisable = false; } else {
send('<font color="red"><strong>Error</strong></font><br>'); send('database-config-file <em>' . _DIR . _FILE_DBCONF . '</em> missing. setup cannot continue.'); } } elseif (isset($_REQUEST["3"])) { // 3 - rename files and dirs sendHead(" - Rename Files and Dirs"); send("<h1>" . _TITLE . "</h1>"); send("<h2>Rename Files and Dirs</h2>"); if (is_file(_FILE_DBCONF)) { require_once _FILE_DBCONF; $dbCon = getAdoConnection($cfg["db_type"], $cfg["db_host"], $cfg["db_user"], $cfg["db_pass"], $cfg["db_name"]); if (!$dbCon) { send('<font color="red"><strong>Error</strong></font><br>'); send("cannot connect to database.<p>"); } else { $tf_settings = loadSettings("tf_settings"); // close ado-connection $dbCon->Close(); if ($tf_settings !== false) { $path = $tf_settings["path"]; $pathExists = false; $renameOk = false; $allDone = true; if (@is_dir($path) === true && @is_dir($path . ".torrents") === true) { $pathExists = true; send('<ul>'); // transfers-dir send('<li><em>' . $path . ".torrents -> " . $path . ".transfers" . '</em> : '); $renameOk = rename($path . ".torrents", $path . ".transfers"); if ($renameOk === true) { send('<font color="green">Ok</font></li>');
* @copyright (c) the authors * @author Florian Lippert <*****@*****.**> * @license GPLv2 http://files.syscp.org/misc/COPYING.txt * @package Panel * @version $Id$ */ define('AREA', 'admin'); /** * Include our init.php, which manages Sessions, Language etc. */ $need_db_sql_data = true; $need_root_db_sql_data = true; require "./lib/init.php"; if (($page == 'settings' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { $settings_data = loadConfigArrayDir('./actions/admin/settings/'); $settings = loadSettings(&$settings_data, &$db); if (isset($_POST['send']) && $_POST['send'] == 'send') { if (processForm(&$settings_data, &$_POST, array('filename' => $filename, 'action' => $action, 'page' => $page))) { standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page)); } } else { $fields = buildForm(&$settings_data); eval("echo \"" . getTemplate("settings/settings") . "\";"); } } elseif ($page == 'rebuildconfigs' && $userinfo['change_serversettings'] == '1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles"); inserttask('1'); inserttask('4'); inserttask('5'); redirectTo('admin_index.php', array('s' => $s));
// Some other requires require_once "{$IP}/includes/Defines.php"; require_once MWInit::compiledPath('includes/DefaultSettings.php'); foreach (get_defined_vars() as $key => $var) { if (!array_key_exists($key, $GLOBALS)) { $GLOBALS[$key] = $var; } } global $wgAutoloadClasses; $wgAutoloadClasses = array(); if (defined('MW_CONFIG_CALLBACK')) { # Use a callback function to configure MediaWiki MWFunction::call(MW_CONFIG_CALLBACK); } else { // Require the configuration (probably LocalSettings.php) require loadSettings(); } // Some last includes require_once MWInit::compiledPath('includes/Setup.php'); // Much much faster startup than creating a title object $wgTitle = null; require_once $IP . '/tests/TestsAutoLoader.php'; function loadSettings() { global $wgCommandLineMode, $IP; $settingsFile = "{$IP}/LocalSettings.php"; if (!is_readable($settingsFile)) { $this->error("A copy of your installation's LocalSettings.php\n" . "must exist and be readable in the source directory.\n" . "Use --conf to specify it.", true); } $wgCommandLineMode = true; return $settingsFile;
<?php // check for admin access to this function library // if (!$_SESSION['adminLogIn']) { die("Access Denied"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title><?php loadSettings('sitename'); ?> - ADMIN</title> <meta name="description" content="" /> <meta name="keywords" content="" /> <link rel="stylesheet" type="text/css" href="theme/default_css.css" /> <link rel="shortcut icon" href="theme/images/favicon.ico" type="image/x-icon"/> <?php BsocketB('admin-xhtml-head'); ?> </head> <body> <div id="brace"> <div id="pageframe"> <div id="pageframer"> <div id="headermid"> <div id="headerr"> <div id="header"> <h1>razorCMS <span class='redtext'><?php
$javascript = "schedule.js"; require "includes/userHeader.php"; //get the date $theDate = date("d F Y"); if ($_POST["theDate"] != "") { $theDate = $_POST["theDate"]; } $lastSunday = strtotime("last Sunday", strtotime($theDate)); $day1 = date("l, F j", $lastSunday); $day2 = date("l, F j", strtotime("+1 day", $lastSunday)); $day3 = date("l, F j", strtotime("+2 day", $lastSunday)); $day4 = date("l, F j", strtotime("+3 day", $lastSunday)); $day5 = date("l, F j", strtotime("+4 day", $lastSunday)); $day6 = date("l, F j", strtotime("+5 day", $lastSunday)); $day7 = date("l, F j", strtotime("+6 day", $lastSunday)); loadSettings(1); $empID = "-1"; $userID = $_SESSION["id"]; loadUser($userID); $jobs = array(); $jobs[1] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday)); $jobs[2] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 1); $jobs[3] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 2); $jobs[4] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 3); $jobs[5] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 4); $jobs[6] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 5); $jobs[7] = loadEmployeeJob($empID, date("Y", $lastSunday), date("m", $lastSunday), date("d", $lastSunday) + 6); padBegin(6, 6); ?> <input type="hidden" id="day1" name="day1" />
/** * read client settings from database */ private function _readSettings() { if (isset($this->cid) && $this->cid != -1) { $spath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__))))); $this->s_data = loadConfigArrayDir(makeCorrectDir($spath . '/actions/admin/settings/'), makeCorrectDir($spath . '/actions/multiserver/clientsettings/')); $settings = loadSettings($this->s_data, $this->db, $this->cid); foreach ($settings as $group => $fv) { foreach ($fv as $field => $value) { $this->setSetting($group, $field, $value, true, true, true); } } } }
<title>School organizer | Home</title> </head> <body bgcolor="#' . $bgcolor . '"> <input type="hidden" id="user" value="' . $user->getEmail() . '" /> <table id="hometable"> <tr> <td id="hometableleft"></td> <td id="hometablemid" style="background-color:#ffffff; box-shadow: 0px 0px 10px #000000;" valign="top"> <br /><br /><br /> <!-- Content --> <div class="contentz" id="home" name="' . $email . '">' . loadHome($user, $db) . '</div> <div class="contentz" id="kalender" name="' . $email . '">' . loadKalender($user, $db) . '</div> <div class="contentz" id="stundenplan" name="' . $email . '">' . loadStundenplan($user, $db) . '</div> <div class="contentz" id="gruppen" name="' . $email . '">' . loadGruppen($user, $db) . '</div> <div class="contentz" id="freunde" name="' . $email . '">' . loadFreunde($user, $db) . '</div> <div class="contentz" id="settings" name="' . $email . '">' . loadSettings($user, $db) . '</div> </td> <td id="hometableright">'; include '../../global/chat.php'; echo '</td> </tr> </table> <div id="menu" style="background-color:#' . $MENUCOLOR . '; box-shadow: 0px 0px 10px #000000;"> <div align="center"> <input type="hidden" name="email" value="' . $user->getEmail() . '" /> <input type="button" class="menubutton" name="home" id="b1" value="Home" style="background-color:' . $MENUCOLOR . '; color:' . $MAINCOLOR2 . '"><div class="menuslider" id="s1" style="background-color:' . $MAINCOLOR2 . '"></div> <input type="button" class="menubutton" name="kalender" id="b2" value="Kalender" style="background-color:' . $MENUCOLOR . '; color:' . $MAINCOLOR . '"><div class="menuslider" id="s2" style="background-color:' . $MAINCOLOR2 . '"></div> <input type="button" class="menubutton" name="stundenplan" id="b3" value="Stundenplan" style="background-color:' . $MENUCOLOR . '; color:' . $MAINCOLOR . '"><div class="menuslider" id="s3" style="background-color:' . $MAINCOLOR2 . '"></div>
$databaseTypes['postgres'] = 'pg_connect'; if (array_key_exists($cfg["db_type"], $databaseTypes)) { if (!function_exists($databaseTypes[$cfg["db_type"]])) { @error("Database Problems", "", "", array('This PHP installation does not have support for ' . $cfg["db_type"] . ' built into it. Please reinstall PHP and ensure support for the selected database is built in.')); } } else { @error("Database Problems", "", "", array('Error in database-config, database-type ' . $cfg["db_type"] . ' is not supported.', "Check your database-config-file. (inc/config/config.db.php)")); } // initialize database dbInitialize(); // load global settings loadSettings('tf_settings'); // load dir-settings loadSettings('tf_settings_dir'); // load stats-settings loadSettings('tf_settings_stats'); // load users $arUsers = GetUsers(); $cfg['users'] = isset($arUsers) && is_array($arUsers) ? $arUsers : array($cfg['user']); // load links $arLinks = GetLinks(); if (isset($arLinks) && is_array($arLinks)) { $linklist = array(); foreach ($arLinks as $link) { array_push($linklist, array('link_url' => $link['url'], 'link_sitename' => $link['sitename'])); } $cfg['linklist'] = $linklist; } // Path to where the meta files will be stored... usually a sub of $cfg["path"] $cfg["transfer_file_path"] = $cfg["path"] . ".transfers/"; // Free space in MB
function uiSettings() { global $cfg; // load global settings + overwrite per-user settings loadSettings(); // display DisplayHead("Administration - UI Settings"); // Admin Menu displayMenu(); // Main Settings Section ?> <div align="center"> <table width="100%" border="1" bordercolor="<?php echo $cfg["table_admin_border"]; ?> " cellpadding="2" cellspacing="0" bgcolor="<?php echo $cfg["table_data_bg"]; ?> "> <tr><td bgcolor="<?php echo $cfg["table_header_bg"]; ?> " background="themes/<?php echo $cfg["theme"]; ?> /images/bar.gif"> <img src="images/properties.png" width="18" height="13" border="0"> <font class="title">UI Settings</font> </td></tr><tr><td align="center"> <div align="center"> <table cellpadding="5" cellspacing="0" border="0" width="100%"> <form name="theForm" action="admin.php?op=updateUiSettings" method="post"> <tr><td colspan="2" align="center" bgcolor="<?php echo $cfg["table_header_bg"]; ?> "><strong>Index-Page</strong></td></tr> <tr> <td align="left" width="350" valign="top"><strong>Select index-page</strong><br> Select the index-Page. </td> <td valign="top"> <?php printIndexPageSelectForm(); ?> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>index-page settings</strong><br> Select the columns in transfer-list on index-Page.<br>(only for b4rt-index-page) </td> <td valign="top"> <?php printIndexPageSettingsForm(); ?> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Width</strong><br> Specify the width of the index-page. (780): </td> <td valign="bottom"> <input name="ui_dim_main_w" type="Text" maxlength="5" value="<?php echo $cfg["ui_dim_main_w"]; ?> " size="5"> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Display Links</strong><br> Display Links on the index-page. (true): </td> <td valign="bottom"> <select name="ui_displaylinks"> <option value="1">true</option> <option value="0" <?php if (!$cfg["ui_displaylinks"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Display Users</strong><br> Display Users on the index-page. (true): </td> <td valign="bottom"> <select name="ui_displayusers"> <option value="1">true</option> <option value="0" <?php if (!$cfg["ui_displayusers"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Select Drivespace-Bar</strong><br> Select Style of Drivespace-Bar on index-Page. </td> <td valign="top"> <?php printDrivespacebarSelectForm(); ?> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Show Server Stats</strong><br> Enable showing the server stats at the bottom: </td> <td valign="top"> <select name="index_page_stats"> <option value="1">true</option> <option value="0" <?php if (!$cfg["index_page_stats"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Show Server Load</strong><br> Enable showing the average server load over the last 15 minutes: </td> <td valign="top"> <select name="show_server_load"> <option value="1">true</option> <option value="0" <?php if (!$cfg["show_server_load"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Show Connections</strong><br> Enable showing the Sum of TCP-Connections: </td> <td valign="top"> <select name="index_page_connections"> <option value="1">true</option> <option value="0" <?php if (!$cfg["index_page_connections"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Use Refresh</strong><br> Use meta-refresh on index-page. (true): </td> <td valign="bottom"> <select name="ui_indexrefresh"> <option value="1">true</option> <option value="0" <?php if (!$cfg["ui_indexrefresh"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Page Refresh (in seconds)</strong><br> Number of seconds before the torrent list page refreshes: </td> <td valign="top"> <input name="page_refresh" type="Text" maxlength="3" value="<?php echo $cfg["page_refresh"]; ?> " size="3"> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Select Sort-Order</strong><br> Select default Sort-Order of transfers on index-Page. </td> <td valign="top"> <?php printSortOrderSettingsForm(); ?> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Enable sorttable</strong><br> Enable Client-Side sorting of Transfer-Table: </td> <td valign="top"> <select name="enable_sorttable"> <option value="1">true</option> <option value="0" <?php if (!$cfg["enable_sorttable"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Enable Good looking statistics</strong><br> Enable/Disable "Good looking statistics" : </td> <td valign="top"> <select name="enable_goodlookstats"> <option value="1">true</option> <option value="0" <?php if (!$cfg["enable_goodlookstats"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Good looking statistics settings</strong><br> Configure Settings of "Good looking statistics" : </td> <td valign="top"> <?php printGoodLookingStatsForm(); ?> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Enable Big bold drivespace warning</strong><br> Enable/Disable "Big bold drivespace warning" : </td> <td valign="top"> <select name="enable_bigboldwarning"> <option value="1">true</option> <option value="0" <?php if (!$cfg["enable_bigboldwarning"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr><td colspan="2" align="center" bgcolor="<?php echo $cfg["table_header_bg"]; ?> "><strong>Download-Details</strong></td></tr> <tr> <td align="left" width="350" valign="top"><strong>Width</strong><br> Specify the width of the details-popup. (450): </td> <td valign="bottom"> <input name="ui_dim_details_w" type="Text" maxlength="5" value="<?php echo $cfg["ui_dim_details_w"]; ?> " size="5"> </td> </tr> <tr> <td align="left" width="350" valign="top"><strong>Height</strong><br> Specify the height of the details-popup. (290): </td> <td valign="bottom"> <input name="ui_dim_details_h" type="Text" maxlength="5" value="<?php echo $cfg["ui_dim_details_h"]; ?> " size="5"> </td> </tr> <tr><td colspan="2" align="center" bgcolor="<?php echo $cfg["table_header_bg"]; ?> "><strong>Misc</strong></td></tr> <tr> <td align="left" width="350" valign="top"><strong>Display TorrentFlux Link</strong><br> Display TorrentFlux Link at bottom of pages. (true): </td> <td valign="bottom"> <select name="ui_displayfluxlink"> <option value="1">true</option> <option value="0" <?php if (!$cfg["ui_displayfluxlink"]) { echo "selected"; } ?> >false</option> </select> </td> </tr> <tr><td colspan="2"><hr noshade></td></tr> <tr> <td align="center" colspan="2"> <input type="Submit" value="Update Settings"> </td> </tr> </form> </table> </div> </td></tr> </table></div> <?php DisplayFoot(true, true); }
* @author Florian Lippert <*****@*****.**> (2003-2009) * @author Froxlor team <*****@*****.**> (2010-) * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt * @package Panel * */ define('AREA', 'admin'); require './lib/init.php'; // get sql-root access data Database::needRoot(true); Database::needSqlData(); $sql_root = Database::getSqlData(); Database::needRoot(false); if ($page == 'overview' && $userinfo['change_serversettings'] == '1') { $settings_data = loadConfigArrayDir('./actions/admin/settings/'); $settings = loadSettings($settings_data); if (isset($_POST['send']) && $_POST['send'] == 'send') { $_part = isset($_GET['part']) ? $_GET['part'] : ''; if ($_part == '') { $_part = isset($_POST['part']) ? $_POST['part'] : ''; } if ($_part != '') { if ($_part == 'all') { $settings_all = true; $settings_part = false; } else { $settings_all = false; $settings_part = true; } $only_enabledisable = false; } else {
<?php include_once '../global/ranvier.php'; include_once '../global/yaml/spyc.php'; $area = $_POST['area']; $room = $_POST['room']; $settings = loadSettings(); $foundTheRoom = false; $array = readRanvierFile('/entities/areas/' . $area . '/rooms.yml', IS_YAML); for ($x = 0; $x < count($array); $x++) { if ($array[$x]['location'] == $room['location']) { $foundTheRoom = true; if (ranvierFileExists('/scripts/rooms/' . $room['location'] . '.js')) { $room['script'] = $room['location'] . '.js'; } else { unset($room['script']); } $array[$x] = $room; $x = count($array); } } if (!$foundTheRoom) { $array[] = $room; } $yaml = Spyc::YAMLDump($array, 4, 60); saveRanvierFile('/entities/areas/' . $area . '/rooms.yml', $yaml);
function preparse_php($script_filename) { global $convert_data; $preparsing = true; require $script_filename; if (empty($convert_data['parameters'])) { $convert_data['parameters'] = array(); } if (empty($convert_data['defines'])) { $convert_data['defines'] = array(); } if (empty($convert_data['globals'])) { $convert_data['globals'] = array(); } if (empty($convert_data['settings'])) { $convert_data['settings'] = array(); } if (empty($convert_data['variable'])) { $convert_data['variable'] = array(); } if (empty($convert_data['database_support'])) { $convert_data['database_support'] = array('mysql'); } foreach ($convert_data['globals'] as $k => $v) { $v = trim($v); $convert_data['globals'][$k] = $v[0] == '$' ? substr($v, 1) : $v; } if (isset($_POST['path_to']) && !empty($_GET['step'])) { loadSettings(); } }
} else { $msg .= "Erreur lors de la suppression de la réserve sur les comptes élèves.<br />"; } } if (isset($_GET['suppr_reserve_resp'])) { check_token(); $sql = "DELETE FROM tempo_utilisateurs WHERE statut='responsable';"; $res = mysqli_query($GLOBALS["mysqli"], $sql); if ($res) { $msg .= "Suppression de la réserve sur les comptes responsables effectuée.<br />"; } else { $msg .= "Erreur lors de la suppression de la réserve sur les comptes responsables.<br />"; } } // Load settings if (!loadSettings()) { die("Erreur chargement settings"); } if (isset($_POST['is_posted']) and $msg == '') { $msg = "Les modifications ont été enregistrées !"; } if (isset($_SESSION['chgt_annee'])) { unset($_SESSION['chgt_annee']); } //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ $themessage = 'Des informations ont été modifiées. Voulez-vous vraiment quitter sans enregistrer ?'; //**************** EN-TETE ***************** // End standart header $titre_page = "Changement d'année"; require_once "../lib/header.inc.php"; //**************** FIN EN-TETE *****************
<link rel="stylesheet" type="text/css" href="theme/maintenance_css.css" /> <link rel="shortcut icon" href="theme/images/favicon.ico" type="image/x-icon"/> </head> <body> <div id="brace"> <div id="pageframe"> <div id="pageframer"> <div id="headermid"> <div id="headerr"> <div id="header"> <h1><?php loadSettings('sitename'); ?> </h1> <h2><?php loadSettings('siteslogan'); ?> </h2> </div> </div> </div> <div id="midbrace"> <div id="midbox"> <div id="content"> <img src="theme/images/warning.png" title="warning" alt="warning" /> <h1><?php echo lt('UNDER MAINTENANCE'); ?> </h1> <p><?php echo lt('This site is currently under going routine maintenance, sorry for any inconvenience this has cause, we hope to be up and running shortly');
function saveUserSettings($uid, $settings) { global $cfg; // Messy - a not exists would prob work better. but would have to be done // on every key/value pair so lots of extra-statements. deleteUserSettings($uid); // load global settings + overwrite per-user settings loadSettings('tf_settings'); // insert new settings foreach ($settings as $key => $value) { if (in_array($key, $cfg['validUserSettingsKeys'])) { insertUserSettingPair($uid, $key, $value); } else { AuditAction($cfg["constants"]["error"], "ILLEGAL SETTING: " . $cfg["user"] . " tried to insert " . $value . " for key " . $key); } } // flush session-cache cacheFlush($cfg["user"]); // return return true; }
* Revision 1.3 2008-11-11 22:01:14 grr * *** empty log message *** * * */ include "include/connect.inc.php"; include "include/config.inc.php"; include "include/misc.inc.php"; include "include/functions.inc.php"; include "include/$dbsys.inc.php"; // Settings require_once("./include/settings.inc.php"); //Chargement des valeurs de la table settingS if (!loadSettings()) die("Erreur chargement settings"); // Paramètres langage include "include/language.inc.php"; // Session related functions require_once("./include/session.inc.php"); // Vérification du numéro de version et renvoi automatique vers la page de mise à jour if (verif_version()) { header("Location: ./admin_maj.php"); exit(); } // User wants to be authentified if (isset($_POST['login']) && isset($_POST['password'])) { // Détruit toutes les variables de session au cas où une session existait auparavant