/** * Open file for logging * * @param string $file File to open */ protected function file_open($file) { if (src_is_writable(dirname($file))) { $this->file_handle = fopen($file, 'w'); } else { throw new \RuntimeException('Unable to write to migrator log file'); } }
/** * {@inheritDoc} */ function save() { if (!$this->is_modified) { return; } global $phpEx; if (!$this->_write('data_global')) { if (!function_exists('src_is_writable')) { global $src_root_path; include $src_root_path . 'includes/functions.' . $phpEx; } // Now, this occurred how often? ... phew, just tell the user then... if (!src_is_writable($this->cache_dir)) { // We need to use die() here, because else we may encounter an infinite loop (the message handler calls $cache->unload()) die('Fatal: ' . $this->cache_dir . ' is NOT writable.'); exit; } die('Fatal: Not able to open ' . $this->cache_dir . 'data_global.' . $phpEx); exit; } $this->is_modified = false; }
/** * Test if a file/directory is writable * * This function calls the native is_writable() when not running under * Windows and it is not disabled. * * @param string $file Path to perform write test on * @return bool True when the path is writable, otherwise false. */ function src_is_writable($file) { if (strtolower(substr(PHP_OS, 0, 3)) === 'win' || !function_exists('is_writable')) { if (file_exists($file)) { // Canonicalise path to absolute path $file = src_realpath($file); if (is_dir($file)) { // Test directory by creating a file inside the directory $result = @tempnam($file, 'i_w'); if (is_string($result) && file_exists($result)) { unlink($result); // Ensure the file is actually in the directory (returned realpathed) return strpos($result, $file) === 0 ? true : false; } } else { $handle = @fopen($file, 'r+'); if (is_resource($handle)) { fclose($handle); return true; } } } else { // file does not exist test if we can write to the directory $dir = dirname($file); if (file_exists($dir) && is_dir($dir) && src_is_writable($dir)) { return true; } } return false; } else { return is_writable($file); } }
function copy_dir($src, $trg, $copy_subdirs = true, $overwrite = false, $die_on_failure = true, $source_relative_path = true) { global $convert, $src_root_path, $config, $user, $db; $dirlist = $filelist = $bad_dirs = array(); $src = path($src, $source_relative_path); $trg = path($trg); $src_path = relative_base($src, $source_relative_path, __LINE__, __FILE__); $trg_path = $src_root_path . $trg; if (!is_dir($trg_path)) { @mkdir($trg_path, 0777); @chmod($trg_path, 0777); } if (!src_is_writable($trg_path)) { $bad_dirs[] = path($config['script_path']) . $trg; } if ($handle = @opendir($src_path)) { while ($entry = readdir($handle)) { if ($entry[0] == '.' || $entry == 'CVS' || $entry == 'index.htm') { continue; } if (is_dir($src_path . $entry)) { $dirlist[] = $entry; } else { $filelist[] = $entry; } } closedir($handle); } else { if ($dir = @dir($src_path)) { while ($entry = $dir->read()) { if ($entry[0] == '.' || $entry == 'CVS' || $entry == 'index.htm') { continue; } if (is_dir($src_path . $entry)) { $dirlist[] = $entry; } else { $filelist[] = $entry; } } $dir->close(); } else { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_COULD_NOT_READ'], relative_base($src, $source_relative_path)), __LINE__, __FILE__); } } if ($copy_subdirs) { for ($i = 0; $i < sizeof($dirlist); ++$i) { $dir = $dirlist[$i]; if ($dir == 'CVS') { continue; } if (!is_dir($trg_path . $dir)) { @mkdir($trg_path . $dir, 0777); @chmod($trg_path . $dir, 0777); } if (!src_is_writable($trg_path . $dir)) { $bad_dirs[] = $trg . $dir; $bad_dirs[] = $trg_path . $dir; } if (!sizeof($bad_dirs)) { copy_dir($src . $dir, $trg . $dir, true, $overwrite, $die_on_failure, $source_relative_path); } } } if (sizeof($bad_dirs)) { $str = sizeof($bad_dirs) == 1 ? $user->lang['MAKE_FOLDER_WRITABLE'] : $user->lang['MAKE_FOLDERS_WRITABLE']; sort($bad_dirs); $convert->p_master->error(sprintf($str, implode('<br />', $bad_dirs)), __LINE__, __FILE__); } for ($i = 0; $i < sizeof($filelist); ++$i) { copy_file($src . $filelist[$i], $trg . $filelist[$i], $overwrite, $die_on_failure, $source_relative_path); } }
/** * Checks whether the chunk we are about to deal with was actually uploaded * by PHP and actually exists, if not, it generates an error * * @param string $form_name The name of the file in the form data * * @return null */ protected function integrate_uploaded_file($form_name, $chunk, $file_path) { $is_multipart = $this->is_multipart(); $upload = $this->request->file($form_name); if ($is_multipart && (!isset($upload['tmp_name']) || !is_uploaded_file($upload['tmp_name']))) { $this->emit_error(103, 'PLUPLOAD_ERR_MOVE_UPLOADED'); } $tmp_file = $this->temporary_filepath($upload['tmp_name']); if (!src_is_writable($this->temporary_directory) || !move_uploaded_file($upload['tmp_name'], $tmp_file)) { $this->emit_error(103, 'PLUPLOAD_ERR_MOVE_UPLOADED'); } $out = fopen("{$file_path}.part", $chunk == 0 ? 'wb' : 'ab'); if (!$out) { $this->emit_error(102, 'PLUPLOAD_ERR_OUTPUT'); } $in = fopen($is_multipart ? $tmp_file : 'php://input', 'rb'); if (!$in) { $this->emit_error(101, 'PLUPLOAD_ERR_INPUT'); } while ($buf = fread($in, 4096)) { fwrite($out, $buf); } fclose($in); fclose($out); if ($is_multipart) { unlink($tmp_file); } }
/** * Test Settings */ function test_upload(&$error, $upload_dir, $create_directory = false) { global $user, $src_root_path; // Does the target directory exist, is it a directory and writable. if ($create_directory) { if (!file_exists($src_root_path . $upload_dir)) { @mkdir($src_root_path . $upload_dir, 0777); src_chmod($src_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE); } } if (!file_exists($src_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); return; } if (!is_dir($src_root_path . $upload_dir)) { $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); return; } if (!src_is_writable($src_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); return; } }
function main($id, $mode) { global $config, $db, $cache, $user, $auth, $template, $request; global $src_root_path, $src_admin_path, $phpEx, $src_container, $src_dispatcher; // Show restore permissions notice if ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) { $this->tpl_name = 'acp_main'; $this->page_title = 'ACP_MAIN'; $sql = 'SELECT user_id, username, user_colour FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user->data['user_perm_from']; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $perm_from = get_username_string('full', $user_row['user_id'], $user_row['username'], $user_row['user_colour']); $template->assign_vars(array('S_RESTORE_PERMISSIONS' => true, 'U_RESTORE_PERMISSIONS' => append_sid("{$src_root_path}ucp.{$phpEx}", 'mode=restore_perm'), 'PERM_FROM' => $perm_from, 'L_PERMISSIONS_TRANSFERRED_EXPLAIN' => sprintf($user->lang['PERMISSIONS_TRANSFERRED_EXPLAIN'], $perm_from, append_sid("{$src_root_path}ucp.{$phpEx}", 'mode=restore_perm')))); return; } $action = request_var('action', ''); if ($action) { if ($action === 'admlogout') { $user->unset_admin(); redirect(append_sid("{$src_root_path}index.{$phpEx}")); } if (!confirm_box(true)) { switch ($action) { case 'online': $confirm = true; $confirm_lang = 'RESET_ONLINE_CONFIRM'; break; case 'stats': $confirm = true; $confirm_lang = 'RESYNC_STATS_CONFIRM'; break; case 'user': $confirm = true; $confirm_lang = 'RESYNC_POSTCOUNTS_CONFIRM'; break; case 'date': $confirm = true; $confirm_lang = 'RESET_DATE_CONFIRM'; break; case 'db_track': $confirm = true; $confirm_lang = 'RESYNC_POST_MARKING_CONFIRM'; break; case 'purge_cache': $confirm = true; $confirm_lang = 'PURGE_CACHE_CONFIRM'; break; case 'purge_sessions': $confirm = true; $confirm_lang = 'PURGE_SESSIONS_CONFIRM'; break; default: $confirm = true; $confirm_lang = 'CONFIRM_OPERATION'; } if ($confirm) { confirm_box(false, $user->lang[$confirm_lang], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action))); } } else { switch ($action) { case 'online': if (!$auth->acl_get('a_srcrd')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } set_config('record_online_users', 1, true); set_config('record_online_date', time(), true); add_log('admin', 'LOG_RESET_ONLINE'); if ($request->is_ajax()) { trigger_error('RESET_ONLINE_SUCCESS'); } break; case 'stats': if (!$auth->acl_get('a_srcrd')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'SELECT COUNT(post_id) AS stat FROM ' . POSTS_TABLE . ' WHERE post_visibility = ' . ITEM_APPROVED; $result = $db->sql_query($sql); set_config('num_posts', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); $sql = 'SELECT COUNT(topic_id) AS stat FROM ' . TOPICS_TABLE . ' WHERE topic_visibility = ' . ITEM_APPROVED; $result = $db->sql_query($sql); set_config('num_topics', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); $sql = 'SELECT COUNT(user_id) AS stat FROM ' . USERS_TABLE . ' WHERE user_type IN (' . USER_NORMAL . ',' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); set_config('num_users', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); $sql = 'SELECT COUNT(attach_id) as stat FROM ' . ATTACHMENTS_TABLE . ' WHERE is_orphan = 0'; $result = $db->sql_query($sql); set_config('num_files', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); $sql = 'SELECT SUM(filesize) as stat FROM ' . ATTACHMENTS_TABLE . ' WHERE is_orphan = 0'; $result = $db->sql_query($sql); set_config('upload_dir_size', (double) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); if (!function_exists('update_last_username')) { include $src_root_path . "includes/functions_user.{$phpEx}"; } update_last_username(); add_log('admin', 'LOG_RESYNC_STATS'); if ($request->is_ajax()) { trigger_error('RESYNC_STATS_SUCCESS'); } break; case 'user': if (!$auth->acl_get('a_srcrd')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } // Resync post counts $start = $max_post_id = 0; // Find the maximum post ID, we can only stop the cycle when we've reached it $sql = 'SELECT MAX(forum_last_post_id) as max_post_id FROM ' . FORUMS_TABLE; $result = $db->sql_query($sql); $max_post_id = (int) $db->sql_fetchfield('max_post_id'); $db->sql_freeresult($result); // No maximum post id? :o if (!$max_post_id) { $sql = 'SELECT MAX(post_id) as max_post_id FROM ' . POSTS_TABLE; $result = $db->sql_query($sql); $max_post_id = (int) $db->sql_fetchfield('max_post_id'); $db->sql_freeresult($result); } // Still no maximum post id? Then we are finished if (!$max_post_id) { add_log('admin', 'LOG_RESYNC_POSTCOUNTS'); break; } $step = $config['num_posts'] ? max((int) ($config['num_posts'] / 5), 20000) : 20000; $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_posts = 0'); while ($start < $max_post_id) { $sql = 'SELECT COUNT(post_id) AS num_posts, poster_id FROM ' . POSTS_TABLE . ' WHERE post_id BETWEEN ' . ($start + 1) . ' AND ' . ($start + $step) . ' AND post_postcount = 1 AND post_visibility = ' . ITEM_APPROVED . ' GROUP BY poster_id'; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $sql = 'UPDATE ' . USERS_TABLE . " SET user_posts = user_posts + {$row['num_posts']} WHERE user_id = {$row['poster_id']}"; $db->sql_query($sql); } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $start += $step; } add_log('admin', 'LOG_RESYNC_POSTCOUNTS'); if ($request->is_ajax()) { trigger_error('RESYNC_POSTCOUNTS_SUCCESS'); } break; case 'date': if (!$auth->acl_get('a_srcrd')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } set_config('srcrd_startdate', time() - 1); add_log('admin', 'LOG_RESET_DATE'); if ($request->is_ajax()) { trigger_error('RESET_DATE_SUCCESS'); } break; case 'db_track': switch ($db->get_sql_layer()) { case 'sqlite': case 'sqlite3': $db->sql_query('DELETE FROM ' . TOPICS_POSTED_TABLE); break; default: $db->sql_query('TRUNCATE TABLE ' . TOPICS_POSTED_TABLE); break; } // This can get really nasty... therefore we only do the last six months $get_from_time = time() - 6 * 4 * 7 * 24 * 60 * 60; // Select forum ids, do not include categories $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type <> ' . FORUM_CAT; $result = $db->sql_query($sql); $forum_ids = array(); while ($row = $db->sql_fetchrow($result)) { $forum_ids[] = $row['forum_id']; } $db->sql_freeresult($result); // Any global announcements? ;) $forum_ids[] = 0; // Now go through the forums and get us some topics... foreach ($forum_ids as $forum_id) { $sql = 'SELECT p.poster_id, p.topic_id FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t WHERE t.forum_id = ' . $forum_id . ' AND t.topic_moved_id = 0 AND t.topic_last_post_time > ' . $get_from_time . ' AND t.topic_id = p.topic_id AND p.poster_id <> ' . ANONYMOUS . ' GROUP BY p.poster_id, p.topic_id'; $result = $db->sql_query($sql); $posted = array(); while ($row = $db->sql_fetchrow($result)) { $posted[$row['poster_id']][] = $row['topic_id']; } $db->sql_freeresult($result); $sql_ary = array(); foreach ($posted as $user_id => $topic_row) { foreach ($topic_row as $topic_id) { $sql_ary[] = array('user_id' => (int) $user_id, 'topic_id' => (int) $topic_id, 'topic_posted' => 1); } } unset($posted); if (sizeof($sql_ary)) { $db->sql_multi_insert(TOPICS_POSTED_TABLE, $sql_ary); } } add_log('admin', 'LOG_RESYNC_POST_MARKING'); if ($request->is_ajax()) { trigger_error('RESYNC_POST_MARKING_SUCCESS'); } break; case 'purge_cache': $config->increment('assets_version', 1); $cache->purge(); // Clear permissions $auth->acl_clear_prefetch(); src_cache_moderators($db, $cache, $auth); add_log('admin', 'LOG_PURGE_CACHE'); if ($request->is_ajax()) { trigger_error('PURGE_CACHE_SUCCESS'); } break; case 'purge_sessions': if ((int) $user->data['user_type'] !== USER_FOUNDER) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } $tables = array(CONFIRM_TABLE, SESSIONS_TABLE); foreach ($tables as $table) { switch ($db->get_sql_layer()) { case 'sqlite': case 'sqlite3': $db->sql_query("DELETE FROM {$table}"); break; default: $db->sql_query("TRUNCATE TABLE {$table}"); break; } } // let's restore the admin session $reinsert_ary = array('session_id' => (string) $user->session_id, 'session_page' => (string) substr($user->page['page'], 0, 199), 'session_forum_id' => $user->page['forum'], 'session_user_id' => (int) $user->data['user_id'], 'session_start' => (int) $user->data['session_start'], 'session_last_visit' => (int) $user->data['session_last_visit'], 'session_time' => (int) $user->time_now, 'session_browser' => (string) trim(substr($user->browser, 0, 149)), 'session_forwarded_for' => (string) $user->forwarded_for, 'session_ip' => (string) $user->ip, 'session_autologin' => (int) $user->data['session_autologin'], 'session_admin' => 1, 'session_viewonline' => (int) $user->data['session_viewonline']); $sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $reinsert_ary); $db->sql_query($sql); add_log('admin', 'LOG_PURGE_SESSIONS'); if ($request->is_ajax()) { trigger_error('PURGE_SESSIONS_SUCCESS'); } break; } } } // Version check $user->add_lang('install'); if ($auth->acl_get('a_server') && version_compare(PHP_VERSION, '5.3.3', '<')) { $template->assign_vars(array('S_PHP_VERSION_OLD' => true, 'L_PHP_VERSION_OLD' => sprintf($user->lang['PHP_VERSION_OLD'], '<a href="https://www.src.com/community/viewtopic.php?f=14&t=2152375">', '</a>'))); } $version_helper = $src_container->get('version_helper'); try { $recheck = $request->variable('versioncheck_force', false); $updates_available = $version_helper->get_suggested_updates($recheck); $template->assign_var('S_VERSION_UP_TO_DATE', empty($updates_available)); } catch (\RuntimeException $e) { $template->assign_vars(array('S_VERSIONCHECK_FAIL' => true, 'VERSIONCHECK_FAIL_REASON' => $e->getMessage() !== $user->lang('VERSIONCHECK_FAIL') ? $e->getMessage() : '')); } /** * Notice admin * * @event core.acp_main_notice * @since 3.1.0-RC3 */ $src_dispatcher->dispatch('core.acp_main_notice'); // Get forum statistics $total_posts = $config['num_posts']; $total_topics = $config['num_topics']; $total_users = $config['num_users']; $total_files = $config['num_files']; $start_date = $user->format_date($config['srcrd_startdate']); $srcrddays = (time() - $config['srcrd_startdate']) / 86400; $posts_per_day = sprintf('%.2f', $total_posts / $srcrddays); $topics_per_day = sprintf('%.2f', $total_topics / $srcrddays); $users_per_day = sprintf('%.2f', $total_users / $srcrddays); $files_per_day = sprintf('%.2f', $total_files / $srcrddays); $upload_dir_size = get_formatted_filesize($config['upload_dir_size']); $avatar_dir_size = 0; if ($avatar_dir = @opendir($src_root_path . $config['avatar_path'])) { while (($file = readdir($avatar_dir)) !== false) { if ($file[0] != '.' && $file != 'CVS' && strpos($file, 'index.') === false) { $avatar_dir_size += filesize($src_root_path . $config['avatar_path'] . '/' . $file); } } closedir($avatar_dir); $avatar_dir_size = get_formatted_filesize($avatar_dir_size); } else { // Couldn't open Avatar dir. $avatar_dir_size = $user->lang['NOT_AVAILABLE']; } if ($posts_per_day > $total_posts) { $posts_per_day = $total_posts; } if ($topics_per_day > $total_topics) { $topics_per_day = $total_topics; } if ($users_per_day > $total_users) { $users_per_day = $total_users; } if ($files_per_day > $total_files) { $files_per_day = $total_files; } if ($config['allow_attachments'] || $config['allow_pm_attach']) { $sql = 'SELECT COUNT(attach_id) AS total_orphan FROM ' . ATTACHMENTS_TABLE . ' WHERE is_orphan = 1 AND filetime < ' . (time() - 3 * 60 * 60); $result = $db->sql_query($sql); $total_orphan = (int) $db->sql_fetchfield('total_orphan'); $db->sql_freeresult($result); } else { $total_orphan = false; } $dbsize = get_database_size(); $template->assign_vars(array('TOTAL_POSTS' => $total_posts, 'POSTS_PER_DAY' => $posts_per_day, 'TOTAL_TOPICS' => $total_topics, 'TOPICS_PER_DAY' => $topics_per_day, 'TOTAL_USERS' => $total_users, 'USERS_PER_DAY' => $users_per_day, 'TOTAL_FILES' => $total_files, 'FILES_PER_DAY' => $files_per_day, 'START_DATE' => $start_date, 'AVATAR_DIR_SIZE' => $avatar_dir_size, 'DBSIZE' => $dbsize, 'UPLOAD_DIR_SIZE' => $upload_dir_size, 'TOTAL_ORPHAN' => $total_orphan, 'S_TOTAL_ORPHAN' => $total_orphan === false ? false : true, 'GZIP_COMPRESSION' => $config['gzip_compress'] && @extension_loaded('zlib') ? $user->lang['ON'] : $user->lang['OFF'], 'DATABASE_INFO' => $db->sql_server_info(), 'U_ACTION' => $this->u_action, 'U_ADMIN_LOG' => append_sid("{$src_admin_path}index.{$phpEx}", 'i=logs&mode=admin'), 'U_INACTIVE_USERS' => append_sid("{$src_admin_path}index.{$phpEx}", 'i=inactive&mode=list'), 'U_VERSIONCHECK' => append_sid("{$src_admin_path}index.{$phpEx}", 'i=update&mode=version_check'), 'U_VERSIONCHECK_FORCE' => append_sid("{$src_admin_path}index.{$phpEx}", 'versioncheck_force=1'), 'S_ACTION_OPTIONS' => $auth->acl_get('a_srcrd') ? true : false, 'S_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false)); $log_data = array(); $log_count = false; if ($auth->acl_get('a_viewlogs')) { view_log('admin', $log_data, $log_count, 5); foreach ($log_data as $row) { $template->assign_block_vars('log', array('USERNAME' => $row['username_full'], 'IP' => $row['ip'], 'DATE' => $user->format_date($row['time']), 'ACTION' => $row['action'])); } } if ($auth->acl_get('a_user')) { $user->add_lang('memberlist'); $inactive = array(); $inactive_count = 0; view_inactive_users($inactive, $inactive_count, 10); foreach ($inactive as $row) { $template->assign_block_vars('inactive', array('INACTIVE_DATE' => $user->format_date($row['user_inactive_time']), 'REMINDED_DATE' => $user->format_date($row['user_reminded_time']), 'JOINED' => $user->format_date($row['user_regdate']), 'LAST_VISIT' => !$row['user_lastvisit'] ? ' - ' : $user->format_date($row['user_lastvisit']), 'REASON' => $row['inactive_reason'], 'USER_ID' => $row['user_id'], 'POSTS' => $row['user_posts'] ? $row['user_posts'] : 0, 'REMINDED' => $row['user_reminded'], 'REMINDED_EXPLAIN' => $user->lang('USER_LAST_REMINDED', (int) $row['user_reminded'], $user->format_date($row['user_reminded_time'])), 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], false, append_sid("{$src_admin_path}index.{$phpEx}", 'i=users&mode=overview')), 'USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']), 'USER_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_ADMIN' => append_sid("{$src_admin_path}index.{$phpEx}", "i=users&mode=overview&u={$row['user_id']}"), 'U_SEARCH_USER' => $auth->acl_get('u_search') ? append_sid("{$src_root_path}search.{$phpEx}", "author_id={$row['user_id']}&sr=posts") : '')); } $option_ary = array('activate' => 'ACTIVATE', 'delete' => 'DELETE'); if ($config['email_enable']) { $option_ary += array('remind' => 'REMIND'); } $template->assign_vars(array('S_INACTIVE_USERS' => true, 'S_INACTIVE_OPTIONS' => build_select($option_ary))); } // Warn if install is still present if (file_exists($src_root_path . 'install') && !is_file($src_root_path . 'install')) { $template->assign_var('S_REMOVE_INSTALL', true); } // Warn if no search index is created if ($config['num_posts'] && class_exists($config['search_type'])) { $error = false; $search_type = $config['search_type']; $search = new $search_type($error, $src_root_path, $phpEx, $auth, $config, $db, $user, $src_dispatcher); if (!$search->index_created()) { $template->assign_vars(array('S_SEARCH_INDEX_MISSING' => true, 'L_NO_SEARCH_INDEX' => $user->lang('NO_SEARCH_INDEX', $search->get_name(), '<a href="' . append_sid("{$src_admin_path}index.{$phpEx}", 'i=acp_search&mode=index') . '">', '</a>'))); } } if (!defined('src_DISABLE_CONFIG_CHECK') && file_exists($src_root_path . 'config.' . $phpEx) && src_is_writable($src_root_path . 'config.' . $phpEx)) { // World-Writable? (000x) $template->assign_var('S_WRITABLE_CONFIG', (bool) (@fileperms($src_root_path . 'config.' . $phpEx) & 0x2)); } if (extension_loaded('mbstring')) { $template->assign_vars(array('S_MBSTRING_LOADED' => true, 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING), 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => @ini_get('mbstring.encoding_translation') != 0, 'S_MBSTRING_HTTP_INPUT_FAIL' => !in_array(@ini_get('mbstring.http_input'), array('pass', '')), 'S_MBSTRING_HTTP_OUTPUT_FAIL' => !in_array(@ini_get('mbstring.http_output'), array('pass', '')))); } // Fill dbms version if not yet filled if (empty($config['dbms_version'])) { set_config('dbms_version', $db->sql_server_info(true)); } $this->tpl_name = 'acp_main'; $this->page_title = 'ACP_MAIN'; }
/** * Removes/unlinks file * * @param string $filename Filename to remove * @param bool $check Check file permissions * @return bool True if the file was successfully removed, otherwise false */ function remove_file($filename, $check = false) { if (!function_exists('src_is_writable')) { global $src_root_path, $phpEx; include $src_root_path . 'includes/functions.' . $phpEx; } if ($check && !src_is_writable($this->cache_dir)) { // E_USER_ERROR - not using language entry - intended. trigger_error('Unable to remove files within ' . $this->cache_dir . '. Please check directory permissions.', E_USER_ERROR); } return @unlink($filename); }
/** * Going through a config array and validate values, writing errors to $error. The validation method accepts parameters separated by ':' for string and int. * The first parameter defines the type to be used, the second the lower bound and the third the upper bound. Only the type is required. */ function validate_config_vars($config_vars, &$cfg_array, &$error) { global $src_root_path, $user, $src_dispatcher; $type = 0; $min = 1; $max = 2; foreach ($config_vars as $config_name => $config_definition) { if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) { continue; } if (!isset($config_definition['validate'])) { continue; } $validator = explode(':', $config_definition['validate']); // Validate a bit. ;) (0 = type, 1 = min, 2= max) switch ($validator[$type]) { case 'string': $length = utf8_strlen($cfg_array[$config_name]); // the column is a VARCHAR $validator[$max] = isset($validator[$max]) ? min(255, $validator[$max]) : 255; if (isset($validator[$min]) && $length < $validator[$min]) { $error[] = sprintf($user->lang['SETTING_TOO_SHORT'], $user->lang[$config_definition['lang']], $validator[$min]); } else { if (isset($validator[$max]) && $length > $validator[2]) { $error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$config_definition['lang']], $validator[$max]); } } break; case 'bool': $cfg_array[$config_name] = $cfg_array[$config_name] ? 1 : 0; break; case 'int': $cfg_array[$config_name] = (int) $cfg_array[$config_name]; if (isset($validator[$min]) && $cfg_array[$config_name] < $validator[$min]) { $error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], $validator[$min]); } else { if (isset($validator[$max]) && $cfg_array[$config_name] > $validator[$max]) { $error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$config_definition['lang']], $validator[$max]); } } if (strpos($config_name, '_max') !== false) { // Min/max pairs of settings should ensure that min <= max // Replace _max with _min to find the name of the minimum // corresponding configuration variable $min_name = str_replace('_max', '_min', $config_name); if (isset($cfg_array[$min_name]) && is_numeric($cfg_array[$min_name]) && $cfg_array[$config_name] < $cfg_array[$min_name]) { // A minimum value exists and the maximum value is less than it $error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], (int) $cfg_array[$min_name]); } } break; case 'email': if (!preg_match('/^' . get_preg_expression('email') . '$/i', $cfg_array[$config_name])) { $error[] = $user->lang['EMAIL_INVALID_EMAIL']; } break; // Absolute path // Absolute path case 'script_path': if (!$cfg_array[$config_name]) { break; } $destination = str_replace('\\', '/', $cfg_array[$config_name]); if ($destination !== '/') { // Adjust destination path (no trailing slash) if (substr($destination, -1, 1) == '/') { $destination = substr($destination, 0, -1); } $destination = str_replace(array('../', './'), '', $destination); if ($destination[0] != '/') { $destination = '/' . $destination; } } $cfg_array[$config_name] = trim($destination); break; // Absolute path // Absolute path case 'lang': if (!$cfg_array[$config_name]) { break; } $cfg_array[$config_name] = basename($cfg_array[$config_name]); if (!file_exists($src_root_path . 'language/' . $cfg_array[$config_name] . '/')) { $error[] = $user->lang['WRONG_DATA_LANG']; } break; // Relative path (appended $src_root_path) // Relative path (appended $src_root_path) case 'rpath': case 'rwpath': if (!$cfg_array[$config_name]) { break; } $destination = $cfg_array[$config_name]; // Adjust destination path (no trailing slash) if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') { $destination = substr($destination, 0, -1); } $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) { $destination = ''; } $cfg_array[$config_name] = trim($destination); // Absolute file path // Absolute file path case 'absolute_path': case 'absolute_path_writable': // Path being relative (still prefixed by src_root_path), but with the ability to escape the root dir... // Path being relative (still prefixed by src_root_path), but with the ability to escape the root dir... case 'path': case 'wpath': if (!$cfg_array[$config_name]) { break; } $cfg_array[$config_name] = trim($cfg_array[$config_name]); // Make sure no NUL byte is present... if (strpos($cfg_array[$config_name], "") !== false || strpos($cfg_array[$config_name], '%00') !== false) { $cfg_array[$config_name] = ''; break; } $path = in_array($config_definition['validate'], array('wpath', 'path', 'rpath', 'rwpath')) ? $src_root_path . $cfg_array[$config_name] : $cfg_array[$config_name]; if (!file_exists($path)) { $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]); } if (file_exists($path) && !is_dir($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]); } // Check if the path is writable if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath' || $config_definition['validate'] === 'absolute_path_writable') { if (file_exists($path) && !src_is_writable($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]); } } break; default: /** * Validate a config value * * @event core.validate_config_variable * @var array cfg_array Array with config values * @var string config_name Name of the config we validate * @var array config_definition Array with the options for * this config * @var array error Array of errors, the errors should * be strings only, language keys are * not replaced afterwards * @since 3.1.0-a1 */ $vars = array('cfg_array', 'config_name', 'config_definition', 'error'); extract($src_dispatcher->trigger_event('core.validate_config_variable', compact($vars))); break; } } return; }
/** * Check if the avatar directory is writable and disable avatars * if it isn't writable. */ function disable_avatars_if_unwritable() { global $src_root_path; if (!src_is_writable($src_root_path . 'images/avatars/upload/')) { set_config('allow_avatar', 0); set_config('allow_avatar_upload', 0); } }
/** * Check if user is able to upload an avatar * * @return bool True if user can upload, false if not */ protected function can_upload() { return file_exists($this->src_root_path . $this->config['avatar_path']) && src_is_writable($this->src_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on'); }