* License for the specific language governing rights and limitations * under the License. * * @category phpMyFAQ * @package Administration * @author Thorsten Rinne <*****@*****.**> * @copyright 2003-2011 phpMyFAQ Team * @license http://www.mozilla.org/MPL/MPL-1.1.html Mozilla Public License Version 1.1 * @link http://www.phpmyfaq.de * @since 2003-02-23 */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $logging = new PMF_Logging(); if ($permission['adminlog'] && 'adminlog' == $action) { $perpage = 15; $pages = PMF_Filter::filterInput(INPUT_GET, 'pages', FILTER_VALIDATE_INT); $page = PMF_Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 1); if (is_null($pages)) { $pages = round(($logging->getNumberOfEntries() + $perpage / 3) / $perpage, 0); } $start = ($page - 1) * $perpage; $ende = $start + $perpage; $PageSpan = PageSpan("<a href=\"?action=adminlog&pages=" . $pages . "&page=<NUM>\">", 1, $pages, $page); $logging_data = $logging->getAll(); ?> <h2><?php print $PMF_LANG["ad_adminlog"]; ?>
* @package Administration * @author Thorsten Rinne <*****@*****.**> * @copyright 2003-2014 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2003-02-23 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $logging = new PMF_Logging($faqConfig); if ($user->perm->checkRight($user->getUserId(), 'adminlog') && 'adminlog' == $action) { $date = new PMF_Date($faqConfig); $perpage = 15; $pages = PMF_Filter::filterInput(INPUT_GET, 'pages', FILTER_VALIDATE_INT); $page = PMF_Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 1); if (is_null($pages)) { $pages = round(($logging->getNumberOfEntries() + $perpage / 3) / $perpage, 0); } $start = ($page - 1) * $perpage; $ende = $start + $perpage; $baseUrl = sprintf('%s?action=adminlog&page=%d', PMF_Link::getSystemRelativeUri(), $page); // Pagination options $options = array('baseUrl' => $baseUrl, 'total' => $logging->getNumberOfEntries(), 'perPage' => $perpage, 'pageParamName' => 'page'); $pagination = new PMF_Pagination($faqConfig, $options); $loggingData = $logging->getAll();
$user = new PMF_User_CurrentUser(); if ($faqconfig->get('main.ldapSupport')) { $authLdap = new PMF_Auth_AuthLdap(); $user->addAuth($authLdap, 'ldap'); } if ($user->login($faqusername, $faqpassword)) { // login, if user account is NOT blocked if ($user->getStatus() != 'blocked') { $auth = true; } else { $error = $PMF_LANG['ad_auth_fail']; $user = null; } } else { // error $logging = new PMF_Logging(); $logging->logAdmin($user, 'Loginerror\\nLogin: '******'\\nPass: ********'); $error = $PMF_LANG['ad_auth_fail']; $user = null; } } else { // authenticate with session information $user = PMF_User_CurrentUser::getFromSession($faqconfig->get('main.ipCheck')); if ($user) { $auth = true; } else { $user = null; } } // get user rights $permission = array();
$user->addAuth($authLdap, 'ldap'); } if ($faqConfig->get('security.ssoSupport')) { $authSso = new PMF_Auth_Sso($faqConfig); $user->addAuth($authSso, 'sso'); } if ($user->login($faqusername, $faqpassword)) { // login, if user account is NOT blocked if ($user->getStatus() != 'blocked') { $auth = true; } else { $error = $PMF_LANG['ad_auth_fail']; } } else { // error $logging = new PMF_Logging($faqConfig); $logging->logAdmin($user, 'Loginerror\\nLogin: '******'\\nErrors: ' . implode(', ', $user->errors)); $error = $PMF_LANG['ad_auth_fail']; } } else { // Try to authenticate with cookie information $user = PMF_User_CurrentUser::getFromCookie($faqConfig); // authenticate with session information if (!$user instanceof PMF_User_CurrentUser) { $user = PMF_User_CurrentUser::getFromSession($faqConfig); } if ($user instanceof PMF_User_CurrentUser) { $auth = true; } else { $user = new PMF_User_CurrentUser($faqConfig); }
<script type="text/javascript"> $(document).ready(function(){ setTimeout(function() { window.location = "index.php?action=editentry&id=<?php print $record_id; ?> &lang=<?php print $recordData['lang']; ?> "; }, 5000); }); </script> <?php } elseif (isset($submit['submit'][0])) { $logging = new PMF_Logging(); $logging->logAdmin($user, 'Beitragdel, ' . $record_id); $path = PMF_ROOT_DIR . DIRECTORY_SEPARATOR . PMF_ATTACHMENTS_DIR . DIRECTORY_SEPARATOR . $record_id . '/'; if (@is_dir($path)) { $do = dir($path); while ($dat = $do->read()) { if ($dat != "." && $dat != "..") { unlink($path . $dat); } } rmdir($path); } $faq->deleteRecord($record_id, $record_lang); printf('<p class="success">%s</p>', $PMF_LANG['ad_entry_delsuc']); } } else {
$keywords = PMF_Filter::filterInput(INPUT_POST, 'keywords', FILTER_SANITIZE_STRING); $author = PMF_Filter::filterInput(INPUT_POST, 'author', FILTER_SANITIZE_STRING); $email = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $record_id = PMF_Filter::filterInput(INPUT_POST, 'id', FILTER_VALIDATE_INT); $solution_id = PMF_Filter::filterInput(INPUT_POST, 'solution_id', FILTER_VALIDATE_INT); $revision_id = PMF_Filter::filterInput(INPUT_POST, 'revision_id', FILTER_VALIDATE_INT); $changed = PMF_Filter::filterInput(INPUT_POST, 'changed', FILTER_SANITIZE_STRING); // Permissions $user_permission = PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING); $restricted_users = 'all' == $user_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT); $group_permission = PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING); $restricted_groups = 'all' == $group_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_groups', FILTER_VALIDATE_INT); if (isset($submit['submit'][1]) && !is_null($question) && !is_null($categories['rubrik'])) { // new entry $logging = new PMF_Logging(); $logging->logAdmin($user, 'Beitragcreatesave'); printf("<h2>%s</h2>\n", $PMF_LANG['ad_entry_aor']); $recordData = array('id' => null, 'lang' => $record_lang, 'active' => $active, 'sticky' => !is_null($sticky) ? 1 : 0, 'thema' => html_entity_decode($question), 'content' => html_entity_decode($content), 'keywords' => $keywords, 'author' => $author, 'email' => $email, 'comment' => !is_null($comment) ? 'y' : 'n', 'date' => date('YmdHis'), 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'linkState' => '', 'linkDateCheck' => 0); // Add new record and get that ID $faqRecord = new PMF_Faq_Record(); $faqChangelog = new PMF_Faq_Changelog(); if ($faqRecord->create($recordData)) { $recordId = $faqRecord->getRecordId(); // Create ChangeLog entry $changelogData = array('record_id' => $recordId, 'record_lang' => $recordData['lang'], 'revision_id' => 0, 'user_id' => $user->getUserId(), 'date' => $_SERVER['REQUEST_TIME'], 'changelog' => nl2br($changed)); $faqChangelog->create($changelogData); // Create the visit entry $visits = PMF_Visits::getInstance(); $visits->add($recordId, $recordData['lang']); // Insert the new category relations
foreach ($categories['rubrik'] as $categoryId) { $categoryData = array('category_id' => $categoryId, 'category_lang' => $categoryRelations->getLanguage(), 'record_id' => $record_id, 'record_lang' => $record_lang); // delete category relations $categoryRelations->delete($categoryId); // save or update the category relations $categoryRelations->create($categoryData); // Add user permissions $userPermission = array('category_id' => $categoryId, 'user_id' => $restricted_users); $categoryUser->update($categoryId, $userPermission); // Add group permission $groupPermission = array('category_id' => $categoryId, 'group_id' => $restricted_groups); $categoryGroup->update($category, $group_permission); } } elseif (isset($submit['submit'][0])) { $faqRecord = new PMF_Faq_Record(); $logging = new PMF_Logging(); $logging->logAdmin($user, 'Deleted record ' . $record_id); $path = PMF_ROOT_DIR . DIRECTORY_SEPARATOR . PMF_ATTACHMENTS_DIR . DIRECTORY_SEPARATOR . $record_id . '/'; if (@is_dir($path)) { $do = dir($path); while ($dat = $do->read()) { if ($dat != "." && $dat != "..") { unlink($path . $dat); } } rmdir($path); } $faq->deleteRecord($record_id, $record_lang); //$faqRecord->delete($record_id); print $PMF_LANG['ad_entry_delsuc']; }
$date = PMF_Filter::filterInput(INPUT_POST, 'date', FILTER_SANITIZE_STRING); // Permissions $permissions = array(); if ('all' === PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING)) { $permissions += array('restricted_user' => array(-1)); } else { $permissions += array('restricted_user' => array(PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT))); } if ('all' === PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING)) { $permissions += array('restricted_groups' => array(-1)); } else { $permissions += PMF_Filter::filterInputArray(INPUT_POST, array('restricted_groups' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY))); } if (!is_null($question) && !is_null($categories)) { // Save entry $logging = new PMF_Logging($faqConfig); $logging->logAdmin($user, 'Beitragsave ' . $recordId); printf('<header><h2><i class="icon-pencil"></i> %s</h2></header>', $PMF_LANG['ad_entry_aor']); $tagging = new PMF_Tags($faqConfig); if ('yes' == $revision) { // Add current version into revision table $faq->addNewRevision($recordId, $recordLang); $revisionId++; } $recordData = array('id' => $recordId, 'lang' => $recordLang, 'revision_id' => $revisionId, 'active' => $active, 'sticky' => !is_null($sticky) ? 1 : 0, 'thema' => html_entity_decode($question), 'content' => html_entity_decode($content), 'keywords' => $keywords, 'author' => $author, 'email' => $email, 'comment' => !is_null($comment) ? 'y' : 'n', 'date' => empty($date) ? date('YmdHis') : str_replace(array('-', ':', ' '), '', $date), 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'linkState' => '', 'linkDateCheck' => 0); // Create ChangeLog entry $faq->createChangeEntry($recordId, $user->getUserId(), nl2br($changed), $recordLang, $revisionId); // Create the visit entry $visits = new PMF_Visits($faqConfig); $visits->add($recordId); // save or update the FAQ record
$faqSearchResult->reviewResultset($searchResult); $searchHelper = new PMF_Helper_Search($faqConfig); $searchHelper->setSearchterm($searchString); echo $searchHelper->renderAdminSuggestionResult($faqSearchResult); } } else { echo $PMF_LANG['err_NotAuth']; } break; // delete FAQs // delete FAQs case 'delete_record': if ($permission['delbt']) { $recordId = PMF_Filter::filterInput(INPUT_POST, 'record_id', FILTER_VALIDATE_INT); $recordLang = PMF_Filter::filterInput(INPUT_POST, 'record_lang', FILTER_SANITIZE_STRING); $logging = new PMF_Logging($faqConfig); $logging->logAdmin($user, 'Deleted FAQ ID ' . $recordId); $faq->deleteRecord($recordId, $recordLang); echo $PMF_LANG['ad_entry_delsuc']; } else { echo $PMF_LANG['err_NotAuth']; } break; // delete open questions // delete open questions case 'delete_question': if ($permission['delquestion']) { $checks = array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY); $questionIds = PMF_Filter::filterInputArray(INPUT_POST, array('questions' => $checks)); if (!is_null($questionIds['questions'])) { foreach ($questionIds['questions'] as $questionId) {