/**
* Callback attached in `admin_menu`: admin settings
* @callback
*/
public function admin_view()
{
$data = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$action = $_POST['_action'];
$data['action'] = $action;
// Obligatory CSRF check
if (check_nonce($_POST['_nonce'], $action, $this->_info['id'])) {
// Take action!
switch ($action) {
case 'save':
if ($this->_save($_POST)) {
$data['updated'] = 'Settings saved';
} else {
$data['error'] = 'There was a problem saving data';
}
break;
}
} elseif ($action) {
// Failed CSRF test
$data['error'] = 'Request timed out';
}
}
$this->_load_view('admin', $data);
}
function instapaper_submit()
{
$id = $_GET['id'];
$item = Items::get_instance()->get_item($id);
if (false === $item) {
throw new Exception(_r('Invalid item ID specified', 'instapaper'));
}
$user = get_option('instapaper_user');
if (empty($user)) {
throw new Exception(sprintf(_r('Please set your username and password in the <a href="%s">settings</a>.', 'instapaper'), get_option('baseurl') . 'admin/settings.php'));
}
if (!check_nonce($_GET['_nonce'])) {
throw new Exception(_r('Nonces did not match. Try again.', 'instapaper'));
}
$data = array('username' => get_option('instapaper_user', ''), 'password' => get_option('instapaper_pass', ''), 'url' => $item->permalink, 'title' => apply_filters('the_title', $item->title));
$request = new HTTPRequest('', 2);
$response = $request->post("https://www.instapaper.com/api/add", array(), $data);
switch ($response->status_code) {
case 400:
throw new Exception(_r('Internal error. Please report this.', 'instapaper'));
case 403:
throw new Exception(sprintf(_r('Invalid username/password. Please check your details in the <a href="%s">settings</a>.', 'instapaper'), get_option('baseurl') . 'admin/settings.php'));
case 500:
throw new Exception(_r('An error occurred when contacting Instapaper. Please try again later.', 'instapaper'));
}
instapaper_page_head();
?>
<div id="message">
<h1><?php
_e('Success!');
?>
</h1>
<p class="sidenote"><?php
_e('Closing window in...', 'instapaper');
?>
</p>
<p class="sidenote" id="counter">3</p>
</div>
<script>
$(document).ready(function () {
setInterval(countdown, 1000);
});
function countdown() {
if(timer > 0) {
$('#counter').text(timer);
timer--;
}
else {
self.close();
}
}
var timer = 2;
</script>
<?php
instapaper_page_foot();
die;
}
/**
* check for csrfs
* @param string $action action to pass to check_nonce
* @param string $file file to pass to check_nonce
* @param bool $die if false return instead of die
* @return
*/
function check_for_csrf($action, $file = "", $die = true)
{
// check for csrf
if (!getDef('GSNOCSRF', true) || GSNOCSRF == FALSE) {
$nonce = $_REQUEST['nonce'];
if (!check_nonce($nonce, $action, $file)) {
if ($die) {
die("CSRF detected!");
}
return true;
}
}
}
/**
* check for csrfs
* @param string $action action to pass to check_nonce
* @param string $file file to pass to check_nonce
* @param bool $die if false return instead of die
* @return bool returns true if csrf check fails
*/
function check_for_csrf($action, $file = "", $die = true)
{
// check for csrf
if (!getDef('GSNOCSRF', true)) {
$nonce = $_REQUEST['nonce'];
if (!check_nonce($nonce, $action, $file)) {
exec_action('csrf');
// @hook csrf a csrf was detected
if (requestIsAjax()) {
$error = i18n_r("CSRF", "CRSF Detected!");
echo "<div>";
// jquery bug will not parse 1 html element so we wrap it
include 'template/error_checking.php';
echo "</div>";
die;
}
if ($die) {
die(i18n_r("CSRF", "CRSF Detected!"));
}
return true;
}
}
}
<?php
$resp = \shgysk8zer0\Core\JSON_Response::load();
check_nonce();
switch (trim($_POST['form'])) {
case 'login':
$invalid = check_inputs(['user' => is_email($_POST['user']), 'password' => pattern('password')]);
if (is_null($invalid)) {
$login->loginWith(['user' => $_POST['user'], 'password' => $_POST['password']]);
if ($login->logged_in) {
$session->setUser($login->user)->setPassword($login->password)->setRole($login->role)->setLogged_In(true);
$resp->close('#loginDialog')->disable('#main_menu [label=Login]')->enable('#main_menu menuitem[label=Logout]')->attributes('body > main', 'contextmenu', 'admin_menu')->notify('Welcome back,', $login->user);
} else {
$resp->notify('Login not accepted', 'Check your email & password', 'images/icons/people.png');
}
} else {
$resp->notify('Login not accepted', 'Check your email & password', 'images/icons/people.png');
}
break;
case 'compose_email':
require_login('admin');
$email = new \shgysk8zer0\Core\email(array_map('trim', explode(',', $_POST['compose_email']['to'])), trim($_POST['compose_email']['subject']), $_POST['compose_email']['message']);
if ($email->send(true)) {
$resp->notify('Success!', 'Email Sent', 'images/icons/envelope.png')->remove('#email_dialog');
} else {
$resp->notify('Failed!', 'Unable to send email, check your Internet connection', 'images/icons/envelope.png');
}
break;
case 'email_admin':
if (is_email($_POST['email_admin']['from'])) {
$email = new \shgysk8zer0\Core\email($_SERVER['SERVER_ADMIN'], $_POST['email_admin']['subject'], strip_tags($_POST['email_admin']['message']));
if (isset($_GET['t'])) {
$_GET['t'] = strippath($_GET['t']);
if ($_GET['t'] && is_dir($relative . 'theme/' . $_GET['t'] . '/')) {
$TEMPLATE = $_GET['t'];
}
}
if (isset($_GET['f'])) {
$_GET['f'] = strippath($_GET['f']);
if ($_GET['f'] && is_file($relative . 'theme/' . $TEMPLATE . '/' . $_GET['f'])) {
$TEMPLATE_FILE = $_GET['f'];
}
}
// Save?
if (isset($_POST['submitsave'])) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "save")) {
die("CSRF detected!");
}
$SavedFile = $_POST['edited_file'];
$FileContents = stripslashes(htmlspecialchars_decode($_POST['content'], ENT_QUOTES));
$fh = fopen($relative . 'theme/' . $SavedFile, 'w') or die("can't open file");
fwrite($fh, $FileContents);
fclose($fh);
$success = sprintf($i18n['TEMPLATE_FILE'], $SavedFile);
}
// No template file?
if (!$TEMPLATE_FILE) {
$TEMPLATE_FILE = 'template.php';
}
// Setup
$themes_path = $relative . 'theme';
$xml = getXML($file);
$private = $xml->xpath('/item/private');
$oldprivate = (string) $private[0];
if ($oldprivate == null) {
$private[0][0] = "Y";
echo "P1";
} else {
$private[0][0] = '';
echo "P0";
}
$bakfile = GSBACKUPSPATH . "pages/" . $id . ".bak.xml";
copy($file, $bakfile);
XMLsave($xml, $file);
create_pagesxml(true);
}
if (check_nonce($nonce, "menu", "toggle.php")) {
$file = GSDATAPAGESPATH . $id . ".xml";
$xml = getXML($file);
$status = $xml->xpath('/item/menuStatus');
$oldstatus = (string) $status[0];
if ($oldstatus == null) {
$status[0][0] = "Y";
echo "M1";
} else {
$status[0][0] = '';
echo "M0";
}
$bakfile = GSBACKUPSPATH . "pages/" . $id . ".bak.xml";
copy($file, $bakfile);
XMLsave($xml, $file);
create_pagesxml(true);
}
if (!validate_plugin($plugin_file)) {
return false;
}
unset($current_plugins[md5($plugin_file)]);
$data = new DataHandler();
$data->save('plugins.data', serialize($current_plugins));
return true;
}
if (isset($_REQUEST['activate_plugin'])) {
activate_plugin($_REQUEST['activate_plugin']);
} elseif (isset($_REQUEST['deactivate_plugin'])) {
deactivate_plugin($_REQUEST['deactivate_plugin']);
}
if (!empty($_POST['action']) && $_POST['action'] == 'settings' && !empty($_POST['_nonce'])) {
if (!check_nonce($_POST['_nonce'])) {
lilina_nice_die('Nonces do not match.');
}
clear_html_cache();
/** Needs better validation */
if (!empty($_POST['sitename'])) {
update_option('sitename', $_REQUEST['sitename']);
}
if (!empty($_POST['template'])) {
update_option('template', $_REQUEST['template']);
}
if (!empty($_POST['locale'])) {
update_option('locale', $_REQUEST['locale']);
}
if (!empty($_POST['timezone'])) {
update_option('timezone', $_REQUEST['timezone']);
// Include common.php
include 'inc/common.php';
// check form referrer - needs siteurl and edit.php in it.
if (isset($_SERVER['HTTP_REFERER'])) {
if (!(strpos(str_replace('http://www.', '', $SITEURL), $_SERVER['HTTP_REFERER']) === false) || !(strpos("edit.php", $_SERVER['HTTP_REFERER']) === false)) {
echo "<b>Invalid Referer</b><br />-------<br />";
echo 'Invalid Referer: ' . htmlentities($_SERVER['HTTP_REFERER'], ENT_QUOTES);
die('Invalid Referer');
}
}
login_cookie_check();
if (isset($_POST['submitted'])) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "edit", "edit.php")) {
die("CSRF detected!");
}
}
if (trim($_POST['post-title']) == '') {
redirect("edit.php?upd=edit-err&type=" . urlencode(i18n_r('CANNOT_SAVE_EMPTY')));
} else {
$url = "";
$title = "";
$metad = "";
$metak = "";
$cont = "";
// is a slug provided?
if ($_POST['post-id']) {
$url = $_POST['post-id'];
if (isset($i18n['TRANSLITERATION']) && is_array($translit = $i18n['TRANSLITERATION']) && count($translit > 0)) {
}
if ($p == 'delete') {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "delete", "backup-edit.php")) {
die("CSRF detected!");
}
}
delete_bak($id);
redirect("backups.php?upd=bak-success&id=" . $id);
} elseif ($p == 'restore') {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "restore", "backup-edit.php")) {
die("CSRF detected!");
}
}
if (isset($_GET['new'])) {
updateSlugs($_GET['new'], $id);
restore_bak($id);
$existing = GSDATAPAGESPATH . $_GET['new'] . ".xml";
$bakfile = GSBACKUPSPATH . "pages/" . $_GET['new'] . ".bak.xml";
copy($existing, $bakfile);
unlink($existing);
redirect("edit.php?id=" . $id . "&old=" . $_GET['new'] . "&upd=edit-success&type=restore");
} else {
restore_bak($id);
redirect("edit.php?id=" . $id . "&upd=edit-success&type=restore");
}
$success = $msg . '<br />';
}
}
if (sizeof($errors) != 0) {
foreach ($errors as $msg) {
$error = $msg . '<br />';
}
}
}
}
// if creating new folder
if (isset($_GET['newfolder'])) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "createfolder")) {
die("CSRF detected!");
}
}
$newfolder = $_GET['newfolder'];
// check for invalid chars
$cleanname = clean_url(to7bit(strippath($newfolder), "UTF-8"));
if (file_exists($path . $cleanname) || $cleanname == '') {
$error = i18n_r('ERROR_FOLDER_EXISTS');
} else {
if (defined('GSCHMOD')) {
$chmod_value = GSCHMOD;
} else {
$chmod_value = 0755;
}
if (mkdir($path . $cleanname, $chmod_value)) {
/**
* Reset Password
*
* Resets the password for GetSimple control panel access
*
* @package GetSimple
* @subpackage Login
*/
# setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
if (isset($_POST['submitted'])) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "reset_password")) {
die("CSRF detected!");
}
}
$randSleep = rand(250000, 2000000);
// random sleep for .25 to 2 seconds
if (isset($_POST['username']) and !empty($_POST['username'])) {
# user filename
$file = _id($_POST['username']) . '.xml';
# get user information from existing XML file
if (filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH)) {
$data = simplexml_load_file(GSUSERSPATH . $file);
$USR = strtolower($data->USR);
$EMAIL = $data->EMAIL;
if (strtolower($_POST['username']) == $USR) {
# create new random password
require_once 'admin.php';
require_once LILINA_PATH . '/admin/includes/settings.php';
do_action('register_options');
if (isset($_REQUEST['activate_plugin'])) {
activate_plugin($_REQUEST['activate_plugin']);
header('HTTP/1.1 302 Found', true, 302);
header('Location: ' . get_option('baseurl') . 'admin/settings.php?activated=1');
die;
} elseif (isset($_REQUEST['deactivate_plugin'])) {
deactivate_plugin($_REQUEST['deactivate_plugin']);
header('HTTP/1.1 302 Found', true, 302);
header('Location: ' . get_option('baseurl') . 'admin/settings.php?deactivated=1');
die;
}
if (!empty($_POST['action']) && $_POST['action'] == 'settings' && !empty($_POST['_nonce'])) {
if (!check_nonce('settings', $_POST['_nonce'])) {
lilina_nice_die('Nonces do not match.');
}
$updatable_options = AdminOptions::instance()->whitelisted;
foreach ($updatable_options as $option) {
if (!empty($_POST[$option])) {
$value = apply_filters('options-sanitize-' . $option, $_POST[$option]);
update_option($option, $value);
}
}
do_action('settings_after_update');
header('HTTP/1.1 302 Found', true, 302);
header('Location: ' . get_option('baseurl') . 'admin/settings.php?updated=1');
die;
}
require_once LILINA_INCPATH . '/core/file-functions.php';
/**
* Callback attached in `admin_menu`: admin settings
* @callback
*/
public function admin_view()
{
$data = array('archivers' => $this->_scan_archivers(), 'providers' => $this->_scan_providers(), 'frequencies' => $this->scheduler->frequencies());
$view = 'admin';
if ($this->_view !== NULL) {
// FIXME: this could be prettier.
return $this->_load_view($this->_view[0], $this->_view[1]);
}
// force authorization before plugin may be used.
if (!$this->is_authorized()) {
// show "authorize me" page
return $this->_load_view('authorize', $data);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$action = $_POST['_action'];
$data['action'] = $action;
// Obligatory CSRF check
if (check_nonce($_POST['_nonce'], $action, $this->_info['id'])) {
// Take action!
switch ($action) {
//
// Create a backup
//
case 'backup':
if ($error = $this->backup()) {
$data['error'] = $error;
} else {
$data['updated'] = 'Site backed up';
}
break;
//
// Update/save settings
//
//
// Update/save settings
//
case 'settings':
$this->_save($_POST);
break;
}
} elseif ($action) {
// Failed CSRF test
$data['error'] = 'Request timed out';
}
}
// show "admin" page
$this->_load_view($view, $data);
}
generate_sitemap();
# redirect back to yourself to show the new restored data
redirect('settings.php?restored=true');
}
# was this page restored?
if (isset($_GET['restored'])) {
$restored = 'true';
} else {
$restored = 'false';
}
# was the form submitted?
if (isset($_POST['submitted'])) {
# first check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "save_settings")) {
die("CSRF detected!");
}
}
# website-specific fields
if (isset($_POST['sitename'])) {
$SITENAME = htmlentities($_POST['sitename'], ENT_QUOTES, 'UTF-8');
}
if (isset($_POST['siteurl'])) {
$SITEURL = tsl($_POST['siteurl']);
}
if (isset($_POST['permalink'])) {
$PERMALINK = trim($_POST['permalink']);
}
if (isset($_POST['template'])) {
$TEMPLATE = $_POST['template'];
* @subpackage Theme
*/
# setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
# variable settings
login_cookie_check();
$path = GSDATAOTHERPATH;
$file = "website.xml";
$theme_options = '';
# was the form submitted?
if (isset($_POST['submitted']) && isset($_POST['template'])) {
# check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_POST['nonce'];
if (!check_nonce($nonce, "activate")) {
die("CSRF detected!");
}
}
# get passed value from form
$TEMPLATE = $_POST['template'];
# backup old website.xml file
$bakpath = GSBACKUPSPATH . 'other/';
createBak($file, $path, $bakpath);
# udpate website.xml file with new theme
$xml = new SimpleXMLExtended('<item></item>');
$note = $xml->addChild('SITENAME');
$note->addCData($SITENAME);
$note = $xml->addChild('SITEURL');
$note->addCData($SITEURL);
$note = $xml->addChild('TEMPLATE');
* @Action: Displays and changes website settings
*
*****************************************************/
// Setup inclusions
$load['plugin'] = true;
// Relative
$relative = '../';
$path = $relative . 'data/other/';
$bakpath = $relative . 'backups/other/';
// Include common.php
include 'inc/common.php';
login_cookie_check();
// if the undo command was invoked
if (isset($_GET['undo'])) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "undo", "support.php")) {
die("CSRF detected!");
}
$ufile = 'cp_settings.xml';
undo($ufile, $path, $bakpath);
header('Location: support.php?rest=true');
}
if (isset($_GET['restored'])) {
$restored = 'true';
} else {
$restored = 'false';
}
// were changes submitted?
if (isset($_POST['submitted'])) {
$success = $i18n['SETTINGS_UPDATED'] . '. <a href="support.php?undo&nonce=' . get_nonce("restore", "support.php") . '">' . $i18n['UNDO'] . '</a>';
}
* Delete File
*
* Deletes Files based on what is passed to it
*
* @package GetSimple
* @subpackage Delete-Files
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
login_cookie_check();
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "delete", "deletefile.php")) {
die("CSRF detected!");
}
}
// are we deleting pages?
if (isset($_GET['id'])) {
$id = $_GET['id'];
if ($id == 'index') {
redirect('pages.php?upd=edit-error&type=' . urlencode(i18n_r('HOMEPAGE_DELETE_ERROR')));
} else {
updateSlugs($id);
$status = delete_file($id);
generate_sitemap();
exec_action('page-delete');
redirect("pages.php?upd=edit-" . $status . "&id=" . $id . "&type=delete");
}
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
// Variable settings
login_cookie_check();
$path = GSBACKUPSPATH . 'pages/';
$counter = '0';
$table = '';
// delete all backup files if the ?deleteall session parameter is set
if (isset($_GET['deleteall'])) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "deleteall")) {
die("CSRF detected!");
}
}
$filenames = getFiles($path);
foreach ($filenames as $file) {
if (file_exists($path . $file)) {
if (isFile($file, $path, 'bak')) {
unlink($path . $file);
}
}
}
$success = i18n_r('ER_FILE_DEL_SUC');
}
//display all page backups
$filenames = getFiles($path);
login_cookie_check();
$log_name = isset($_GET['log']) ? $_GET['log'] : '';
$log_path = GSDATAOTHERPATH . 'logs/';
$log_file = $log_path . $log_name;
$whois_url = 'http://whois.arin.net/rest/ip/';
if (!is_file($log_file)) {
$log_data = false;
}
if (empty($log_data) && !empty($log_name) && !filepath_is_safe($log_file, $log_path)) {
die;
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && strlen($log_name) > 0) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "delete")) {
die("CSRF detected!");
}
}
unlink($log_file);
exec_action('logfile_delete');
redirect('support.php?success=' . urlencode('Log ' . $log_name . i18n_r('MSG_HAS_BEEN_CLR')));
}
if (!isset($log_data)) {
$log_data = getXML($log_file);
}
get_template('header', cl($SITENAME) . ' » ' . i18n_r('SUPPORT') . ' » ' . i18n_r('LOGS'));
?>
<?php
include 'template/include-nav.php';
/**
* All Plugins
*
* Displays all installed plugins
*
* @package GetSimple
* @subpackage Plugins
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
$pluginid = isset($_GET['set']) ? $_GET['set'] : null;
$nonce = isset($_GET['nonce']) ? $_GET['nonce'] : null;
if ($pluginid) {
if (check_nonce($nonce, "set", "plugins.php")) {
$plugin = antixss($pluginid);
change_plugin($pluginid);
redirect('plugins.php');
}
}
// Variable settings
login_cookie_check();
$counter = 0;
$table = null;
$pluginfiles = getFiles(GSPLUGINPATH);
sort($pluginfiles);
$needsupdate = false;
foreach ($pluginfiles as $fi) {
$pathExt = pathinfo($fi, PATHINFO_EXTENSION);
$pathName = pathinfo_filename($fi);
$c_note = $components->addChild('title');
$c_note->addCData(@$comp['title']);
$components->addChild('slug', @$comp['slug']);
$c_note = $components->addChild('value');
$c_note->addCData(@$comp['value']);
$count++;
}
}
exec_action('component-save');
XMLsave($xml, $path . $file);
header('Location: components.php?upd=comp-success');
}
// if undo was invoked
if (isset($_GET['undo'])) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "undo")) {
die("CSRF detected!");
}
undo($file, $path, $bakpath);
header('Location: components.php?upd=comp-restored');
}
//create list of components for html
$data = getXML($path . $file);
$componentsec = $data->item;
$count = 0;
if (count($componentsec) != 0) {
foreach ($componentsec as $component) {
$table .= '<div class="compdiv" id="section-' . @$count . '"><table class="comptable" ><tr><td><b title="Double Click to Edit" class="editable">' . stripslashes(@$component->title) . '</b></td>';
$table .= '<td style="text-align:right;" ><code><?php get_component(<span class="compslugcode">\'' . @$component->slug . '\'</span>); ?></code></td><td class="delete" >';
$table .= '<a href="#" title="' . $i18n['DELETE_COMPONENT'] . ': ' . cl(@$component->title) . '?" id="del-' . $count . '" onClick="DeleteComp(\'' . $count . '\'); return false;" >X</a></td></tr></table>';
$table .= '<textarea name="val[]">' . stripslashes(@$component->value) . '</textarea>';
* Displays and starts the website archives
* @subpackage Backups
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
// Variable Settings
login_cookie_check();
$table = '';
// if a backup needs to be created
if (isset($_GET['do'])) {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "create")) {
die("CSRF detected!");
}
}
exec_action('archive-backup');
redirect('zip.php?s=' . $SESSIONHASH);
}
// if a backup has just been created
if (isset($_GET['done'])) {
$success = i18n_r('SUCC_WEB_ARCHIVE');
}
if (isset($_GET['nozip'])) {
$error = i18n_r('NO_ZIPARCHIVE') . ' - <a href="health-check.php">' . i18n_r('WEB_HEALTH_CHECK') . '</a>';
}
get_template('header', cl($SITENAME) . ' » ' . i18n_r('BAK_MANAGEMENT') . ' » ' . i18n_r('WEBSITE_ARCHIVES'));
?>
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
// Variable settings
login_cookie_check();
$id = isset($_GET['id']) ? $_GET['id'] : null;
$ptype = isset($_GET['type']) ? $_GET['type'] : null;
$path = GSDATAPAGESPATH;
$counter = '0';
$table = '';
# clone attempt happening
if (isset($_GET['action']) && isset($_GET['id']) && $_GET['action'] == 'clone') {
// check for csrf
if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "clone", "pages.php")) {
die("CSRF detected!");
}
}
# check to not overwrite
$count = 1;
$newfile = GSDATAPAGESPATH . $_GET['id'] . "-" . $count . ".xml";
if (file_exists($newfile)) {
while (file_exists($newfile)) {
$count++;
$newfile = GSDATAPAGESPATH . $_GET['id'] . "-" . $count . ".xml";
}
}
$newurl = $_GET['id'] . '-' . $count;
# do the copy
$status = copy($path . $_GET['id'] . '.xml', $path . $newurl . '.xml');
* All Plugins
*
* Displays all installed plugins
*
* @package GetSimple
* @subpackage Plugins
*/
// Setup inclusions
$load['plugin'] = true;
// Include common.php
include 'inc/common.php';
login_cookie_check();
$pluginid = isset($_GET['set']) ? $_GET['set'] : null;
$nonce = isset($_GET['nonce']) ? $_GET['nonce'] : null;
if ($pluginid) {
if (check_nonce($nonce, "set_" . pathinfo_filename($pluginid), "plugins.php")) {
$plugin = antixss($pluginid);
change_plugin($plugin);
redirect('plugins.php?success=' . i18n_r('PLUGIN_UPDATED'));
} else {
redirect('plugins.php?error=' . i18n_r('ERROR_OCCURED'));
}
}
// Variable settings
$counter = 0;
$table = '';
$needsupdate = false;
$plugin_info_sorted = subval_sort($plugin_info, 'name');
foreach ($plugin_info_sorted as $pluginid => $plugininfo) {
$setNonce = '&nonce=' . get_nonce("set_" . $pluginid, "plugins.php");
// @todo disabled plugins have a version of (str) 'disabled', should be 0 or null
