示例#1
0
# variable settings
$path = GSDATAOTHERPATH;
$file = GSWEBSITEFILE;
$theme_options = '';
# was the form submitted?
if (isset($_POST['submitted']) && isset($_POST['template'])) {
    check_for_csrf("activate");
    # get passed value from form
    $newTemplate = var_in($_POST['template']);
    if (!path_is_safe(GSTHEMESPATH . $newTemplate, GSTHEMESPATH)) {
        die;
    }
    # backup old GSWEBSITEFILE (website.xml) file
    $bakpath = GSBACKUPSPATH . getRelPath(GSDATAOTHERPATH, GSDATAPATH);
    // backups/other/
    createBak($file, $path, $bakpath);
    # udpate GSWEBSITEFILE (website.xml) file with new theme
    $xml = new SimpleXMLExtended('<item></item>');
    $note = $xml->addChild('SITENAME');
    $note->addCData($SITENAME);
    $note = $xml->addChild('SITEURL');
    $note->addCData($SITEURL);
    $note = $xml->addChild('TEMPLATE');
    $note->addCData($newTemplate);
    $xml->addChild('PRETTYURLS', $PRETTYURLS);
    $xml->addChild('PERMALINK', $PERMALINK);
    XMLsave($xml, $path . $file);
    $success = i18n_r('THEME_CHANGED');
    $TEMPLATE = $newTemplate;
    // set new global
}
 } else {
     $err .= i18n_r('USERNAME_ERROR') . '<br />';
 }
 if (!check_email_address($_POST['email'])) {
     $err .= i18n_r('EMAIL_ERROR') . '<br />';
 } else {
     $EMAIL = $_POST['email'];
 }
 # if there were no errors, continue setting up the site
 if ($err == '') {
     # create new password
     $random = createRandomPassword();
     $PASSWD = passhash($random);
     # create user xml file
     $file = _id($USR) . '.xml';
     createBak($file, GSUSERSPATH, GSBACKUSERSPATH);
     $xml = new SimpleXMLElement('<item></item>');
     $xml->addChild('USR', $USR);
     $xml->addChild('PWD', $PASSWD);
     $xml->addChild('EMAIL', $EMAIL);
     $xml->addChild('HTMLEDITOR', '1');
     $xml->addChild('TIMEZONE', $TIMEZONE);
     $xml->addChild('LANG', $LANG);
     if (!XMLsave($xml, GSUSERSPATH . $file)) {
         $kill = i18n_r('CHMOD_ERROR');
     }
     # create password change trigger file
     $flagfile = GSUSERSPATH . _id($USR) . ".xml.reset";
     copy(GSUSERSPATH . $file, $flagfile);
     # create new website.xml file
     $file = 'website.xml';
示例#3
0
     unlink(GSUSERSPATH . _id($USR) . '.xml.reset');
 }
 $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>');
 $xml->addChild('USR', $USR);
 $xml->addChild('NAME', var_out($NAME));
 $xml->addChild('PWD', $PASSWD);
 $xml->addChild('EMAIL', var_out($EMAIL, 'email'));
 $xml->addChild('HTMLEDITOR', $HTMLEDITOR);
 $xml->addChild('TIMEZONE', $TIMEZONE);
 $xml->addChild('LANG', $LANG);
 exec_action('settings-user');
 if (!XMLsave($xml, GSUSERSPATH . $file)) {
     $error = i18n_r('CHMOD_ERROR');
 }
 # create website xml file
 createBak($wfile, GSDATAOTHERPATH, GSBACKUPSPATH . 'other/');
 $xmls = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>');
 $note = $xmls->addChild('SITENAME');
 $note->addCData($SITENAME);
 $note = $xmls->addChild('SITEURL');
 $note->addCData($SITEURL);
 $note = $xmls->addChild('TEMPLATE');
 $note->addCData($TEMPLATE);
 $xmls->addChild('PRETTYURLS', $PRETTYURLS);
 $xmls->addChild('PERMALINK', var_out($PERMALINK));
 exec_action('settings-website');
 if (!XMLsave($xmls, GSDATAOTHERPATH . $wfile)) {
     $error = i18n_r('CHMOD_ERROR');
 }
 # see new language file immediately
 include GSLANGPATH . $LANG . '.php';
示例#4
0
     $SITEEMAIL = var_in($_POST['email'], 'email');
 }
 if (isset($_POST['timezone'])) {
     $SITETIMEZONE = var_in($_POST['timezone']);
 }
 if (isset($_POST['lang'])) {
     $SITELANG = var_in($_POST['lang']);
 }
 // check valid lang files
 if (!in_array($LANG . '.php', $lang_array) and !in_array($LANG . '.PHP', $lang_array)) {
     die;
 }
 # create website xml file
 $bakpath = GSBACKUPSPATH . getRelPath(GSDATAOTHERPATH, GSDATAPATH);
 // backups/other/
 createBak(GSWEBSITEFILE, GSDATAOTHERPATH, $bakpath);
 $xmls = new SimpleXMLExtended('<item></item>');
 $note = $xmls->addChild('SITENAME');
 $note->addCData($SITENAME);
 $note = $xmls->addChild('SITEURL');
 $note->addCData($SITEURL);
 $note = $xmls->addChild('TEMPLATE');
 $note->addCData($TEMPLATE);
 $xmls->addChild('PRETTYURLS', $PRETTYURLS);
 $xmls->addChild('PERMALINK', $PERMALINK);
 $xmls->addChild('EMAIL', $SITEEMAIL);
 $xmls->addChild('TIMEZONE', $TIMEZONE);
 $xmls->addChild('LANG', $LANG);
 $xmls->addChild('SITEUSR', $SITEUSR);
 exec_action('settings-website');
 if (!XMLsave($xmls, GSDATAOTHERPATH . GSWEBSITEFILE)) {
示例#5
0
 public function mmAddUser()
 {
     //Set User File, Username, And Password From Submission
     $usrfile = strtolower($_POST['usernamec']);
     $usrfile = $usrfile . '.xml';
     $NUSR = strtolower($_POST['usernamec']);
     $pwd1 = $_POST['userpassword'];
     $NPASSWD = passhash($pwd1);
     // create user xml file - This coding was mostly taken from the 'settings.php' page..
     createBak($usrfile, GSUSERSPATH, GSBACKUSERSPATH);
     if (file_exists(GSUSERSPATH . _id($NUSR) . '.xml.reset')) {
         unlink(GSUSERSPATH . _id($NUSR) . '.xml.reset');
     }
     $xml = new SimpleXMLExtended('<item></item>');
     $xml->addChild('USR', $NUSR);
     $xml->addChild('PWD', $NPASSWD);
     $xml->addChild('EMAIL', $_POST['useremail']);
     $xml->addChild('HTMLEDITOR', $_POST['usereditor']);
     $xml->addChild('TIMEZONE', $_POST['ntimezone']);
     $xml->addChild('LANG', $_POST['userlng']);
     $xml->addChild('USERSNAME', $_POST['users_name']);
     $userbio = $xml->addChild('USERSBIO');
     $userbio->addCData($_POST['users_bio']);
     $perm = $xml->addChild('PERMISSIONS');
     $perm->addChild('PAGES', $_POST['Pages']);
     $perm->addChild('FILES', $_POST['Files']);
     $perm->addChild('THEME', $_POST['Theme']);
     $perm->addChild('PLUGINS', $_POST['Plugins']);
     $perm->addChild('BACKUPS', $_POST['Backups']);
     $perm->addChild('SETTINGS', $_POST['Settings']);
     $perm->addChild('SUPPORT', $_POST['Support']);
     $perm->addChild('EDIT', $_POST['Edit']);
     $perm->addChild('LANDING', $_POST['Landing']);
     $perm->addChild('ADMIN', $_POST['Admin']);
     save_custom_permissions();
     if (!XMLsave($xml, GSUSERSPATH . $usrfile)) {
         $error = i18n_r('CHMOD_ERROR');
     } else {
         print '<div class="updated" style="display: block;">' . $NUSR . ' ' . i18n_r('user-managment/CREATED') . '</div>';
     }
     //Show Manage Form
     mmManageUsersForm();
 }
示例#6
0
 private static function gscsBackup()
 {
     $bakpath = GSBACKUPSPATH . 'other/custom_settings/';
     if (!file_exists($bakpath)) {
         mkdir($bakpath);
     }
     $csfiles = array_diff(scandir(GSDATAOTHERPATH . 'custom_settings'), array('.', '..', '.htaccess'));
     foreach ($csfiles as $csfile) {
         createBak($csfile, GSDATAOTHERPATH . 'custom_settings/', $bakpath);
     }
 }
    $data = getXML(GSDATAOTHERPATH . $file);
    $USR = $data->USR;
    $EMAIL = $data->EMAIL;
}
if (isset($_POST['submitted'])) {
    $nonce = $_POST['nonce'];
    if (!check_nonce($nonce, "reset_password")) {
        die("CSRF detected!");
    }
    if (isset($_POST['email'])) {
        if ($_POST['email'] == $EMAIL) {
            // create new random password
            $random = createRandomPassword();
            // create new users.xml file
            $bakpath = GSBACKUPSPATH . "other/";
            createBak($file, GSDATAOTHERPATH, $bakpath);
            $flagfile = GSBACKUPSPATH . "other/user.xml.reset";
            copy(GSDATAOTHERPATH . $file, $flagfile);
            $xml = @new SimpleXMLElement('<item></item>');
            $xml->addChild('USR', @$USR);
            $xml->addChild('PWD', passhash($random));
            $xml->addChild('EMAIL', @$EMAIL);
            XMLsave($xml, GSDATAOTHERPATH . $file);
            // send the email with the new password
            $subject = $site_full_name . ' ' . $i18n['RESET_PASSWORD'] . ' ' . $i18n['ATTEMPT'];
            $message = "'" . cl($SITENAME) . "' " . $i18n['RESET_PASSWORD'] . " " . $i18n['ATTEMPT'];
            $message .= '<br>-------------------------------------------------------<br>';
            $message .= "<br>" . $i18n['LABEL_USERNAME'] . ": " . $USR;
            $message .= "<br>" . $i18n['NEW_PASSWORD'] . ": " . $random;
            $message .= '<br><br>' . $i18n['EMAIL_LOGIN'] . ': <a href="' . $SITEURL . 'admin/">' . $SITEURL . 'admin/</a>';
            exec_action('resetpw-success');