function read_file_to_var($file)
{
# open the file
$fh = fopen($file, 'r') or xml_error('Error - File: ' . __FILE__ . ' on line: ' . __LINE__);
# read it into a string
$str = fread($fh, filesize_url($file)) or xml_error('Error - File: ' . __FILE__ . ' on line: ' . __LINE__);
#return the string
return $str;
}
function parse_weblogsDotCom($url)
{
/*
Grab weblogs.com list of recently updated RSS feeds
$blogs is array() of feeds
NAME name
URL address
WHEN seconds since ping
*/
global $blogs, $folder, $inOpmlfolder, $inOpmlItem;
$folder = __('Root');
$inOpmlfolder = $inOpmlItem = false;
$opml = getUrl($url);
$opml = str_replace("\r", '', $opml);
$opml = str_replace("\n", '', $opml);
$xp = xml_parser_create() or xml_error("couldn't create parser");
xml_set_element_handler($xp, '_xml_startElement', '_xml_endElement') or xml_error("couldnt set XML handlers");
xml_parse($xp, $opml, true) or xml_error("failed parsing xml at line " . xml_get_current_line_number() . ": " . xml_error_string());
xml_parser_free($xp) or xml_error("failed freeing the parser");
return $blogs;
}
function upload_files($r)
{
xml_start_tag("upload_files");
list($user, $user_submit) = authenticate_user($r, null);
$fanout = parse_config(get_config(), "<uldl_dir_fanout>");
$delete_time = (int) $r->delete_time;
$batch_id = (int) $r->batch_id;
//print_r($_FILES);
$i = 0;
foreach ($r->md5 as $f) {
$md5 = (string) $f;
$name = "file_{$i}";
$tmp_name = $_FILES[$name]['tmp_name'];
if (!is_uploaded_file($tmp_name)) {
xml_error(-1, "{$tmp_name} is not an uploaded file");
}
$fname = job_file_name($md5);
$path = dir_hier_path($fname, project_dir() . "/download", $fanout);
rename($tmp_name, $path);
$now = time();
$jf_id = BoincJobFile::insert("(md5, create_time, delete_time) values ('{$md5}', {$now}, {$delete_time})");
if (!$jf_id) {
xml_error(-1, "upload_files(): BoincJobFile::insert({$md5}) failed: " . BoincDb::error());
}
if ($batch_id) {
BoincBatchFileAssoc::insert("(batch_id, job_file_id) values ({$batch_id}, {$jf_id})");
}
$i++;
}
echo "<success/>\n </upload_files>\n ";
}
function blogger_setTemplate($values)
{
xml_error("Sorry, this method is not supported yet.");
}
}
$email_addr = get_str("email_addr");
$passwd_hash = get_str("passwd_hash", true);
$email_addr = BoincDb::escape_string($email_addr);
$user = BoincUser::lookup("email_addr='{$email_addr}'");
if (!$user) {
xml_error(-136);
}
if (!$passwd_hash) {
echo "<account_out>\r\n\t<success/>\r\n</account_out>\r\n";
exit;
}
$auth_hash = md5($user->authenticator . $user->email_addr);
// if no password set, set password to account key
//
if (!strlen($user->passwd_hash)) {
$user->passwd_hash = $auth_hash;
$user->update("passwd_hash='{$user->passwd_hash}'");
}
// if the given password hash matches (auth+email), accept it
//
if ($user->passwd_hash == $passwd_hash || $auth_hash == $passwd_hash) {
echo "<account_out>\n";
echo "<authenticator>{$user->authenticator}</authenticator>\n";
echo "</account_out>\n";
} else {
xml_error(-206);
}
?>
*
* http://localhost/services/api/getMyUserProfile.php?cid=1001
*
* param: cid = client id
*/
header('Content-Type: text/xml; charset=utf-8');
require_once "../../../etc/koala.conf.php";
require_once PATH_LIB . "format_handling.inc.php";
require_once PATH_LIB . "http_auth_handling.inc.php";
require_once "error_handling.php";
if (!(defined("API_ENABLED") && API_ENABLED === TRUE)) {
xml_error("API_ENABLED not set");
exit;
}
if (!(defined("API_CLIENT_ID") && isset($_GET["cid"]) && API_CLIENT_ID == $_GET["cid"])) {
xml_error("API_CLIENT_ID not allowed");
exit;
}
if (http_auth()) {
$user = lms_steam::get_current_user();
$user_name = $user->get_name();
/**
* without caching
*/
// $user_profile = lms_steam::user_get_profile( $user_name );
/**
* with caching
*/
$cache = get_cache_function($user_name, 86400);
//$user->get_name()
$user_profile = $cache->call("lms_steam::user_get_profile", $user_name);
if ($format == "xml") {
// don't do caching for XML
xml_header();
$retval = db_init_xml();
if ($retval) {
xml_error($retval);
}
if ($auth) {
$user = lookup_user_auth($auth);
$show_hosts = true;
} else {
$user = lookup_user_id($id);
$show_hosts = false;
}
if (!$user) {
xml_error(-136);
}
show_user_xml($user, $show_hosts);
} else {
db_init();
// need to do this in any case,
// since show_user_summary_public() etc. accesses DB
// The page may be presented in many different languages,
// so here we cache the data instead
//
$cache_args = "userid=" . $id;
$cached_data = get_cached_data(USER_PAGE_TTL, $cache_args);
if ($cached_data) {
// We found some old but non-stale data, let's use it
$data = unserialize($cached_data);
$user = $data->user;
require_once "../inc/util.inc";
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
check_get_args(array("format", "authenticator"));
BoincDb::get(true);
$config = get_config();
if (!parse_bool($config, "show_results")) {
error_page("This feature is turned off temporarily");
}
$format = get_str("format", true);
if ($format == "xml") {
xml_header();
$auth = BoincDb::escape_string(get_str('authenticator'));
$user = BoincUser::lookup("authenticator='{$auth}'");
if (!$user) {
echo "<error>" . xml_error(-136) . "</error>\n";
exit;
}
$sum = 0;
echo "<pending_credit>\n";
$results = BoincResult::enum("userid={$user->id} AND (validate_state=0 OR validate_state=4) AND claimed_credit > 0");
foreach ($results as $result) {
echo "<result>\n";
echo " <resultid>" . $result->id . "</resultid>\n";
echo " <workunitid>" . $result->workunitid . "</workunitid>\n";
echo " <hostid>" . $result->hostid . "</hostid>\n";
echo " <claimed_credit>" . $result->claimed_credit . "</claimed_credit>\n";
echo " <received_time>" . $result->received_time . "</received_time>\n";
echo "</result>\n";
$sum += $result->claimed_credit;
}
require_once "../../../etc/koala.conf.php";
require_once PATH_LIB . "http_auth_handling.inc.php";
require_once "error_handling.php";
if (http_auth()) {
if (!(defined("API_ENABLED") && API_ENABLED === TRUE)) {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("API_ENABLED not set");
exit;
}
if (!(defined("API_CLIENT_ID") && isset($_GET["cid"]) && API_CLIENT_ID == $_GET["cid"])) {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("API_CLIENT_ID not allowed");
exit;
}
if (isset($_GET["id"]) && isset($_GET["name"])) {
$download_url = "/download/" . $_GET["id"] . "/" . $_GET["name"];
header("Location: " . $download_url);
} else {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("Parameter id or name is missing.");
exit;
}
} else {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("No access");
exit;
}
//echo "<error>No courses found.</error>";
}
echo "<debug><![CDATA[" . $debug_info . "]]></debug>" . "\n";
//TODO (maybe): remove or comment out this line before using in productive system
//echo "</details>";
} else {
xml_error("Error: Missing parameter.");
exit;
}
// /getMyCourseDetails.php *****************************************************************************************
echo "</course>" . "\n";
}
}
}
} else {
xml_error("No semester found.");
exit;
}
echo "</courses>" . "\n";
// Cache for 7 Minutes
$cache = get_cache_function($user_name, 420);
$feeds = $cache->call("koala_user::get_news_feeds_static", 0, 0, FALSE, $user);
//0, 10, FALSE, $user
$no_feeds = count($feeds);
echo "<abos>" . "\n";
if ($no_feeds > 0) {
foreach ($feeds as $feed) {
// echo "feed: " .
// $feed['title'] . ", " .
// strftime( '%x', $feed['date'] ) . ", " .
// $feed['obj']->get_id() . ", " .
require_once "../inc/util.inc";
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
check_get_args(array("format", "authenticator"));
BoincDb::get(true);
$config = get_config();
if (!parse_bool($config, "show_results")) {
error_page("This feature is turned off temporarily");
}
$format = get_str("format", true);
if ($format == "xml") {
xml_header();
$auth = BoincDb::escape_string(get_str('authenticator'));
$user = BoincUser::lookup("authenticator='{$auth}'");
if (!$user) {
echo "<error>" . xml_error(ERR_DB_NOT_FOUND) . "</error>\n";
exit;
}
$sum = 0;
echo "<pending_credit>\n";
$results = BoincResult::enum("userid={$user->id} AND (validate_state=0 OR validate_state=4) AND claimed_credit > 0");
foreach ($results as $result) {
echo "<result>\n";
echo " <resultid>" . $result->id . "</resultid>\n";
echo " <workunitid>" . $result->workunitid . "</workunitid>\n";
echo " <hostid>" . $result->hostid . "</hostid>\n";
echo " <claimed_credit>" . $result->claimed_credit . "</claimed_credit>\n";
echo " <received_time>" . $result->received_time . "</received_time>\n";
echo "</result>\n";
$sum += $result->claimed_credit;
}
} else {
// normal (non-LDAP) case
$email_addr = get_str("email_addr");
$passwd_hash = get_str("passwd_hash", true);
$email_addr = BoincDb::escape_string($email_addr);
$user = BoincUser::lookup("email_addr='{$email_addr}'");
if (!$user) {
xml_error(ERR_DB_NOT_FOUND);
}
if (!$passwd_hash) {
echo "<account_out>\n";
echo " <success/>\n";
echo "</account_out>\n";
exit;
}
$auth_hash = md5($user->authenticator . $user->email_addr);
// if no password set, set password to account key
//
if (!strlen($user->passwd_hash)) {
$user->passwd_hash = $auth_hash;
$user->update("passwd_hash='{$user->passwd_hash}'");
}
// if the given password hash matches (auth+email), accept it
//
if ($user->passwd_hash != $passwd_hash && $auth_hash != $passwd_hash) {
xml_error(ERR_BAD_PASSWD);
}
}
echo "<account_out>\n";
echo "<authenticator>{$user->authenticator}</authenticator>\n";
echo "</account_out>\n";
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
// RSS feed for per-user notifications
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
require_once "../inc/pm.inc";
require_once "../inc/friend.inc";
require_once "../inc/notify.inc";
require_once "../project/project.inc";
$userid = get_int('userid');
$auth = get_str('auth');
$user = BoincUser::lookup_id($userid);
if (!$user) {
xml_error();
}
if (notify_rss_auth($user) != $auth) {
xml_error();
}
$notifies = BoincNotify::enum("userid = {$userid} order by create_time desc");
if (count($notifies)) {
$last_mod_time = $notifies[0]->create_time;
} else {
$last_mod_time = time();
}
$create_date = gmdate('D, d M Y H:i:s', $last_mod_time) . ' GMT';
header("Expires: " . gmdate('D, d M Y H:i:s', time()) . " GMT");
header("Last-Modified: " . $create_date);
header("Content-Type: application/xml");
$description = "Community notifications";
$channel_image = URL_BASE . "rss_image.gif";
$language = "en-us";
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n <rss version=\"2.0\" xmlns:atom=\"http://www.w3.org/2005/Atom\">\n <channel>\n <title>" . PROJECT . "</title>\n <link>" . URL_BASE . "</link>\n <atom:link href=\"" . URL_BASE . "notify_rss.php\" rel=\"self\" type=\"application/rss+xml\" />\n <description>" . $description . "</description>\n <copyright>" . COPYRIGHT_HOLDER . "</copyright>\n <lastBuildDate>" . $create_date . "</lastBuildDate>\n <language>" . $language . "</language>\n <image>\n <url>" . $channel_image . "</url>\n <title>" . PROJECT . "</title>\n <link>" . URL_BASE . "</link>\n </image>\n";
}
}
$email_addr = get_str("email_addr");
$email_addr = strtolower($email_addr);
$passwd_hash = get_str("passwd_hash");
$user_name = get_str("user_name");
if (!is_valid_email_addr($email_addr)) {
xml_error(-205);
}
if (strlen($passwd_hash) != 32) {
xml_error(-1, "password hash length not 32");
}
$user = lookup_user_email_addr($email_addr);
if ($user) {
if ($user->passwd_hash != $passwd_hash) {
xml_error(-137);
} else {
$authenticator = $user->authenticator;
}
} else {
$user = make_user($email_addr, $user_name, $passwd_hash, 'International');
if (!$user) {
xml_error(-137);
}
if (defined('INVITE_CODES')) {
error_log("Account for '{$email_addr}' created using invitation code '{$invite_code}'");
}
}
echo " <account_out>\n";
echo " <authenticator>{$user->authenticator}</authenticator>\n";
echo "</account_out>\n";
if ($retval) {
xml_error($retval);
}
$auth = get_str("account_key");
$user = BoincUser::lookup_auth($auth);
if (!$user) {
xml_error(ERR_DB_NOT_FOUND);
}
$name = $_GET["name"];
if (strlen($name) == 0) {
xml_error(-1, "must set team name");
}
$url = sanitize_tags(get_str("url"));
$type_name = sanitize_tags(get_str("type"));
// textual
$type = team_type_num($type_name);
$name_html = get_str("name_html");
$description = get_str("description");
$country = get_str("country");
if ($country == "") {
$country = "International";
}
// the following DB-escapes its args
//
$new_team = make_team($user->id, $name, $url, $type, $name_html, $description, $country);
if ($new_team) {
user_join_team($new_team, $user);
echo "<create_team_reply>\n <success/>\n <team_id>{$new_team->id}</team_id>\n</create_team_reply>\n";
} else {
xml_error(ERR_DB_NOT_UNIQUE, "could not create team");
}
if ($retval) {
xml_error($retval);
}
$auth = get_str("account_key");
$user = lookup_user_auth($auth);
if (!$user) {
xml_error(-136);
}
$name = $_GET["name"];
if (strlen($name) == 0) {
xml_error(-1, "must set team name");
}
$url = get_str("url");
$type_name = get_str("type");
// textual
$type = team_type_num($type_name);
$name_html = get_str("name_html");
$description = get_str("description");
$country = get_str("country");
if ($country == "") {
$country = "International";
}
// the following DB-escapes its args
//
$new_team = make_team($user->id, $name, $url, $type, $name_html, $description, $country);
if ($new_team) {
user_join_team($new_team, $user);
echo "<create_team_reply>\r\n\t<success/>\r\n\t<team_id>{$new_team->id}</team_id>\r\n</create_team_reply>\r\n";
} else {
xml_error(-137, "could not create team");
}
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
check_get_args(array("hostid", "account_key", "venue"));
xml_header();
$db = BoincDb::get();
if (!$db) {
xml_error($retval);
}
$auth = BoincDb::escape_string(get_str("account_key"));
$user = BoincUser::lookup("authenticator='{$auth}'");
if (!$user) {
xml_error(ERR_DB_NOT_FOUND);
}
$hostid = get_int("hostid");
$host = BoincHost::lookup_id($hostid);
if (!$host || $host->userid != $user->id) {
xml_error(ERR_DB_NOT_FOUND);
}
$venue = BoincDb::escape_string(get_str("venue"));
$result = $host->update("venue='{$venue}'");
if ($result) {
echo "<am_set_host_info_reply>\n <success/>\n</am_set_host_info_reply>\n";
} else {
xml_error(-1, "database error");
}
} else {
$team = lookup_team($teamid);
if ($team && $team->joinable) {
user_join_team($team, $user);
}
}
}
if ($venue) {
$query .= " venue='{$venue}', ";
}
if ($email_addr && $email_addr != $user->email_addr) {
$old_email_addr = $user->email_addr;
$query .= " email_addr='{$email_addr}', ";
}
if ($password_hash) {
$query .= " passwd_hash='{$password_hash}', ";
}
if (strlen($query)) {
// the seti_id=seti_id is to make the query valid,
// since $query ends with a comma at this point
//
$query = "{$query} seti_id=seti_id";
$result = $user->update($query);
if ($result) {
success("");
} else {
xml_error(-1, "database error: " . BoincDb::error());
}
} else {
success("");
}
function get_templates($r)
{
xml_start_tag("get_templates");
$app_name = (string) $r->app_name;
if ($app_name) {
$app = get_submit_app($app_name);
} else {
$job_name = (string) $r->job_name;
$wu = get_wu($job_name);
$app = BoincApp::lookup_id($wu->appid);
}
list($user, $user_submit) = authenticate_user($r, $app);
$in = file_get_contents(project_dir() . "/templates/" . $app->name . "_in");
$out = file_get_contents(project_dir() . "/templates/" . $app->name . "_out");
if ($in === false || $out === false) {
xml_error(-1, "template file missing");
}
echo "<templates>\n{$in}\n{$out}\n</templates>\n </get_templates>\n ";
}
xml_error(ERR_BAD_EMAIL_ADDR);
}
if (strlen($passwd_hash) != 32) {
xml_error(-1, "password hash length not 32");
}
$user = BoincUser::lookup_email_addr($email_addr);
if ($user) {
if ($user->passwd_hash != $passwd_hash) {
xml_error(ERR_DB_NOT_UNIQUE);
} else {
$authenticator = $user->authenticator;
}
} else {
$user = make_user($email_addr, $user_name, $passwd_hash, 'International');
if (!$user) {
xml_error(ERR_DB_NOT_UNIQUE);
}
if (defined('INVITE_CODES')) {
error_log("Account for '{$email_addr}' created using invitation code '{$invite_code}'");
}
}
if ($team_name) {
$team_name = BoincDb::escape_string($team_name);
$team = BoincTeam::lookup("name='{$team_name}'");
if ($team && $team->joinable) {
user_join_team($team, $user);
}
}
echo " <account_out>\n";
echo " <authenticator>{$user->authenticator}</authenticator>\n";
echo "</account_out>\n";
function notices_rss_end()
{
echo "\n </channel>\n </rss>\n ";
}
$userid = get_int('userid');
$auth = get_str('auth');
$since_time = time() - 30 * 86400;
$user = BoincUser::lookup_id($userid);
if (!$user) {
xml_error();
}
// the auth in the URL includes "userid_"
//
$x = $user->id . "_" . notify_rss_auth($user);
if ($x != $auth) {
xml_error(-155, 'Invalid authenticator');
}
$since_clause = "and create_time > {$since_time}";
$notifies = BoincNotify::enum("userid = {$userid} {$since_clause}");
$forum = news_forum();
if ($forum) {
$threads = BoincThread::enum("forum = {$forum->id} and hidden=0 and status=0 {$since_clause}");
}
// there may be a better way to do this
$items = array();
foreach ($notifies as $n) {
$i = null;
$i->type = 0;
$i->time = $n->create_time;
$i->val = $n;
$items[] = $i;
if ($xml) {
echo " <action>\n <id>{$user->id}</id>\n <name>{$user->name}</name>\n <action>{$what}</action>\n <total_credit>{$delta->total_credit}</total_credit>\n <when>{$when}</when>\n </action>\n";
} else {
echo "<tr>\n <td>{$when}</td>\n <td>", user_links($user), " (ID {$user->id})</td>\n <td>{$what}</td>\n <td>{$delta->total_credit}</td>\n </tr>\n ";
}
}
$user = get_logged_in_user();
$teamid = get_int('teamid');
$team = BoincTeam::lookup_id($teamid);
if ($xml) {
require_once '../inc/xml.inc';
xml_header();
}
if (!$team || !is_team_admin($user, $team)) {
if ($xml) {
xml_error("-1", "Not founder or admin");
} else {
error_page(tra("Not founder or admin"));
}
}
if ($xml) {
echo "<actions>\n";
} else {
page_head(tra("Team history for %1", $team->name));
start_table();
echo "<tr>\n <th>" . tra("When") . "</th>\n <th>" . tra("User") . "</th>\n <th>" . tra("Action") . "</th>\n <th>" . tra("Total credit at time of action") . "</th>\n </tr>\n ";
}
$deltas = BoincTeamDelta::enum("teamid={$teamid} order by timestamp");
foreach ($deltas as $delta) {
show_delta($delta);
}
xml_header();
if (DISABLE_FORUMS) {
xml_error(-1, "Forums are disabled");
}
$retval = db_init_xml();
if ($retval) {
xml_error($retval);
}
$method = get_str("method", true);
if ($method != "user_posts" && $method != "user_threads") {
xml_error(-1);
}
$userid = get_int("userid", true);
$user = BoincUser::lookup_id($userid);
if (!$user) {
xml_error(ERR_DB_NOT_FOUND);
}
if ($method == "user_posts") {
$count = get_int("count", true);
if (!$count || $count <= 0 || $count > 50) {
$count = 10;
}
$length = get_int("contentlength", true);
if ($length == null || $length <= 0) {
$length = 0;
}
$posts = BoincPost::enum("user={$userid} ORDER BY timestamp DESC LIMIT {$count}");
$realcount = BoincPost::count("user={$userid}");
echo "<rpc_response>\n";
echo "<count>{$realcount}</count>\n";
echo "<posts>\n";
echo "<LECTION_NAME>" . $category->get_attribute( OBJ_NAME ) . "</LECTION_NAME>";
echo "<LECTION_DESC>" . $category->get_attribute( OBJ_DESC ) . "</LECTION_DESC>";
echo "<LECTION_CREATION_TIME>" . $category->get_attribute( OBJ_CREATION_TIME ) . "</LECTION_CREATION_TIME>";
echo "<LECTION_LAST_CHANGED>" . $category->get_attribute( OBJ_LAST_CHANGED ) . "</LECTION_LAST_CHANGED>";
echo "<LECTION_KEYWORDS>" . $category->get_attribute( OBJ_KEYWORDS ) . "</LECTION_KEYWORDS>";
echo "<LECTION_TYPE>" . $category->get_attribute( DOC_TYPE ) . "</LECTION_TYPE>";
echo "<LECTION_LAST_ACCESSED>" . $category->get_attribute( DOC_LAST_ACCESSED ) . "</LECTION_LAST_ACCESSED>";
echo "<LECTION_ENCODING>" . $category->get_attribute( DOC_ENCODING ) . "</LECTION_ENCODING>";
*/
get_content($category);
echo "</lection>";
}
echo "</extension>";
}
}
}
}
} else {
//echo "<error>No courses found.</error>";
}
/**
* (maybe) TODO: remove or comment out the following line with <debug> before using in productive system
*/
echo "<debug><![CDATA[" . $debug_info . "]]></debug>";
echo "</course>";
} else {
xml_error("Error: Missing parameter");
}
} else {
exit;
}