示例#1
0
 public static function Init()
 {
     $setup = \SystemSetting::getByKey("ARC_ISINIT");
     if ($setup->value == "1") {
         return;
     }
     \Log::createLog("warning", "Arc", "Initilised default Arc settings");
     // Default system settings
     Helper::arcCheckSettingExists("ARC_ISINIT", "1");
     Helper::arcCheckSettingExists("ARC_KEEP_LOGS", "31");
     Helper::arcCheckSettingExists("ARC_MAIL", "{\"smtp\":\"false\", \"server\":\"localhost\"" . ", \"username\":\"\", \"password\":\"\", \"port\":\"25\", \"sender\":\"Admin <*****@*****.**>\"}");
     Helper::arcCheckSettingExists("ARC_LOGIN_URL", "welcome");
     Helper::arcCheckSettingExists("ARC_FILE_UPLOAD_SIZE_BYTES", "2000000");
     Helper::arcCheckSettingExists("ARC_THUMB_WIDTH", "80");
     Helper::arcCheckSettingExists("ARC_THEME", "default");
     Helper::arcCheckSettingExists("ARC_DEFAULT_PAGE", "welcome");
     Helper::arcCheckSettingExists("ARC_LDAP", "{\"ldap\":\"false\", \"server\":\"localhost\"," . " \"domain\":\"mydomain\", \"base\":\"dc=mydomain,dc=local\"}");
     Helper::arcCheckSettingExists("ARC_PASSWORD_RESET_MESSAGE", htmlentities("You or someone else has requested a password reset.<br />" . "Your new password is '{password}'."));
     Helper::arcCheckSettingExists("ARC_ALLOWREG", "true");
     Helper::arcCheckSettingExists("ARC_LOGO_PATH", "assets/logo-200x48-dark.png");
     Helper::arcCheckSettingExists("ARC_DATEFORMAT", "d-m-Y");
     Helper::arcCheckSettingExists("ARC_TIMEFORMAT", "H:i:s");
     Helper::arcCheckSettingExists("ARC_REQUIRECOMPANY", false);
     Helper::arcCheckSettingExists("ARC_SITETITLE", "Arc Project");
     Helper::arcCheckSettingExists("ARC_MEDIAMANAGERURL", "administration/media-manager");
 }
示例#2
0
文件: reset.php 项目: DeltaWolf7/Arc
<?php

if (system\Helper::arcIsAjaxRequest()) {
    $user = User::getByEmail($_POST["emailf"]);
    // valid user
    if ($user->id > 0) {
        $password = md5(uniqid($user->email, true));
        $user->setPassword($password);
        $user->update();
        $messageS = SystemSetting::getByKey("ARC_PASSWORD_RESET_MESSAGE");
        $message = html_entity_decode($messageS->value);
        $message = str_replace("{password}", $password, $message);
        $mail = new Mail();
        $mail->Send($user->email, "Password Reset Request", $message, true);
        system\Helper::arcAddMessage("success", "Password reset, please check your email.");
        Log::createLog("warning", "user", "Password reset request '" . $_POST["emailf"] . "'.");
    } else {
        system\Helper::arcAddMessage("danger", "Email address is not registered");
        Log::createLog("danger", "user", "Request to reset unknown email address '" . $_POST["emailf"] . "'.");
    }
}
示例#3
0
            }
            $name = $_FILES["file"]["name"];
            $ext = end(explode(".", $name));
            # extra () to prevent notice
            $filename = uniqid() . "." . $ext;
            $path = system\Helper::arcGetPath(true) . "assets/profile";
            $destination = $path . "/" . $filename;
            if (!file_exists($path)) {
                mkdir($path);
            }
            Log::createLog("info", "user", "Destination: '" . $destination . "'");
            $location = $_FILES["file"]["tmp_name"];
            $size = filesize($location);
            if ($size == 0) {
                system\Helper::arcAddMessage("danger", "Invalid file uploaded");
                Log::createLog("danger", "user", "Invalid file size.");
                return;
            }
            move_uploaded_file($location, $destination);
            $profileImage = SystemSetting::getByKey("ARC_USER_IMAGE", system\Helper::arcGetUser()->id);
            $profileImage->userid = system\Helper::arcGetUser()->id;
            $profileImage->value = $filename;
            $profileImage->update();
            system\Helper::arcAddMessage("success", "File uploaded");
            Log::createLog("success", "user", "Upload complete.");
        } else {
            Log::createLog("danger", "user", "Upload error " . $_FILES['file']['error']);
            system\Helper::arcAddMessage("danger", "Error occured while uploading file");
        }
    }
}
示例#4
0
文件: Helper.php 项目: DeltaWolf7/Arc
 /**
  * Used to get Arc to build the content of the page or preform API request.
  */
 public static function getContent()
 {
     // Break URL apart and check for API request
     $uri_parts = explode('?', $_SERVER['REQUEST_URI'], 2);
     $uri = $uri_parts[0];
     if (strpos($uri, "/api/v1") === false) {
         // No API, Get regular content
         self::arcGetView();
     } else {
         // Handle API request
         if (!isset($_GET["key"])) {
             self::arcReturnJSON(["error" => "API key required to process request"]);
             \Log::createLog("danger", "API", "API key required to process request");
         } else {
             $key = null;
             $users = \User::getAllUsers();
             foreach ($users as $user) {
                 $apikey = \SystemSetting::getByKey("APIKEY", $user->id);
                 if ($apikey->id != 0 && $apikey->value == $_GET["key"]) {
                     $key = $apikey->value;
                 }
             }
             if (empty($key)) {
                 self::arcReturnJSON(["error" => "Invalid API key"]);
                 \Log::createLog("danger", "API", "Invalid API key");
             } else {
                 $split = explode("/", $uri);
                 if (!isset($split[3]) || !file_exists(self::arcGetPath(true) . "app/modules/{$split[3]}/api")) {
                     self::arcReturnJSON(["error" => "Invalid API request"]);
                     \Log::createLog("danger", "API", "Invalid API request");
                 } elseif (!isset($split[4]) || !file_exists(self::arcGetPath(true) . "app/modules/{$split[3]}/api/{$split[4]}.php")) {
                     self::arcReturnJSON(["error" => "Invalid API method request"]);
                     \Log::createLog("danger", "API", "Invalid API method request");
                 } else {
                     include self::arcGetPath(true) . "app/modules/{$split[3]}/api/{$split[4]}.php";
                     \Log::createLog("success", "API", "OK:: Module: {$split[3]}, Method: {$split[4]}, Key: {$key}");
                 }
             }
         }
     }
 }
示例#5
0
文件: login.php 项目: DeltaWolf7/Arc
function LDAPLogin($server = "mydomain.local", $username, $password, $domain = "mydomain", $dc = "dc=mydomain,dc=local")
{
    // https://www.exchangecore.com/blog/how-use-ldap-active-directory-authentication-php/
    $ldap = ldap_connect("ldap://{$server}");
    $ldaprdn = "{$domain}\\{$username}";
    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
    $bind = @ldap_bind($ldap, $ldaprdn, $password);
    if ($bind) {
        $filter = "(sAMAccountName={$username})";
        $result = ldap_search($ldap, $dc, $filter);
        ldap_sort($ldap, $result, "sn");
        $info = ldap_get_entries($ldap, $result);
        if (!isset($info[0]["mail"][0])) {
            Log::createLog("danger", "ldap", "Unable to query LDAP, check base settings.");
            return null;
        }
        $data = array();
        $data["email"] = $info[0]["mail"][0];
        $data["lastname"] = $info[0]["sn"][0];
        $data["firstname"] = $info[0]["givenname"][0];
        @ldap_close($ldap);
        return $data;
    } else {
        Log::createLog("danger", "ldap", "Error: " . ldap_error($ldap));
    }
    return null;
}
示例#6
0
 /**
  * 
  * @param string $from Sender, left null to use system setting.
  * @param string/array $to To, format as 'Firstname Lastname' <*****@*****.**> or email address only.
  * @param string/array $cc CC, format as 'Firstname Lastname' <*****@*****.**> or email address only.
  * @param string $subject String message subject.
  * @param string $message Message body, html or plain text.
  * @param boolean $html True for html body, false for plain.
  * @return boolean True/False depending is the operation was completed.
  */
 public function Send($to = array(), $subject, $message, $html = true, $from = null, $cc = array())
 {
     if ($html == true) {
         $theme = SystemSetting::getByKey("ARC_THEME");
         if (file_exists(system\Helper::arcGetPath(true) . "themes/" . $theme->value . "/email.php")) {
             $content = file_get_contents(system\Helper::arcGetPath(true) . "themes/" . $theme->value . "/email.php");
             $message = system\Helper::arcParseEmail($content, $message);
         }
     }
     Log::createLog("info", "arcmail", "Send email request, mode: " . $this->mode);
     // Set from details
     if ($from == null) {
         $from = $this->data["sender"];
     }
     // Build to list
     if (!is_array($to)) {
         $list = array();
         $list[] = $to;
         $to = $list;
     }
     // Build to list
     if (!is_array($cc)) {
         $list = array();
         $list[] = $cc;
         $cc = $list;
     }
     // Build Mail Header
     $headers = "MIME-Version: 1.0\r\n";
     if ($html == true) {
         // Html content
         $headers .= "Content-Type: text/html; charset=iso-8859-1\r\n";
     } else {
         // Plain test
         $headers .= "Content-Type: text/plain;\r\n";
     }
     Log::createLog("info", "arcmail", "Mail headers built");
     switch ($this->mode) {
         case "MAIL":
             // Add from header
             $headers .= "From: " . $from . "\r\n";
             // Build recipients list
             $toList = "";
             foreach ($to as $recipient) {
                 $toList .= $recipient . ", ";
             }
             $toList = substr($toList, 0, -2);
             Log::createLog("success", "arcmail", "PHP mail created.");
             // Send mail
             mail($toList, $subject, $message, $headers);
             Log::createLog("success", "arcmail", "PHP mail sent.");
             break;
         case "SMTP":
             include system\Helper::arcGetPath(true) . "app/classes/PHPMailer/PHPMailerAutoload.php";
             $mail = new PHPMailer();
             $mail->isSMTP();
             $mail->Host = $this->data["server"];
             if (empty($this->data["username"]) && empty($this->data["password"])) {
                 $mail->SMTPAuth = false;
             } else {
                 $mail->SMTPAuth = true;
                 $mail->Username = $this->data["username"];
                 $smtp_password = system\Helper::arcDecrypt($this->data["password"]);
                 $mail->Password = $smtp_password;
             }
             $mail->setFrom($from);
             foreach ($to as $email) {
                 $mail->addAddress($email);
             }
             foreach ($cc as $email) {
                 $mail->addCC($email);
             }
             $mail->isHTML($html);
             $mail->Subject = $subject;
             $mail->Body = $message;
             if (!$mail->send()) {
                 Log::createLog("danger", "arcmail", "SMTP: " . $mail->ErrorInfo);
             } else {
                 Log::createLog("success", "arcmail", "SMTP: Message sent");
             }
             break;
     }
 }
示例#7
0
                Log::createLog("danger", "mediamanager", "Blocked file type: {$file_type}");
                return;
            }
            $filename = $_FILES['file']['name'];
            // force lowercase names
            $filename = strtolower($filename);
            $path = system\Helper::arcGetPath(true) . "assets" . $_POST["path"];
            $destination = $path . "/" . $filename;
            if (!file_exists($path)) {
                mkdir($path);
            }
            Log::createLog("info", "mediamanager", "Destination: '" . $destination . "'");
            $location = $_FILES["file"]["tmp_name"];
            Log::createLog("info", "mediamanager", "Source: '" . $location . "'");
            $size = filesize($location);
            Log::createLog("info", "mediamanager", "Size: " . $size[0]);
            if ($size == 0) {
                system\Helper::arcAddMessage("danger", "Invalid file uploaded");
                Log::createLog("danger", "mediamanager", "Invalid file size.");
                return;
            }
            move_uploaded_file($location, $destination);
            Log::createLog("info", "mediamanager", "File moved to image folder.");
            system\Helper::arcAddMessage("success", "File uploaded");
            Log::createLog("success", "mediamanager", "Upload complete.");
        } else {
            Log::createLog("danger", "mediamanager", "Upload error " . $_FILES['file']['error']);
            system\Helper::arcAddMessage("danger", "Error occured while uploading file");
        }
    }
}
示例#8
0
<?php

if (system\Helper::arcIsAjaxRequest()) {
    $user = User::getByID($_POST["id"]);
    if ($user->id != system\Helper::arcGetUser()->id) {
        system\Helper::arcImpersonateUser($user);
        system\Helper::arcAddMessage("success", "Impersonation mode enabled");
        Log::createLog("warning", "user", "Is impersonating " . $user->getFullname());
        system\Helper::arcReturnJSON(["status" => "success"]);
    } else {
        system\Helper::arcAddMessage("danger", "You cannot impersonate yourself");
        system\Helper::arcReturnJSON(["status" => "failed"]);
    }
}
示例#9
0
 public function afterDelete()
 {
     $this->clearCache();
     $sectionID = implode(',', $this->getPkValues());
     $section = strtolower(get_class($this));
     $userID = $this->model_uset_id;
     if ($this->_isLog) {
         Log::createLog($userID, 'delete', $section, $sectionID);
     }
 }
示例#10
0
文件: error.php 项目: DeltaWolf7/Arc
<?php

http_response_code(system\Helper::arcGetPostData("error"));
$error = system\Helper::arcGetPostData("error") . ": " . system\Helper::arcGetPostData("path");
if (!empty($_SERVER["HTTP_REFERER"])) {
    $error .= " (ref: " . $_SERVER["HTTP_REFERER"] . ")";
}
Log::createLog("danger", "error", $error);