* License for the specific language governing rights and limitations
* under the License.
*
* @category phpMyFAQ
* @package Administration
* @author Thorsten Rinne <*****@*****.**>
* @copyright 2003-2011 phpMyFAQ Team
* @license http://www.mozilla.org/MPL/MPL-1.1.html Mozilla Public License Version 1.1
* @link http://www.phpmyfaq.de
* @since 2003-02-23
*/
if (!defined('IS_VALID_PHPMYFAQ')) {
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$logging = new PMF_Logging();
if ($permission['adminlog'] && 'adminlog' == $action) {
$perpage = 15;
$pages = PMF_Filter::filterInput(INPUT_GET, 'pages', FILTER_VALIDATE_INT);
$page = PMF_Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 1);
if (is_null($pages)) {
$pages = round(($logging->getNumberOfEntries() + $perpage / 3) / $perpage, 0);
}
$start = ($page - 1) * $perpage;
$ende = $start + $perpage;
$PageSpan = PageSpan("<a href=\"?action=adminlog&pages=" . $pages . "&page=<NUM>\">", 1, $pages, $page);
$logging_data = $logging->getAll();
?>
<h2><?php
print $PMF_LANG["ad_adminlog"];
?>
* @package Administration
* @author Thorsten Rinne <*****@*****.**>
* @copyright 2003-2014 phpMyFAQ Team
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
* @link http://www.phpmyfaq.de
* @since 2003-02-23
*/
if (!defined('IS_VALID_PHPMYFAQ')) {
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
$protocol = 'https';
}
header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$logging = new PMF_Logging($faqConfig);
if ($user->perm->checkRight($user->getUserId(), 'adminlog') && 'adminlog' == $action) {
$date = new PMF_Date($faqConfig);
$perpage = 15;
$pages = PMF_Filter::filterInput(INPUT_GET, 'pages', FILTER_VALIDATE_INT);
$page = PMF_Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 1);
if (is_null($pages)) {
$pages = round(($logging->getNumberOfEntries() + $perpage / 3) / $perpage, 0);
}
$start = ($page - 1) * $perpage;
$ende = $start + $perpage;
$baseUrl = sprintf('%s?action=adminlog&page=%d', PMF_Link::getSystemRelativeUri(), $page);
// Pagination options
$options = array('baseUrl' => $baseUrl, 'total' => $logging->getNumberOfEntries(), 'perPage' => $perpage, 'pageParamName' => 'page');
$pagination = new PMF_Pagination($faqConfig, $options);
$loggingData = $logging->getAll();
$user = new PMF_User_CurrentUser();
if ($faqconfig->get('main.ldapSupport')) {
$authLdap = new PMF_Auth_AuthLdap();
$user->addAuth($authLdap, 'ldap');
}
if ($user->login($faqusername, $faqpassword)) {
// login, if user account is NOT blocked
if ($user->getStatus() != 'blocked') {
$auth = true;
} else {
$error = $PMF_LANG['ad_auth_fail'];
$user = null;
}
} else {
// error
$logging = new PMF_Logging();
$logging->logAdmin($user, 'Loginerror\\nLogin: '******'\\nPass: ********');
$error = $PMF_LANG['ad_auth_fail'];
$user = null;
}
} else {
// authenticate with session information
$user = PMF_User_CurrentUser::getFromSession($faqconfig->get('main.ipCheck'));
if ($user) {
$auth = true;
} else {
$user = null;
}
}
// get user rights
$permission = array();
$user->addAuth($authLdap, 'ldap');
}
if ($faqConfig->get('security.ssoSupport')) {
$authSso = new PMF_Auth_Sso($faqConfig);
$user->addAuth($authSso, 'sso');
}
if ($user->login($faqusername, $faqpassword)) {
// login, if user account is NOT blocked
if ($user->getStatus() != 'blocked') {
$auth = true;
} else {
$error = $PMF_LANG['ad_auth_fail'];
}
} else {
// error
$logging = new PMF_Logging($faqConfig);
$logging->logAdmin($user, 'Loginerror\\nLogin: '******'\\nErrors: ' . implode(', ', $user->errors));
$error = $PMF_LANG['ad_auth_fail'];
}
} else {
// Try to authenticate with cookie information
$user = PMF_User_CurrentUser::getFromCookie($faqConfig);
// authenticate with session information
if (!$user instanceof PMF_User_CurrentUser) {
$user = PMF_User_CurrentUser::getFromSession($faqConfig);
}
if ($user instanceof PMF_User_CurrentUser) {
$auth = true;
} else {
$user = new PMF_User_CurrentUser($faqConfig);
}
<script type="text/javascript">
$(document).ready(function(){
setTimeout(function() {
window.location = "index.php?action=editentry&id=<?php
print $record_id;
?>
&lang=<?php
print $recordData['lang'];
?>
";
}, 5000);
});
</script>
<?php
} elseif (isset($submit['submit'][0])) {
$logging = new PMF_Logging();
$logging->logAdmin($user, 'Beitragdel, ' . $record_id);
$path = PMF_ROOT_DIR . DIRECTORY_SEPARATOR . PMF_ATTACHMENTS_DIR . DIRECTORY_SEPARATOR . $record_id . '/';
if (@is_dir($path)) {
$do = dir($path);
while ($dat = $do->read()) {
if ($dat != "." && $dat != "..") {
unlink($path . $dat);
}
}
rmdir($path);
}
$faq->deleteRecord($record_id, $record_lang);
printf('<p class="success">%s</p>', $PMF_LANG['ad_entry_delsuc']);
}
} else {
$keywords = PMF_Filter::filterInput(INPUT_POST, 'keywords', FILTER_SANITIZE_STRING);
$author = PMF_Filter::filterInput(INPUT_POST, 'author', FILTER_SANITIZE_STRING);
$email = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
$record_id = PMF_Filter::filterInput(INPUT_POST, 'id', FILTER_VALIDATE_INT);
$solution_id = PMF_Filter::filterInput(INPUT_POST, 'solution_id', FILTER_VALIDATE_INT);
$revision_id = PMF_Filter::filterInput(INPUT_POST, 'revision_id', FILTER_VALIDATE_INT);
$changed = PMF_Filter::filterInput(INPUT_POST, 'changed', FILTER_SANITIZE_STRING);
// Permissions
$user_permission = PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING);
$restricted_users = 'all' == $user_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT);
$group_permission = PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING);
$restricted_groups = 'all' == $group_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_groups', FILTER_VALIDATE_INT);
if (isset($submit['submit'][1]) && !is_null($question) && !is_null($categories['rubrik'])) {
// new entry
$logging = new PMF_Logging();
$logging->logAdmin($user, 'Beitragcreatesave');
printf("<h2>%s</h2>\n", $PMF_LANG['ad_entry_aor']);
$recordData = array('id' => null, 'lang' => $record_lang, 'active' => $active, 'sticky' => !is_null($sticky) ? 1 : 0, 'thema' => html_entity_decode($question), 'content' => html_entity_decode($content), 'keywords' => $keywords, 'author' => $author, 'email' => $email, 'comment' => !is_null($comment) ? 'y' : 'n', 'date' => date('YmdHis'), 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'linkState' => '', 'linkDateCheck' => 0);
// Add new record and get that ID
$faqRecord = new PMF_Faq_Record();
$faqChangelog = new PMF_Faq_Changelog();
if ($faqRecord->create($recordData)) {
$recordId = $faqRecord->getRecordId();
// Create ChangeLog entry
$changelogData = array('record_id' => $recordId, 'record_lang' => $recordData['lang'], 'revision_id' => 0, 'user_id' => $user->getUserId(), 'date' => $_SERVER['REQUEST_TIME'], 'changelog' => nl2br($changed));
$faqChangelog->create($changelogData);
// Create the visit entry
$visits = PMF_Visits::getInstance();
$visits->add($recordId, $recordData['lang']);
// Insert the new category relations
foreach ($categories['rubrik'] as $categoryId) {
$categoryData = array('category_id' => $categoryId, 'category_lang' => $categoryRelations->getLanguage(), 'record_id' => $record_id, 'record_lang' => $record_lang);
// delete category relations
$categoryRelations->delete($categoryId);
// save or update the category relations
$categoryRelations->create($categoryData);
// Add user permissions
$userPermission = array('category_id' => $categoryId, 'user_id' => $restricted_users);
$categoryUser->update($categoryId, $userPermission);
// Add group permission
$groupPermission = array('category_id' => $categoryId, 'group_id' => $restricted_groups);
$categoryGroup->update($category, $group_permission);
}
} elseif (isset($submit['submit'][0])) {
$faqRecord = new PMF_Faq_Record();
$logging = new PMF_Logging();
$logging->logAdmin($user, 'Deleted record ' . $record_id);
$path = PMF_ROOT_DIR . DIRECTORY_SEPARATOR . PMF_ATTACHMENTS_DIR . DIRECTORY_SEPARATOR . $record_id . '/';
if (@is_dir($path)) {
$do = dir($path);
while ($dat = $do->read()) {
if ($dat != "." && $dat != "..") {
unlink($path . $dat);
}
}
rmdir($path);
}
$faq->deleteRecord($record_id, $record_lang);
//$faqRecord->delete($record_id);
print $PMF_LANG['ad_entry_delsuc'];
}
$date = PMF_Filter::filterInput(INPUT_POST, 'date', FILTER_SANITIZE_STRING);
// Permissions
$permissions = array();
if ('all' === PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING)) {
$permissions += array('restricted_user' => array(-1));
} else {
$permissions += array('restricted_user' => array(PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT)));
}
if ('all' === PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING)) {
$permissions += array('restricted_groups' => array(-1));
} else {
$permissions += PMF_Filter::filterInputArray(INPUT_POST, array('restricted_groups' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY)));
}
if (!is_null($question) && !is_null($categories)) {
// Save entry
$logging = new PMF_Logging($faqConfig);
$logging->logAdmin($user, 'Beitragsave ' . $recordId);
printf('<header><h2><i class="icon-pencil"></i> %s</h2></header>', $PMF_LANG['ad_entry_aor']);
$tagging = new PMF_Tags($faqConfig);
if ('yes' == $revision) {
// Add current version into revision table
$faq->addNewRevision($recordId, $recordLang);
$revisionId++;
}
$recordData = array('id' => $recordId, 'lang' => $recordLang, 'revision_id' => $revisionId, 'active' => $active, 'sticky' => !is_null($sticky) ? 1 : 0, 'thema' => html_entity_decode($question), 'content' => html_entity_decode($content), 'keywords' => $keywords, 'author' => $author, 'email' => $email, 'comment' => !is_null($comment) ? 'y' : 'n', 'date' => empty($date) ? date('YmdHis') : str_replace(array('-', ':', ' '), '', $date), 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'linkState' => '', 'linkDateCheck' => 0);
// Create ChangeLog entry
$faq->createChangeEntry($recordId, $user->getUserId(), nl2br($changed), $recordLang, $revisionId);
// Create the visit entry
$visits = new PMF_Visits($faqConfig);
$visits->add($recordId);
// save or update the FAQ record
$faqSearchResult->reviewResultset($searchResult);
$searchHelper = new PMF_Helper_Search($faqConfig);
$searchHelper->setSearchterm($searchString);
echo $searchHelper->renderAdminSuggestionResult($faqSearchResult);
}
} else {
echo $PMF_LANG['err_NotAuth'];
}
break;
// delete FAQs
// delete FAQs
case 'delete_record':
if ($permission['delbt']) {
$recordId = PMF_Filter::filterInput(INPUT_POST, 'record_id', FILTER_VALIDATE_INT);
$recordLang = PMF_Filter::filterInput(INPUT_POST, 'record_lang', FILTER_SANITIZE_STRING);
$logging = new PMF_Logging($faqConfig);
$logging->logAdmin($user, 'Deleted FAQ ID ' . $recordId);
$faq->deleteRecord($recordId, $recordLang);
echo $PMF_LANG['ad_entry_delsuc'];
} else {
echo $PMF_LANG['err_NotAuth'];
}
break;
// delete open questions
// delete open questions
case 'delete_question':
if ($permission['delquestion']) {
$checks = array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY);
$questionIds = PMF_Filter::filterInputArray(INPUT_POST, array('questions' => $checks));
if (!is_null($questionIds['questions'])) {
foreach ($questionIds['questions'] as $questionId) {
