codes****@googl*****
codes****@googl*****
2009年 4月 6日 (月) 10:18:19 JST
Author: tacahi
Date: Sun Apr 5 18:10:31 2009
New Revision: 1426
Added:
externals/geeklog-1.5.2sr2/public_html/admin/
externals/geeklog-1.5.2sr2/public_html/admin/auth.inc.php
externals/geeklog-1.5.2sr2/public_html/admin/block.php
externals/geeklog-1.5.2sr2/public_html/admin/configuration.php
externals/geeklog-1.5.2sr2/public_html/admin/database.php
externals/geeklog-1.5.2sr2/public_html/admin/group.php
externals/geeklog-1.5.2sr2/public_html/admin/index.php
externals/geeklog-1.5.2sr2/public_html/admin/install/
externals/geeklog-1.5.2sr2/public_html/admin/install/config-install.php
externals/geeklog-1.5.2sr2/public_html/admin/install/configinfo.php
externals/geeklog-1.5.2sr2/public_html/admin/install/help.php
externals/geeklog-1.5.2sr2/public_html/admin/install/index.php
externals/geeklog-1.5.2sr2/public_html/admin/install/info.php
externals/geeklog-1.5.2sr2/public_html/admin/install/install.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/
externals/geeklog-1.5.2sr2/public_html/admin/install/language/chinese_simplified_utf-8.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/chinese_traditional_utf-8.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/english.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/german.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/hebrew_utf-8.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/japanese_utf-8.php
externals/geeklog-1.5.2sr2/public_html/admin/install/language/polish.php
externals/geeklog-1.5.2sr2/public_html/admin/install/layout/
externals/geeklog-1.5.2sr2/public_html/admin/install/layout/header-bg.png
(contents, props changed)
externals/geeklog-1.5.2sr2/public_html/admin/install/layout/logo.png
(contents, props changed)
externals/geeklog-1.5.2sr2/public_html/admin/install/layout/style.css
externals/geeklog-1.5.2sr2/public_html/admin/install/success.php
externals/geeklog-1.5.2sr2/public_html/admin/install/toinnodb.php
externals/geeklog-1.5.2sr2/public_html/admin/mail.php
externals/geeklog-1.5.2sr2/public_html/admin/moderation.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/
externals/geeklog-1.5.2sr2/public_html/admin/plugins.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/calendar/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/calendar/index.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/calendar/install.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/links/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/links/category.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/links/index.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/links/install.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/polls/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/polls/index.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/polls/install.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/spamx/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/spamx/images/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/spamx/images/spamx.png
(contents, props changed)
externals/geeklog-1.5.2sr2/public_html/admin/plugins/spamx/index.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/spamx/install.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/staticpages/
externals/geeklog-1.5.2sr2/public_html/admin/plugins/staticpages/index.php
externals/geeklog-1.5.2sr2/public_html/admin/plugins/staticpages/install.php
externals/geeklog-1.5.2sr2/public_html/admin/sectest.php
externals/geeklog-1.5.2sr2/public_html/admin/story.php
externals/geeklog-1.5.2sr2/public_html/admin/syndication.php
externals/geeklog-1.5.2sr2/public_html/admin/topic.php
externals/geeklog-1.5.2sr2/public_html/admin/trackback.php
externals/geeklog-1.5.2sr2/public_html/admin/user.php
Log:
Geeklog 1.5.2sr1を externals/geeklog-1.5.2sr2 に取り込みます。
Added: externals/geeklog-1.5.2sr2/public_html/admin/auth.inc.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/auth.inc.php Sun Apr 5
18:10:31 2009
@@ -0,0 +1,132 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
auth.inc.php |
+//
|
|
+// | Geeklog admin authentication
module |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2008 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Mark Limburg - mlimburg AT users DOT sourceforge DOT
net |
+// | Jason Whittenburg - jwhitten AT securitygeeks DOT
com |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: auth.inc.php,v 1.40 2008/09/21 08:37:09 dhaun Exp $
+
+// this file can't be used on its own
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'auth.inc.php') !== false) {
+ die('This file can not be used on its own.');
+}
+
+// MAIN
+COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
+if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
+ COM_displayMessageAndAbort($LANG04[112], '', 403, 'Access denied');
+}
+
+$uid = '';
+if (!empty($_POST['loginname']) && !empty($_POST['passwd'])) {
+ if ($_CONF['user_login_method']['standard']) {
+ $status = SEC_authenticate(COM_applyFilter($_POST['loginname']),
+ $_POST['passwd'], $uid);
+ } else {
+ $status = '';
+ }
+} else {
+ $status = '';
+}
+$display = '';
+
+if ($status == USER_ACCOUNT_ACTIVE) {
+ DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', $uid);
+ $_USER = SESS_getUserDataFromId($uid);
+ $sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'],
+ $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
+ SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'],
+ $_CONF['cookie_session'], $_CONF['cookie_path'],
+ $_CONF['cookiedomain'], $_CONF['cookiesecure']);
+ PLG_loginUser($_USER['uid']);
+
+ // Now that we handled session cookies, handle longterm cookie
+
+ if (!isset($_COOKIE[$_CONF['cookie_name']])) {
+
+ // Either their cookie expired or they are new
+
+ $cooktime = COM_getUserCookieTimeout();
+
+ if (!empty($cooktime)) {
+
+ // They want their cookie to persist for some amount of time
so set it now
+
+ setcookie($_CONF['cookie_name'], $_USER['uid'],
+ time() + $cooktime, $_CONF['cookie_path'],
+ $_CONF['cookiedomain'], $_CONF['cookiesecure']);
+ }
+ }
+ if
(!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit','OR'))
{
+ $display .=
COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
+ } else {
+ $display .= COM_refresh($_CONF['site_url'] . '/index.php');
+ }
+ echo $display;
+ exit;
+} else if
(!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit','OR')
&& (count(PLG_getAdminOptions()) == 0)) {
+ COM_updateSpeedlimit('login');
+
+ $display .= COM_siteHeader('menu');
+ $display .= COM_startBlock($LANG20[1]);
+
+ if (!$_CONF['user_login_method']['standard']) {
+ $display .= '<p>' . $LANG_LOGIN[2] . '</p>';
+ } else {
+
+ if (isset($_POST['warn'])) {
+ $display .= $LANG20[2]
+ . '<br' . XHTML . '><br' . XHTML . '>'
+ . COM_accessLog($LANG20[3] . ' ' .
$_POST['loginname']);
+ }
+
+ $display .= '<form action="' . $_SERVER['PHP_SELF'] . '"
method="post">'
+ .'<table cellspacing="0" cellpadding="0" border="0"
width="100%">'.LB
+ .'<tr><td align="right">'.$LANG20[4].' </td>'.LB
+ .'<td><input type="text" name="loginname" size="16"
maxlength="16"' . XHTML . '></td>'.LB
+ .'</tr>'.LB
+ .'<tr>'.LB
+ .'<td align="right">'.$LANG20[5].' </td>'.LB
+ .'<td><input type="password" name="passwd" size="16"
maxlength="16"' . XHTML . '></td>'
+ .'</tr>'.LB
+ .'<tr>'.LB
+ .'<td colspan="2" align="center"
class="warning">'.$LANG20[6].'<input type="hidden" name="warn" value="1"' .
XHTML . '>'
+ .'<br' . XHTML . '><input type="submit" name="mode"
value="'.$LANG20[7].'"' . XHTML . '></td>'.LB
+ .'</tr>'.LB
+ .'</table></form>';
+ }
+
+ $display .= COM_endBlock()
+ . COM_siteFooter();
+ echo $display;
+ exit;
+}
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/block.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/block.php Sun Apr 5
18:10:31 2009
@@ -0,0 +1,866 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
block.php |
+//
|
|
+// | Geeklog block
administration. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2008 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Mark Limburg - mlimburg AT users DOT sourceforge DOT
net |
+// | Jason Whittenburg - jwhitten AT securitygeeks DOT
com |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+// | Michael Jervis - mike AT fuckingbrit DOT
com |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: block.php,v 1.124 2008/06/07 12:41:44 dhaun Exp $
+
+require_once '../lib-common.php';
+require_once 'auth.inc.php';
+require_once $_CONF['path_system'] . 'lib-security.php';
+
+// Uncomment the line below if you need to debug the HTTP variables being
passed
+// to the script. This will sometimes cause errors but it will allow you
to see
+// the data being passed in a POST operation
+// echo COM_debug($_POST);
+
+if (!SEC_hasRights ('block.edit')) {
+ $display .= COM_siteHeader ('menu', $MESSAGE[30])
+ . COM_startBlock ($MESSAGE[30], '',
+ COM_getBlockTemplate ('_msg_block', 'header'))
+ . $MESSAGE[33]
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
+ . COM_siteFooter ();
+ COM_accessLog ("User {$_USER['username']} tried to illegally access
the block administration screen");
+ echo $display;
+ exit;
+}
+
+
+/**
+* Check for block topic access (need to handle 'all' and 'homeonly' as
+* special cases)
+*
+* @param string $tid ID for topic to check on
+* @return int returns 3 for read/edit 2 for read only 0 for
no access
+*
+*/
+function hasBlockTopicAccess ($tid)
+{
+ $access = 0;
+
+ if (($tid == 'all') || ($tid == 'homeonly')) {
+ $access = 3;
+ } else {
+ $access = SEC_hasTopicAccess ($tid);
+ }
+
+ return $access;
+}
+
+/**
+* Shows default block editor
+*
+* Default blocks are those blocks that Geeklog requires to function
+* properly. Because of their special role, they have restricted
+* edit properties so this form shows that.
+*
+* @param array $A Array of data to show on form
+* @param int $access Permissions this user has
+* @return string HTML for default block editor
+*
+*/
+function editdefaultblock ($A, $access)
+{
+ global $_CONF, $_TABLES, $_USER, $LANG21, $LANG_ACCESS, $LANG_ADMIN;
+
+ $retval = '';
+
+ $retval .= COM_startBlock ($LANG21[3], '',
+ COM_getBlockTemplate
('_admin_block', 'header'));
+
+ $block_templates = new Template($_CONF['path_layout'] . 'admin/block');
+ $block_templates->set_file('editor','defaultblockeditor.thtml');
+ $block_templates->set_var('xhtml', XHTML);
+ $block_templates->set_var('site_url', $_CONF['site_url']);
+ $block_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
+ $block_templates->set_var('layout_url', $_CONF['layout_url']);
+ $block_templates->set_var('block_id', $A['bid']);
+ // standard Admin strings
+ $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
+ $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
+ $block_templates->set_var('lang_blockhelpurl',
$LANG_ADMIN['help_url']);
+ $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
+ $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
+ $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
+ $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
+
+ $block_templates->set_var('block_title', stripslashes ($A['title']));
+ if ($A['is_enabled'] == 1) {
+ $block_templates->set_var('is_enabled', 'checked="checked"');
+ } else {
+ $block_templates->set_var('is_enabled', '');
+ }
+ $block_templates->set_var('block_help', $A['help']);
+ $block_templates->set_var('lang_includehttp', $LANG21[51]);
+ $block_templates->set_var('lang_explanation', $LANG21[52]);
+ $block_templates->set_var('block_name',$A['name']);
+ $block_templates->set_var('lang_blockname', $LANG21[48]);
+ $block_templates->set_var('lang_homeonly', $LANG21[43]);
+ if ($A['tid'] == 'all') {
+ $block_templates->set_var('all_selected', 'selected="selected"');
+ } else if ($A['tid'] == 'homeonly') {
+
$block_templates->set_var('homeonly_selected', 'selected="selected"');
+ }
+ $block_templates->set_var('topic_options',
+ COM_topicList ('tid,topic', $A['tid'], 1,
true));
+ $block_templates->set_var('lang_all', $LANG21[7]);
+ $block_templates->set_var('lang_side', $LANG21[39]);
+ $block_templates->set_var('lang_left', $LANG21[40]);
+ $block_templates->set_var('lang_right', $LANG21[41]);
+
+ if ($A['onleft'] == 1) {
+ $block_templates->set_var('left_selected', 'selected="selected"');
+ } else if ($A['onleft'] == 0) {
+ $block_templates->set_var('right_selected', 'selected="selected"');
+ }
+ $block_templates->set_var('lang_blockorder', $LANG21[9]);
+ $block_templates->set_var('block_order', $A['blockorder']);
+ $block_templates->set_var('lang_accessrights',
$LANG_ACCESS['accessrights']);
+ $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
+ $ownername = COM_getDisplayName ($A['owner_id']);
+ $block_templates->set_var('owner_username',
DB_getItem($_TABLES['users'],
+ 'username', "uid
= '{$A['owner_id']}'"));
+ $block_templates->set_var('owner_name', $ownername);
+ $block_templates->set_var('owner', $ownername);
+ $block_templates->set_var('owner_id', $A['owner_id']);
+
+ $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
+ $block_templates->set_var('group_dropdown',
+ SEC_getGroupDropdown ($A['group_id'],
$access));
+ $block_templates->set_var('group_name', DB_getItem ($_TABLES['groups'],
+ 'grp_name', "grp_id
= '{$A['group_id']}'"));
+ $block_templates->set_var('group_id', $A['group_id']);
+ $block_templates->set_var('lang_permissions',
$LANG_ACCESS['permissions']);
+ $block_templates->set_var('lang_perm_key',
$LANG_ACCESS['permissionskey']);
+ $block_templates->set_var('permissions_editor',
SEC_getPermissionsHTML($A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']));
+ $block_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
+ $block_templates->set_var('max_url_length', 255);
+ $block_templates->set_var('gltoken_name', CSRF_TOKEN);
+ $block_templates->set_var('gltoken', SEC_createToken());
+ $block_templates->parse('output','editor');
+ $retval .=
$block_templates->finish($block_templates->get_var('output'));
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_admin_block', 'footer'));
+
+ return $retval;
+}
+
+/**
+* Shows the block editor
+*
+* This will show a block edit form. If this is a Geeklog default block it
will
+* send it off to editdefaultblock.
+*
+* @param string $bid ID of block to edit
+* @return string HTML for block editor
+*
+*/
+function editblock ($bid = '')
+{
+ global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21,
$LANG_ACCESS,
+ $LANG_ADMIN, $MESSAGE;
+
+ $retval = '';
+
+ if (!empty($bid)) {
+ $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid
='$bid'";
+
+ $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid,
blockorder, cast(content as text) as content, rdfurl, ";
+ $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help,
owner_id,group_id, ";
+ $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon,
allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='$bid'";
+
+ $result = DB_query($sql);
+ $A = DB_fetchArray($result);
+ $access =
SEC_hasAccess($A['owner_id'],$A['group_id'],$A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']);
+ if ($access == 2 || $access == 0 || hasBlockTopicAccess
($A['tid']) < 3) {
+ $retval .= COM_startBlock ($LANG_ACCESS['accessdenied'], '',
+ COM_getBlockTemplate
('_msg_block', 'header'))
+ . $LANG21[45]
+ . COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+ COM_accessLog("User {$_USER['username']} tried to illegally
create or edit block $bid.");
+
+ return $retval;
+ }
+ if ($A['type'] == 'gldefault') {
+ $retval .= editdefaultblock($A,$access);
+ return $retval;
+ }
+ } else {
+ $A['bid'] = 0;
+ $A['is_enabled'] = 1;
+ $A['name'] = '';
+ $A['type'] = 'normal';
+ $A['title'] = '';
+ $A['tid'] = 'All';
+ $A['blockorder'] = 0;
+ $A['content'] = '';
+ $A['allow_autotags'] = 0;
+ $A['rdfurl'] = '';
+ $A['rdfupdated'] = '';
+ $A['rdflimit'] = 0;
+ $A['onleft'] = 0;
+ $A['phpblockfn'] = '';
+ $A['help'] = '';
+ $A['owner_id'] = $_USER['uid'];
+ if (isset ($_GROUPS['Block Admin'])) {
+ $A['group_id'] = $_GROUPS['Block Admin'];
+ } else {
+ $A['group_id'] = SEC_getFeatureGroup ('block.edit');
+ }
+ SEC_setDefaultPermissions ($A,
$_CONF['default_permissions_block']);
+ $access = 3;
+ }
+
+ $block_templates = new Template($_CONF['path_layout'] . 'admin/block');
+ $block_templates->set_file('editor','blockeditor.thtml');
+ $block_templates->set_var('site_url', $_CONF['site_url']);
+ $block_templates->set_var('xhtml', XHTML);
+ $block_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
+ $block_templates->set_var('layout_url', $_CONF['layout_url']);
+ $block_templates->set_var('start_block_editor', COM_startBlock
($LANG21[3],
+ '', COM_getBlockTemplate ('_admin_block', 'header')));
+
+ if (!empty($bid) && SEC_hasrights('block.delete')) {
+ $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete']
+ . '" name="mode"%s' . XHTML . '>';
+ $jsconfirm = ' onclick="return confirm(\'' .
$MESSAGE[76] . '\');"';
+ $block_templates->set_var ('delete_option',
+ sprintf ($delbutton, $jsconfirm));
+ $block_templates->set_var ('delete_option_no_confirmation',
+ sprintf ($delbutton, ''));
+ }
+
+ $block_templates->set_var('block_bid', $A['bid']);
+ // standard Admin strings
+ $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
+ $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
+ $block_templates->set_var('lang_blockhelpurl',
$LANG_ADMIN['help_url']);
+ $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
+ $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
+ $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
+ $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
+ $block_templates->set_var('lang_allowed_html', $LANG01[123]);
+
+ $block_templates->set_var('block_title', stripslashes ($A['title']));
+ $block_templates->set_var('lang_enabled', $LANG21[53]);
+ if ($A['is_enabled'] == 1) {
+ $block_templates->set_var('is_enabled', 'checked="checked"');
+ } else {
+ $block_templates->set_var('is_enabled', '');
+ }
+ $block_templates->set_var('block_help', $A['help']);
+ $block_templates->set_var('lang_includehttp', $LANG21[51]);
+ $block_templates->set_var('lang_explanation', $LANG21[52]);
+ $block_templates->set_var('block_name', $A['name']);
+ $block_templates->set_var('lang_blockname', $LANG21[48]);
+ $block_templates->set_var('lang_nospaces', $LANG21[49]);
+ $block_templates->set_var('lang_all', $LANG21[7]);
+ $block_templates->set_var('lang_homeonly', $LANG21[43]);
+ if ($A['tid'] == 'all') {
+ $block_templates->set_var('all_selected', 'selected="selected"');
+ } else if ($A['tid'] == 'homeonly') {
+
$block_templates->set_var('homeonly_selected', 'selected="selected"');
+ }
+ $block_templates->set_var('topic_options',
+ COM_topicList('tid,topic', $A['tid'], 1,
true));
+ $block_templates->set_var('lang_side', $LANG21[39]);
+ $block_templates->set_var('lang_left', $LANG21[40]);
+ $block_templates->set_var('lang_right', $LANG21[41]);
+ if ($A['onleft'] == 1) {
+ $block_templates->set_var('left_selected', 'selected="selected"');
+ } else if ($A['onleft'] == 0) {
+ $block_templates->set_var('right_selected', 'selected="selected"');
+ }
+ $block_templates->set_var('lang_blockorder', $LANG21[9]);
+ $block_templates->set_var('block_order', $A['blockorder']);
+ $block_templates->set_var('lang_normalblock', $LANG21[12]);
+ $block_templates->set_var('lang_phpblock', $LANG21[27]);
+ $block_templates->set_var('lang_portalblock', $LANG21[11]);
+ if ($A['type'] == 'normal') {
+
$block_templates->set_var('normal_selected', 'selected="selected"');
+ } else if ($A['type'] == 'phpblock') {
+ $block_templates->set_var('php_selected', 'selected="selected"');
+ } else if ($A['type'] == 'portal') {
+
$block_templates->set_var('portal_selected', 'selected="selected"');
+ }
+ $block_templates->set_var('lang_accessrights',
$LANG_ACCESS['accessrights']);
+ $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
+ $ownername = COM_getDisplayName ($A['owner_id']);
+ $block_templates->set_var('owner_username',
DB_getItem($_TABLES['users'],
+ 'username', "uid
= '{$A['owner_id']}'"));
+ $block_templates->set_var('owner_name', $ownername);
+ $block_templates->set_var('owner', $ownername);
+ $block_templates->set_var('owner_id', $A['owner_id']);
+
+ $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
+ $block_templates->set_var('group_dropdown',
+ SEC_getGroupDropdown ($A['group_id'],
$access));
+ $block_templates->set_var('lang_permissions',
$LANG_ACCESS['permissions']);
+ $block_templates->set_var('lang_perm_key',
$LANG_ACCESS['permissionskey']);
+ $block_templates->set_var('permissions_editor',
SEC_getPermissionsHTML($A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']));
+ $block_templates->set_var('lang_permissions_msg',
$LANG_ACCESS['permmsg']);
+ $block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
+ $block_templates->set_var('lang_blockfunction', $LANG21[29]);
+ $block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
+ $block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
+ $block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
+ $block_templates->set_var('lang_rdfurl', $LANG21[14]);
+ $block_templates->set_var('max_url_length', 255);
+ $block_templates->set_var('block_rdfurl', $A['rdfurl']);
+ $block_templates->set_var('lang_rdflimit', $LANG21[62]);
+ $block_templates->set_var('block_rdflimit', $A['rdflimit']);
+ $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
+ if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
+ $block_templates->set_var ('block_rdfupdated', '');
+ } else {
+ $block_templates->set_var ('block_rdfupdated', $A['rdfupdated']);
+ }
+ $block_templates->set_var ('lang_normalblockoptions', $LANG21[16]);
+ $block_templates->set_var ('lang_blockcontent', $LANG21[17]);
+ $block_templates->set_var ('lang_autotags', $LANG21[66]);
+ $block_templates->set_var ('lang_use_autotags', $LANG21[67]);
+ $block_templates->set_var ('block_content',
+ htmlspecialchars (stripslashes
($A['content'])));
+ if ($A['allow_autotags'] == 1) {
+ $block_templates->set_var ('allow_autotags', 'checked="checked"');
+ } else {
+ $block_templates->set_var ('allow_autotags', '');
+ }
+ $block_templates->set_var('gltoken_name', CSRF_TOKEN);
+ $block_templates->set_var('gltoken', SEC_createToken());
+ $block_templates->set_var ('end_block',
+ COM_endBlock (COM_getBlockTemplate
('_admin_block', 'footer')));
+ $block_templates->parse('output', 'editor');
+ $retval .=
$block_templates->finish($block_templates->get_var('output'));
+
+ return $retval;
+}
+
+function listblocks()
+{
+ global $_CONF, $_TABLES, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE;
+
+ require_once $_CONF['path_system'] . 'lib-admin.php';
+
+ $retval = '';
+ $token = SEC_createToken();
+
+ // writing the menu on top
+ $menu_arr = array (
+ array('url' => $_CONF['site_admin_url'] . '/block.php?mode=edit',
+ 'text' => $LANG_ADMIN['create_new']),
+ array('url' => $_CONF['site_admin_url'],
+ 'text' => $LANG_ADMIN['admin_home'])
+ );
+
+ $retval .= COM_startBlock($LANG21[19], '',
+
COM_getBlockTemplate('_admin_block', 'header'));
+ $retval .= ADMIN_createMenu(
+ $menu_arr,
+ $LANG21[25],
+ $_CONF['layout_url'] . '/images/icons/block.'. $_IMAGE_TYPE
+ );
+
+ reorderblocks();
+
+ // writing the list
+ $header_arr = array( # display 'text' and use table field 'field'
+ array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' =>
false),
+ array('text' => $LANG21[65], 'field' => 'blockorder', 'sort' =>
true),
+ array('text' => $LANG21[46], 'field' => 'move', 'sort' => false),
+ array('text' => $LANG_ADMIN['title'], 'field' => 'title', 'sort'
=> true),
+ array('text' => $LANG_ADMIN['type'], 'field' => 'type', 'sort' =>
true),
+ array('text' => $LANG_ADMIN['topic'], 'field' => 'tid', 'sort' =>
true),
+ array('text' => $LANG_ADMIN['enabled'], 'field'
=> 'is_enabled', 'sort' => true)
+ );
+
+ $defsort_arr = array('field' => 'blockorder', 'direction' => 'asc');
+
+ $text_arr = array(
+ 'has_extras' => true,
+ 'form_url' => $_CONF['site_admin_url'] . '/block.php'
+ );
+
+ $query_arr = array(
+ 'table' => 'blocks',
+ 'sql' => "SELECT * FROM {$_TABLES['blocks']} WHERE onleft = 1",
+ 'query_fields' => array('title', 'content'),
+ 'default_filter' => COM_getPermSql ('AND')
+ );
+
+ // this is a dummy variable so we know the form has been used if all
blocks
+ // should be disabled on one side in order to disable the last one.
+ // The value is the onleft var
+ $form_arr = array('bottom' => '<input type="hidden"
name="blockenabler" value="1"' . XHTML . '>');
+
+ $retval .= ADMIN_list(
+ 'blocks', 'ADMIN_getListField_blocks', $header_arr, $text_arr,
+ $query_arr, $defsort_arr, '', $token, '', $form_arr
+ );
+
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
+
+ $query_arr = array(
+ 'table' => 'blocks',
+ 'sql' => "SELECT * FROM {$_TABLES['blocks']} WHERE onleft = 0",
+ 'query_fields' => array('title', 'content'),
+ 'default_filter' => COM_getPermSql ('AND')
+ );
+
+ $text_arr = array(
+ 'has_extras' => true,
+ 'title' => "$LANG21[19] ($LANG21[41])",
+ 'form_url' => $_CONF['site_admin_url'] . '/block.php'
+ );
+
+ // this is a dummy-variable so we know the form has been used if all
blocks should be disabled
+ // on one side in order to disable the last one. The value is the
onleft var
+ $form_arr = array('bottom' => '<input type="hidden"
name="blockenabler" value="0"' . XHTML . '>');
+
+ $retval .= ADMIN_list (
+ 'blocks', 'ADMIN_getListField_blocks', $header_arr, $text_arr,
+ $query_arr, $defsort_arr, '', $token, '', $form_arr
+ );
+
+ return $retval;
+}
+
+/**
+* Saves a block
+*
+* @param string $bid Block ID
+* @param string $title Block title
+* @param string $type Type of block
+* @param int $blockorder Order block appears relative to the
others
+* @param string $content Content of block
+* @param string $tid Topic block should appear in
+* @param string $rdfurl URL to headline feed for portal blocks
+* @param string $rdfupdated Date RSS/RDF feed was last updated
+* @param string $rdflimit max. number of entries to import from
feed
+* @param string $phpblockfn Name of php function to call to get
content
+* @param int $onleft Flag indicates if block shows up on
left or right
+* @param int $owner_id ID of owner
+* @param int $group_id ID of group block belongs to
+* @param array $perm_owner Permissions the owner has on the object
+* @param array $perm_group Permissions the group has on the object
+* @param array $perm_members Permissions the logged in members have
+* @param array $perm_anon Permissinos anonymous users have
+* @param int $is_enabled Flag, indicates if block is enabled or
not
+* @return string HTML redirect or error message
+*
+*/
+function saveblock ($bid, $name, $title, $help, $type, $blockorder,
$content, $tid, $rdfurl, $rdfupdated, $rdflimit, $phpblockfn, $onleft,
$owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon,
$is_enabled, $allow_autotags)
+{
+ global $_CONF, $_TABLES, $LANG01, $LANG21, $MESSAGE;
+
+ $retval = '';
+
+ $title = addslashes (COM_stripslashes (strip_tags ($title)));
+ $phpblockfn = addslashes (COM_stripslashes (trim ($phpblockfn)));
+ if (empty($title)) {
+ $retval .= COM_siteHeader ('menu', $LANG21[63])
+ . COM_startBlock ($LANG21[63], '',
+ COM_getBlockTemplate ('_msg_block', 'header'))
+ . $LANG21[64]
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block',
+ 'footer'))
+ . editblock ($bid)
+ . COM_siteFooter ();
+ return $retval;
+ }
+
+ // Convert array values to numeric permission values
+ list($perm_owner,$perm_group,$perm_members,$perm_anon) =
SEC_getPermissionValues($perm_owner,$perm_group,$perm_members,$perm_anon);
+
+ $access = 0;
+ if (($bid > 0) && DB_count ($_TABLES['blocks'], 'bid', $bid) > 0) {
+ $result = DB_query ("SELECT
owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM
{$_TABLES['blocks']} WHERE bid = '{$bid}'");
+ $A = DB_fetchArray ($result);
+ $access = SEC_hasAccess ($A['owner_id'], $A['group_id'],
+ $A['perm_owner'], $A['perm_group'], $A['perm_members'],
+ $A['perm_anon']);
+ } else {
+ $access = SEC_hasAccess ($owner_id, $group_id, $perm_owner,
$perm_group,
+ $perm_members, $perm_anon);
+ }
+ if (($access < 3) || !hasBlockTopicAccess ($tid) || !SEC_inGroup
($group_id)) {
+ $retval .= COM_siteHeader('menu', $MESSAGE[30]);
+ $retval .= COM_startBlock ($MESSAGE[30], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ $retval .= $MESSAGE[33];
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+ $retval .= COM_siteFooter();
+ COM_accessLog("User {$_USER['username']} tried to illegally create
or edit block $bid.");
+
+ return $retval;
+ } elseif (($type == 'normal' && !empty($title) && !empty($content)) OR
($type == 'portal' && !empty($title) && !empty($rdfurl)) OR ($type
== 'gldefault' && (strlen($blockorder)>0)) OR ($type == 'phpblock'
&& !empty($phpblockfn) && !empty($title))) {
+ if ($is_enabled == 'on') {
+ $is_enabled = 1;
+ } else {
+ $is_enabled = 0;
+ }
+ if ($allow_autotags == 'on') {
+ $allow_autotags = 1;
+ } else {
+ $allow_autotags = 0;
+ }
+
+ if ($type == 'portal') {
+ $content = '';
+ $rdfupdated = '';
+ $phpblockfn = '';
+
+ // get rid of possible extra prefixes
(e.g. "feed://http://...")
+ if (substr ($rdfurl, 0, 4) == 'rss:') {
+ $rdfurl = substr ($rdfurl, 4);
+ } else if (substr ($rdfurl, 0, 5) == 'feed:') {
+ $rdfurl = substr ($rdfurl, 5);
+ }
+ if (substr ($rdfurl, 0, 2) == '//') {
+ $rdfurl = substr ($rdfurl, 2);
+ }
+ $rdfurl = COM_sanitizeUrl ($rdfurl, array ('http', 'https'));
+ }
+ if ($type == 'gldefault') {
+ if ($name != 'older_stories') {
+ $content = '';
+ }
+ $rdfurl = '';
+ $rdfupdated = '';
+ $rdflimit = 0;
+ $phpblockfn = '';
+ }
+ if ($type == 'phpblock') {
+
+ // NOTE: PHP Blocks must be within a function and the function
+ // must start with phpblock_ as the prefix. This will prevent
+ // the arbitrary execution of code
+ if (!(stristr($phpblockfn,'phpblock_'))) {
+ $retval .= COM_siteHeader ('menu', $LANG21[37])
+ . COM_startBlock ($LANG21[37], '',
+ COM_getBlockTemplate
('_msg_block', 'header'))
+ . $LANG21[38]
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block',
+ 'footer'))
+ . editblock ($bid)
+ . COM_siteFooter ();
+ return $retval;
+ }
+ $content = '';
+ $rdfurl = '';
+ $rdfupdated = '';
+ $rdflimit = 0;
+ }
+ if ($type == 'normal') {
+ $rdfurl = '';
+ $rdfupdated = '';
+ $rdflimit = 0;
+ $phpblockfn = '';
+ $content = addslashes ($content);
+ }
+ if ($rdflimit < 0) {
+ $rdflimit = 0;
+ }
+ if (!empty ($rdfurl)) {
+ $rdfurl = addslashes ($rdfurl);
+ }
+ if (empty ($rdfupdated)) {
+ $rdfupdated = '0000-00-00 00:00:00';
+ }
+
+ if ($bid > 0) {
+
DB_save($_TABLES['blocks'],'bid,name,title,help,type,blockorder,content,tid,rdfurl,rdfupdated,rdflimit,phpblockfn,onleft,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon,is_enabled,allow_autotags,rdf_last_modified,rdf_etag',"$bid,'$name','$title','$help','$type','$blockorder','$content','$tid','$rdfurl','$rdfupdated','$rdflimit','$phpblockfn',$onleft,$owner_id,$group_id,$perm_owner,$perm_group,$perm_members,$perm_anon,$is_enabled,$allow_autotags,NULL,NULL");
+ } else {
+ $sql = "INSERT INTO {$_TABLES['blocks']} "
+ .'(name,title,help,type,blockorder,content,tid,rdfurl,rdfupdated,rdflimit,phpblockfn,onleft,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon,is_enabled,allow_autotags) '
+ ."VALUES
('$name','$title','$help','$type','$blockorder','$content','$tid','$rdfurl','$rdfupdated','$rdflimit','$phpblockfn',$onleft,$owner_id,$group_id,$perm_owner,$perm_group,$perm_members,$perm_anon,$is_enabled,$allow_autotags)";
+ DB_query($sql);
+ $bid = DB_insertId();
+ }
+
+ if (($type == 'gldefault') && ($name == 'older_stories')) {
+ COM_olderStuff ();
+ }
+
+ return COM_refresh
($_CONF['site_admin_url'] . '/block.php?msg=11');
+ } else {
+ $retval .= COM_siteHeader ('menu', $LANG21[32])
+ . COM_startBlock ($LANG21[32], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ if ($type == 'portal') {
+ // Portal block is missing fields
+ $retval .= $LANG21[33];
+ } else if ($type == 'phpblock') {
+ // PHP Block is missing field
+ $retval .= $LANG21[34];
+ } else if ($type == 'normal') {
+ // Normal block is missing field
+ $retval .= $LANG21[35];
+ } else if ($type == 'gldefault') {
+ // Default geeklog field missing
+ $retval .= $LANG21[42];
+ } else {
+ // Layout block missing content
+ $retval .= $LANG21[36];
+ }
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'))
+ . editblock ($bid)
+ . COM_siteFooter ();
+ }
+
+ return $retval;
+}
+/**
+*
+* Re-orders all blocks in steps of 10
+*
+*/
+function reorderblocks()
+{
+ global $_TABLES;
+ $sql = "SELECT * FROM {$_TABLES['blocks']} ORDER BY onleft asc,
blockorder asc;";
+ $result = DB_query($sql);
+ $nrows = DB_numRows($result);
+
+ $lastside = 0;
+ $blockOrd = 10;
+ $stepNumber = 10;
+
+ for ($i = 0; $i < $nrows; $i++) {
+ $A = DB_fetchArray($result);
+
+ if ($lastside != $A['onleft']) { // we are switching left/right
blocks
+ $blockOrd = 10; // so start with 10 again
+ }
+ if ($A['blockorder'] != $blockOrd) { // only update incorrect ones
+ $q = "UPDATE " . $_TABLES['blocks'] . " SET blockorder = '" .
+ $blockOrd . "' WHERE bid = '" . $A['bid'] ."'";
+ DB_query($q);
+ }
+ $blockOrd += $stepNumber;
+ $lastside = $A['onleft']; // save variable for next round
+ }
+}
+
+
+/**
+* Move blocks UP, Down and Switch Sides - Left and Right
+*
+*/
+function moveBlock()
+{
+ global $_CONF, $_TABLES, $LANG21;
+
+ $retval = '';
+
+ $bid = COM_applyFilter($_GET['bid']);
+ $where = COM_applyFilter($_GET['where']);
+
+ // if the block id exists
+ if (DB_count($_TABLES['blocks'], "bid", $bid) == 1) {
+
+ switch ($where) {
+
+ case ("up"): $q = "UPDATE " . $_TABLES['blocks'] . " SET
blockorder = blockorder-11 WHERE bid = '" . $bid . "'";
+ DB_query($q);
+ break;
+
+ case ("dn"): $q = "UPDATE " . $_TABLES['blocks'] . " SET
blockorder = blockorder+11 WHERE bid = '" . $bid . "'";
+ DB_query($q);
+ break;
+
+ case ("0"): $q = "UPDATE " . $_TABLES['blocks'] . " SET
onleft = '1', blockorder = blockorder-1 WHERE bid = '" . $bid ."'";
+ DB_query($q);
+ break;
+
+ case ("1"): $q = "UPDATE " . $_TABLES['blocks'] . " SET
onleft = '0',blockorder = blockorder-1 WHERE bid = '" . $bid ."'";
+ DB_query($q);
+ break;
+ }
+
+ } else {
+ COM_errorLOG("block admin error: Attempt to move an non existing
block id: $bid");
+ }
+ echo COM_refresh($_CONF['site_admin_url'] . "/block.php");
+ exit;
+ return $retval;
+}
+
+
+/**
+* Enable and Disable block
+*/
+function changeBlockStatus($side, $bid_arr)
+{
+ global $_CONF, $_TABLES;
+
+ // first, disable all on the requested side
+ $side = COM_applyFilter($side, true);
+ $sql = "UPDATE {$_TABLES['blocks']} SET is_enabled = '0' WHERE
onleft='$side';";
+ DB_query($sql);
+ if (isset($bid_arr)) {
+ foreach ($bid_arr as $bid => $side) {
+ $bid = COM_applyFilter($bid, true);
+ // the enable those in the array
+ $sql = "UPDATE {$_TABLES['blocks']} SET is_enabled = '1' WHERE
bid='$bid' AND onleft='$side'";
+ DB_query($sql);
+ }
+ }
+ return;
+}
+
+/**
+* Delete a block
+*
+* @param string $bid id of block to delete
+* @return string HTML redirect or error message
+*
+*/
+function deleteBlock ($bid)
+{
+ global $_CONF, $_TABLES, $_USER;
+
+ $result = DB_query ("SELECT
tid,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM
{$_TABLES['blocks']} WHERE bid ='$bid'");
+ $A = DB_fetchArray($result);
+ $access = SEC_hasAccess ($A['owner_id'], $A['group_id'],
$A['perm_owner'],
+ $A['perm_group'], $A['perm_members'], $A['perm_anon']);
+ if (($access < 3) || (hasBlockTopicAccess ($A['tid']) < 3)) {
+ COM_accessLog ("User {$_USER['username']} tried to illegally
delete block $bid.");
+ return COM_refresh ($_CONF['site_admin_url'] . '/block.php');
+ }
+
+ DB_delete ($_TABLES['blocks'], 'bid', $bid);
+
+ return COM_refresh ($_CONF['site_admin_url'] . '/block.php?msg=12');
+}
+
+// MAIN
+$mode = '';
+if (!empty($_REQUEST['mode'])) {
+ $mode = $_REQUEST['mode'];
+}
+
+$bid = '';
+if (!empty($_REQUEST['bid'])) {
+ $bid = COM_applyFilter ($_REQUEST['bid']);
+}
+
+if (isset($_POST['blockenabler']) && SEC_checkToken()) {
+ $enabledblocks = array();
+ if (isset($_POST['enabledblocks'])) {
+ $enabledblocks = $_POST['enabledblocks'];
+ }
+ changeBlockStatus($_POST['blockenabler'], $enabledblocks);
+}
+
+if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) {
+ if (!isset ($bid) || empty ($bid) || ($bid == 0)) {
+ COM_errorLog ('Attempted to delete block, bid empty or null, value
=' . $bid);
+ $display .= COM_refresh ($_CONF['site_admin_url'] . '/block.php');
+ } elseif (SEC_checkToken()) {
+ $display .= deleteBlock ($bid);
+ } else {
+ COM_accessLog("User {$_USER['username']} tried to illegally delete
block $bid and failed CSRF checks.");
+ echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
+ }
+} elseif (($mode == $LANG_ADMIN['save']) && !empty($LANG_ADMIN['save']) &&
SEC_checkToken()) {
+ $help = '';
+ if (isset ($_POST['help'])) {
+ $help = COM_sanitizeUrl ($_POST['help'], array ('http', 'https'));
+ }
+ $content = '';
+ if (isset ($_POST['content'])) {
+ $content = $_POST['content'];
+ }
+ $rdfurl = '';
+ if (isset ($_POST['rdfurl'])) {
+ $rdfurl = $_POST['rdfurl']; // to be sanitized later
+ }
+ $rdfupdated = '';
+ if (isset ($_POST['rdfupdated'])) {
+ $rdfupdated = $_POST['rdfupdated'];
+ }
+ $rdflimit = 0;
+ if (isset ($_POST['rdflimit'])) {
+ $rdflimit = COM_applyFilter ($_POST['rdflimit'], true);
+ }
+ $phpblockfn = '';
+ if (isset ($_POST['phpblockfn'])) {
+ $phpblockfn = $_POST['phpblockfn'];
+ }
+ $is_enabled = '';
+ if (isset ($_POST['is_enabled'])) {
+ $is_enabled = $_POST['is_enabled'];
+ }
+ $allow_autotags = '';
+ if (isset ($_POST['allow_autotags'])) {
+ $allow_autotags = $_POST['allow_autotags'];
+ }
+ $display .= saveblock ($bid, $_POST['name'], $_POST['title'],
+ $help, $_POST['type'], $_POST['blockorder'], $content,
+ COM_applyFilter ($_POST['tid']), $rdfurl, $rdfupdated,
+ $rdflimit, $phpblockfn, $_POST['onleft'],
+ COM_applyFilter ($_POST['owner_id'], true),
+ COM_applyFilter ($_POST['group_id'], true),
+ $_POST['perm_owner'], $_POST['perm_group'],
+ $_POST['perm_members'], $_POST['perm_anon'],
+ $is_enabled, $allow_autotags);
+} else if ($mode == 'edit') {
+ $display .= COM_siteHeader ('menu', $LANG21[3])
+ . editblock ($bid)
+ . COM_siteFooter ();
+} else if ($mode == 'move') {
+ $display .= COM_siteHeader('menu', $LANG21[19]);
+ if(SEC_checkToken()) {
+ $display .= moveBlock();
+ }
+ $display .= listblocks();
+ $display .= COM_siteFooter();
+} else { // 'cancel' or no mode at all
+ $display .= COM_siteHeader ('menu', $LANG21[19]);
+ $msg = 0;
+ if (isset ($_POST['msg'])) {
+ $msg = COM_applyFilter ($_POST['msg'], true);
+ } else if (isset ($_GET['msg'])) {
+ $msg = COM_applyFilter ($_GET['msg'], true);
+ }
+ if ($msg > 0) {
+ $display .= COM_showMessage ($msg);
+ }
+ $display .= listblocks();
+
+ $display .= COM_siteFooter();
+}
+
+echo $display;
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/configuration.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/configuration.php Sun Apr
5 18:10:31 2009
@@ -0,0 +1,114 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
configuration.php |
+//
|
|
+// | Loads the administration UI and sends input to
config.class |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2007-2008 by the following
authors: |
+//
|
|
+// | Authors: Aaron Blankstein - kantai AT gmail DOT
com |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: configuration.php,v 1.13 2008/05/03 15:09:13 mjervis Exp $
+
+require_once '../lib-common.php';
+require_once 'auth.inc.php';
+
+$conf_group = array_key_exists('conf_group', $_POST) ?
$_POST['conf_group'] : 'Core';
+
+$config =& config::get_instance();
+
+/**
+* Helper function: Provide language dropdown
+*
+* @return Array Array of (filename, displayname) pairs
+*
+* @note Note that key/value are being swapped!
+*
+*/
+function configmanager_select_language_helper()
+{
+ global $_CONF;
+
+ return array_flip(MBYTE_languageList($_CONF['default_charset']));
+}
+
+/**
+* Helper function: Provide themes dropdown
+*
+* @return Array Array of (filename, displayname) pairs
+*
+* @note Beautifying code duplicated from usersettings.php
+*
+*/
+function configmanager_select_theme_helper()
+{
+ $themes = array();
+
+ $themeFiles = COM_getThemes(true);
+ usort($themeFiles,
+ create_function('$a,$b', 'return strcasecmp($a,$b);'));
+
+ foreach ($themeFiles as $theme) {
+ $words = explode ('_', $theme);
+ $bwords = array ();
+ foreach ($words as $th) {
+ if ((strtolower ($th{0}) == $th{0}) &&
+ (strtolower ($th{1}) == $th{1})) {
+ $bwords[] = strtoupper ($th{0}) . substr ($th, 1);
+ } else {
+ $bwords[] = $th;
+ }
+ }
+
+ $themes[implode(' ', $bwords)] = $theme;
+ }
+
+ return $themes;
+}
+
+$tokenstate = SEC_checkToken();
+
+// MAIN
+if (array_key_exists('set_action', $_POST) && $tokenstate){
+ if (SEC_inGroup('Root')) {
+ if ($_POST['set_action'] == 'restore') {
+ $config->restore_param($_POST['name'], $conf_group);
+ } elseif ($_POST['set_action'] == 'unset') {
+ $config->unset_param($_POST['name'], $conf_group);
+ }
+ }
+}
+
+if (array_key_exists('form_submit', $_POST) && $tokenstate) {
+ $result = null;
+ if (! array_key_exists('form_reset', $_POST)) {
+ $result = $config->updateConfig($_POST, $conf_group);
+ }
+ echo $config->get_ui($conf_group, $_POST['sub_group'], $result);
+} else {
+ echo $config->get_ui($conf_group, array_key_exists('subgroup',
$_POST) ?
+ $_POST['subgroup'] : null);
+}
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/database.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/database.php Sun Apr 5
18:10:31 2009
@@ -0,0 +1,324 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
database.php |
+//
|
|
+// | Geeklog database backup administration
page. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2008 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Blaine Lang - langmail AT sympatico DOT
ca |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+// | Alexander Schmacks - Alexander.Schmacks AT gmx DOT
de |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: database.php,v 1.51 2008/08/30 06:50:22 mjervis Exp $
+
+require_once '../lib-common.php';
+require_once 'auth.inc.php';
+require_once $_CONF['path_system'] . 'lib-security.php';
+
+/**
+* This page allows all Root admins to create a database backup. This will
not
+* allow the removal of past backups. It's pretty simple actually. The
admin
+* clicks a button, we do a mysqldump to a file in the following format:
+* geeklog_db_backup_YYYY_MM_DD.sql That's it.
+*/
+
+/**
+* Sort backup files with newest first, oldest last.
+* For use with usort() function.
+* This is needed because the sort order of the backup files, coming from
the
+* 'readdir' function, might not be that way.
+*/
+function compareBackupFiles($pFileA, $pFileB)
+{
+ global $_CONF;
+
+ $lFiletimeA = filemtime($_CONF['backup_path'] . $pFileA);
+ $lFiletimeB = filemtime($_CONF['backup_path'] . $pFileB);
+ if ($lFiletimeA == $lFiletimeB) {
+ return 0;
+ }
+
+ return ($lFiletimeA > $lFiletimeB) ? -1 : 1;
+}
+
+/**
+* List all backups, i.e. all files ending in .sql
+*
+* @return string HTML for the list of files or an error when not
writable
+*
+*/
+function listbackups()
+{
+ global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN,
$LANG_DB_BACKUP;
+
+ require_once $_CONF['path_system'] . 'lib-admin.php';
+
+ $retval = '';
+
+ if (is_writable($_CONF['backup_path'])) {
+ $backups = array();
+ $fd = opendir($_CONF['backup_path']);
+ $index = 0;
+ while ((false !== ($file = @readdir($fd)))) {
+ if ($file <> '.' && $file <> '..' && $file <> 'CVS' &&
+ preg_match('/\.sql$/i', $file)) {
+ $index++;
+ clearstatcache();
+ $backups[] = $file;
+ }
+ }
+
+ // AS, 2004-03-29 - Sort backup files by date, newest first.
+ // Order given by 'readdir' might not be correct.
+ usort($backups, 'compareBackupFiles');
+
+ $data_arr = array();
+ $thisUrl = $_CONF['site_admin_url'] . '/database.php';
+ $num_backups = count($backups);
+ for ($i = 0; $i < $num_backups; $i++) {
+ $downloadUrl = $thisUrl . '?mode=download&file='
+ . urlencode($backups[$i]);
+ $downloadLink = COM_createLink($backups[$i], $downloadUrl,
+ array('title' => $LANG_DB_BACKUP['download']));
+ $backupfile = $_CONF['backup_path'] . $backups[$i];
+ $backupfilesize = COM_numberFormat(filesize($backupfile))
+ . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
+ $data_arr[$i] = array('file' => $downloadLink,
+ 'size' => $backupfilesize,
+ 'filename' => $backups[$i]);
+ }
+
+ $token = SEC_createToken();
+ $menu_arr = array(
+ array('url' => $_CONF['site_admin_url']
+ . '/database.php?mode=backup&'.CSRF_TOKEN.'='.$token,
+ 'text' => $LANG_ADMIN['create_new']),
+ array('url' => $_CONF['site_admin_url'],
+ 'text' => $LANG_ADMIN['admin_home'])
+ );
+ $retval .= COM_startBlock($LANG_DB_BACKUP['last_ten_backups'], '',
+
COM_getBlockTemplate('_admin_block', 'header'));
+ $retval .= ADMIN_createMenu(
+ $menu_arr,
+ "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" .
+ '<p>' . sprintf($LANG_DB_BACKUP['total_number'],
$index) . '</p>',
+ $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE
+ );
+
+ $header_arr = array( // display 'text' and use table
field 'field'
+ array('text' => $LANG_DB_BACKUP['backup_file'], 'field'
=> 'file'),
+ array('text' => $LANG_DB_BACKUP['size'], 'field'
=> 'size')
+ );
+
+ $text_arr = array(
+ 'form_url' => $thisUrl
+ );
+ $form_arr = array('bottom' => '', 'top' => '');
+ if ($num_backups > 0) {
+ $form_arr['bottom'] = '<input type="hidden" name="mode"
value="delete"' . XHTML . '>'
+ . '<input type="hidden" name="' .
CSRF_TOKEN
+ . '" value="' . $token . '"' .
XHTML . '>' . LB;
+ }
+ $listoptions = array('chkdelete' => true, 'chkminimum' => 0,
+ 'chkfield' => 'filename');
+ $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr,
+ $listoptions, $form_arr);
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
+ } else {
+ $retval .= COM_startBlock($LANG08[06], '',
+ COM_getBlockTemplate('_msg_block', 'header'));
+ $retval .= $LANG_DB_BACKUP['no_access'];
+ COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
+ }
+
+ return $retval;
+}
+
+/**
+* Perform database backup
+*
+* @return string HTML success or error message
+*
+*/
+function dobackup()
+{
+ global $_CONF, $LANG08, $LANG_DB_BACKUP, $MESSAGE, $_IMAGE_TYPE,
+ $_DB_host, $_DB_name, $_DB_user, $_DB_pass, $_DB_mysqldump_path;
+
+ $retval = '';
+
+ if (is_dir($_CONF['backup_path'])) {
+ $curdatetime = date('Y_m_d_H_i_s');
+ $backupfile
= "{$_CONF['backup_path']}geeklog_db_backup_{$curdatetime}.sql";
+ $command = $_DB_mysqldump_path . " -h$_DB_host -u$_DB_user";
+ if (!empty($_DB_pass)) {
+ $command .= " -p$_DB_pass";
+ }
+ if (!empty($_CONF['mysqldump_options'])) {
+ $command .= ' ' . $_CONF['mysqldump_options'];
+ }
+ $command .= " $_DB_name > \"$backupfile\"";
+
+ $log_command = $command;
+ if (!empty($_DB_pass)) {
+ $log_command = str_replace(" -p$_DB_pass", ' -p*****',
$command);
+ }
+
+ if (function_exists('is_executable')) {
+ $canExec = @is_executable($_DB_mysqldump_path);
+ } else {
+ $canExec = @file_exists($_DB_mysqldump_path);
+ }
+ if ($canExec) {
+ exec($command);
+ if (file_exists($backupfile) && filesize($backupfile) > 1000) {
+ @chmod($backupfile, 0644);
+ $retval .= COM_showMessage(93);
+ } else {
+ $retval .= COM_showMessage(94);
+ COM_errorLog('Backup Filesize was less than 1kb', 1);
+ COM_errorLog("Command used for mysqldump: $log_command",
1);
+ }
+ } else {
+ $retval .= COM_startBlock($LANG08[06], '',
+
COM_getBlockTemplate('_msg_block', 'header'));
+ $retval .= $LANG_DB_BACKUP['not_found'];
+ $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block',
+ 'footer'));
+ COM_errorLog('Backup Error: Bad path, mysqldump does not exist
or open_basedir restriction in effect.', 1);
+ COM_errorLog("Command used for mysqldump: $log_command", 1);
+ }
+ } else {
+ $retval .= COM_startBlock($MESSAGE[30], '',
+ COM_getBlockTemplate('_msg_block', 'header'));
+ $retval .= $LANG_DB_BACKUP['path_not_found'];
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
+ COM_errorLog("Backup directory '" . $_CONF['backup_path'] . "'
does not exist or is not a directory", 1);
+ }
+
+ return $retval;
+}
+
+/**
+* Download a backup file
+*
+* @param string $file Filename (without the path)
+* @return void
+* @note Filename should have been sanitized and checked before calling
this.
+*
+*/
+function downloadbackup($file)
+{
+ global $_CONF;
+
+ require_once $_CONF['path_system'] . 'classes/downloader.class.php';
+
+ $dl = new downloader;
+
+ $dl->setLogFile($_CONF['path'] . 'logs/error.log');
+ $dl->setLogging(true);
+ $dl->setDebug(true);
+
+ $dl->setPath($_CONF['backup_path']);
+ $dl->setAllowedExtensions(array('sql'
=> 'application/x-gzip-compressed'));
+
+ $dl->downloadFile($file);
+}
+
+
+// MAIN
+$display = '';
+
+// If user isn't a root user or if the backup feature is disabled, bail.
+if (!SEC_inGroup('Root') OR $_CONF['allow_mysqldump'] == 0) {
+ $display .= COM_siteHeader('menu',
$LANG_DB_BACKUP['last_ten_backups']);
+ $display .= COM_startBlock($MESSAGE[30], '',
+ COM_getBlockTemplate('_msg_block', 'header'));
+ $display .= $MESSAGE[46];
+ $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
+ $display .= COM_siteFooter();
+ COM_accessLog("User {$_USER['username']} tried to illegally access the
database backup screen.");
+ echo $display;
+ exit;
+}
+
+$mode = '';
+if (isset($_GET['mode'])) {
+ if ($_GET['mode'] == 'backup') {
+ $mode = 'backup';
+ } else if ($_GET['mode'] == 'download') {
+ $mode = 'download';
+ }
+} else if (isset($_POST['mode'])) {
+ if (($_POST['mode'] == 'delete') && isset($_POST['delitem'])) {
+ $mode = 'delete';
+ }
+}
+
+if ($mode == 'download') {
+ $file = '';
+ if (isset($_GET['file'])) {
+ $file = preg_replace('/[^a-zA-Z0-9\-_\.]/', '', $_GET['file']);
+ $file = str_replace('..', '', $file);
+ if (!file_exists($_CONF['backup_path'] . $file)) {
+ $file = '';
+ }
+ }
+ if (!empty($file)) {
+ downloadbackup($file);
+ exit;
+ }
+}
+
+$display .= COM_siteHeader('menu', $LANG_DB_BACKUP['last_ten_backups']);
+
+if ($mode == 'backup') {
+ // Perform the backup if asked
+ if (SEC_checkToken()) {
+ $display .= dobackup();
+ }
+} elseif ($mode == 'delete') {
+ if (SEC_checkToken()) {
+ foreach ($_POST['delitem'] as $delfile) {
+ $file = preg_replace('/[^a-zA-Z0-9\-_\.]/', '', $delfile);
+ $file = str_replace('..', '', $file);
+ if (!@unlink($_CONF['backup_path'] . $file)) {
+ COM_errorLog('Unable to remove backup file "' .
$file . '"');
+ }
+ }
+ }
+}
+
+// Show all backups
+
+$display .= listbackups();
+
+$display .= COM_siteFooter();
+
+echo $display;
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/group.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/group.php Sun Apr 5
18:10:31 2009
@@ -0,0 +1,1047 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
group.php |
+//
|
|
+// | Geeklog group administration
page. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2008 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Mark Limburg - mlimburg AT users DOT sourceforge DOT
net |
+// | Jason Whittenburg - jwhitten AT securitygeeks DOT
com |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: group.php,v 1.103 2008/06/07 12:41:44 dhaun Exp $
+
+/**
+* This file is the Geeklog Group administration page
+*
+* @author Tony Bibbs <tony****@tonyb*****>
+*
+*/
+
+/**
+* Geeklog common function library
+*/
+require_once '../lib-common.php';
+
+/**
+* Verifies that current user even has access to the page to this point
+*/
+require_once 'auth.inc.php';
+
+// Uncomment the line below if you need to debug the HTTP variables being
passed
+// to the script. This will sometimes cause errors but it will allow you
to see
+// the data being passed in a POST operation
+// echo COM_debug($_POST);
+
+$display = '';
+
+// Make sure user has rights to access this page
+if (!SEC_hasRights ('group.edit')) {
+ $display .= COM_siteHeader ('menu', $MESSAGE[30]);
+ $display .= COM_startBlock ($MESSAGE[30], '',
+ COM_getBlockTemplate
('_msg_block', 'header'));
+ $display .= $MESSAGE[37];
+ $display .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+ $display .= COM_siteFooter ();
+ COM_accessLog ("User {$_USER['username']} tried to illegally access
the group administration screen.");
+ echo $display;
+ exit;
+}
+
+/**
+* Shows the group editor form
+*
+* @param string $grp_id ID of group to edit
+* @return string HTML for group editor
+*
+*/
+function editgroup($grp_id = '')
+{
+ global $_TABLES, $_CONF, $_USER, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE,
+ $LANG28, $VERBOSE;
+
+ $retval = '';
+
+ $thisUsersGroups = SEC_getUserGroups ();
+ if (!empty ($grp_id) &&
+ ($grp_id > 0) &&
+ !in_array ($grp_id, $thisUsersGroups) &&
+ !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $thisUsersGroups)) {
+ $retval .= COM_startBlock ($LANG_ACCESS['groupeditor'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ if (!SEC_inGroup ('Root') && (DB_getItem ($_TABLES['groups'],
+ 'grp_name', "grp_id = $grp_id") == 'Root')) {
+ $retval .= $LANG_ACCESS['canteditroot'];
+ COM_accessLog ("User {$_USER['username']} tried to edit the
Root group with insufficient privileges.");
+ } else {
+ $retval .= $LANG_ACCESS['canteditgroup'];
+ }
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+
+ return $retval;
+ }
+
+ $group_templates = new Template($_CONF['path_layout'] . 'admin/group');
+ $group_templates->set_file('editor','groupeditor.thtml');
+ $group_templates->set_var('site_url', $_CONF['site_url']);
+ $group_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
+ $group_templates->set_var('layout_url', $_CONF['layout_url']);
+ $group_templates->set_var('lang_save', $LANG_ADMIN['save']);
+ $group_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
+ $group_templates->set_var('lang_admingroup',$LANG28[49]);
+ $group_templates->set_var('lang_admingrp_msg', $LANG28[50]);
+ $group_templates->set_var( 'xhtml', XHTML );
+ $showall = 0;
+ if (isset ($_GET['chk_showall'])) {
+ $showall = COM_applyFilter ($_GET['chk_showall'], true);
+ }
+ $group_templates->set_var('show_all', $showall);
+
+ if (!empty ($grp_id)) {
+ $result = DB_query ("SELECT grp_id,grp_name,grp_descr,grp_gl_core
FROM {$_TABLES['groups']} WHERE grp_id ='$grp_id'");
+ $A = DB_fetchArray ($result);
+ if ($A['grp_gl_core'] > 0) {
+ $group_templates->set_var
('chk_adminuse', 'checked="checked"');
+ }
+ } else {
+ // new group, so it's obviously not a core group
+ $A['grp_gl_core'] = 0;
+ }
+
+ $retval .= COM_startBlock ($LANG_ACCESS['groupeditor'], '',
+ COM_getBlockTemplate
('_admin_block', 'header'));
+
+ if (!empty($grp_id)) {
+ // Groups tied to Geeklog's functionality shouldn't be deleted
+ if ($A['grp_gl_core'] != 1) {
+ $delbutton = '<input type="submit" value="' .
$LANG_ADMIN['delete']
+ . '" name="mode"%s' . XHTML . '>';
+ $jsconfirm = ' onclick="return confirm(\'' .
$MESSAGE[76] . '\');"';
+ $group_templates->set_var ('delete_option',
+ sprintf ($delbutton, $jsconfirm));
+ $group_templates->set_var ('delete_option_no_confirmation',
+ sprintf ($delbutton, ''));
+ $group_templates->set_var ('group_core', 0);
+ } else {
+ $group_templates->set_var ('group_core', 1);
+ }
+ $group_templates->set_var ('group_id', $A['grp_id']);
+ } else {
+ $group_templates->set_var ('group_core', 0);
+ }
+
+ $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']);
+
+ if ($A['grp_gl_core'] != 1) {
+ $group_templates->set_var('groupname_inputtype', 'text');
+ $group_templates->set_var('groupname_static', '');
+ } else {
+ $group_templates->set_var('groupname_inputtype', 'hidden');
+ $group_templates->set_var('groupname_static', $A['grp_name']);
+ }
+ if (isset ($A['grp_name'])) {
+ $group_templates->set_var('group_name', $A['grp_name']);
+ } else {
+ $group_templates->set_var('group_name', '');
+ }
+
+ $group_templates->set_var('lang_description',
$LANG_ACCESS['description']);
+ if (isset ($A['grp_descr'])) {
+ $group_templates->set_var('group_description', $A['grp_descr']);
+ } else {
+ $group_templates->set_var('group_description', '');
+ }
+ $group_templates->set_var('lang_securitygroups',
$LANG_ACCESS['securitygroups']);
+
+ //$groups = SEC_getUserGroups('','',$grp_id);
+ $selected = '';
+ if (!empty($grp_id)) {
+ $tmp = DB_query("SELECT ug_main_grp_id FROM
{$_TABLES['group_assignments']} WHERE ug_grp_id = $grp_id");
+ $num_groups = DB_numRows($tmp);
+ for ($x = 1; $x <= $num_groups; $x++) {
+ $G = DB_fetchArray($tmp);
+ if ($x > 1) {
+ $selected .= ' ' . $G['ug_main_grp_id'];
+ } else {
+ $selected .= $G['ug_main_grp_id'];
+ }
+ }
+ }
+ if ($A['grp_gl_core'] == 1) {
+ $group_templates->set_var('lang_securitygroupmsg',
$LANG_ACCESS['coregroupmsg']);
+ $group_templates->set_var('hide_adminoption','
style="display:none;"');
+
+ if (!empty($selected)) {
+ $inclause = str_replace(' ',',',$selected);
+ $result= DB_query("SELECT grp_id,grp_name FROM
{$_TABLES['groups']} WHERE grp_id <> $grp_id AND grp_id in ($inclause)
ORDER BY grp_name");
+ $nrows = DB_numRows($result);
+ } else {
+ $nrows = 0;
+ }
+
+ if ($nrows == 0) {
+ // this group doesn't belong to anything...give a friendly
message
+ $group_templates->set_var('group_options',
$LANG_ACCESS['nogroupsforcoregroup']);
+ } else {
+ $groupoptions = '';
+ for ($i = 1; $i <= $nrows; $i++) {
+ $GRPS = DB_fetchArray($result);
+ $groupoptions .= $GRPS['grp_name'] . '<input type="hidden"
name="groups[]" value="' . $GRPS['grp_id'] . '"' . XHTML . '><br' .
XHTML . '>' .LB;
+ }
+ $group_templates->set_var('group_options', $groupoptions);
+ }
+ } else {
+ $group_templates->set_var('lang_securitygroupmsg',
$LANG_ACCESS['groupmsg']);
+ $group_templates->set_var('hide_adminoption','');
+ if ($VERBOSE) {
+ COM_errorLog("SELECTED: $selected");
+ }
+
+ // make sure to list only those groups of which the Group Admin
+ // is a member
+ $whereGroups = '(grp_id IN (' . implode (',',
$thisUsersGroups) . '))';
+
+ // You can no longer give access to the Root group....
+ // it's pointless and doesn't make any sense
+ if (!empty($grp_id)) {
+ $group_templates->set_var ('group_options', COM_checkList
($_TABLES['groups'], 'grp_id,grp_name', "(grp_id <> $grp_id) AND (grp_name
<> 'Root') AND " . $whereGroups, $selected));
+ } else {
+ $group_templates->set_var ('group_options', COM_checkList
($_TABLES['groups'], 'grp_id,grp_name', "(grp_name <> 'Root') AND " .
$whereGroups, ''));
+ }
+ }
+ $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']);
+
+ if ($A['grp_gl_core'] == 1) {
+ $group_templates->set_var('lang_rightsmsg',
$LANG_ACCESS['corerightsdescr']);
+ } else {
+ $group_templates->set_var('lang_rightsmsg',
$LANG_ACCESS['rightsdescr']);
+ }
+
+ $group_templates->set_var('rights_options', printrights($grp_id,
$A['grp_gl_core']));
+ $group_templates->set_var('gltoken_name', CSRF_TOKEN);
+ $group_templates->set_var('gltoken', SEC_createToken());
+ $group_templates->parse('output','editor');
+ $retval .=
$group_templates->finish($group_templates->get_var('output'));
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_admin_block', 'footer'));
+
+ return $retval;
+}
+
+
+/**
+* Get the indirect features for a group, i.e. a list of all the features
+* that this group inherited from other groups.
+*
+* @param int $grp_id ID of group
+* @return string comma-separated list of feature names
+*
+*/
+function getIndirectFeatures ($grp_id)
+{
+ global $_TABLES;
+
+ $checked = array ();
+ $tocheck = array ($grp_id);
+
+ do {
+ $grp = array_pop ($tocheck);
+
+ $result = DB_query ("SELECT ug_main_grp_id FROM
{$_TABLES['group_assignments']} WHERE ug_grp_id = $grp AND ug_uid IS NULL");
+ $numrows = DB_numRows ($result);
+
+ $checked[] = $grp;
+
+ for ($j = 0; $j < $numrows; $j++) {
+ $A = DB_fetchArray ($result);
+ if (!in_array ($A['ug_main_grp_id'], $checked) &&
+ !in_array ($A['ug_main_grp_id'], $tocheck)) {
+ $tocheck[] = $A['ug_main_grp_id'];
+ }
+ }
+ }
+ while (sizeof ($tocheck) > 0);
+
+ // get features for all groups in $checked
+ $glist = join (',', $checked);
+ $result = DB_query("SELECT DISTINCT ft_name FROM
{$_TABLES['access']},{$_TABLES['features']} WHERE ft_id = acc_ft_id AND
acc_grp_id IN ($glist)");
+ $nrows = DB_numRows ($result);
+
+ $retval = '';
+ for ($j = 1; $j <= $nrows; $j++) {
+ $A = DB_fetchArray ($result);
+ $retval .= $A['ft_name'];
+ if ($j < $nrows) {
+ $retval .= ',';
+ }
+ }
+
+ return $retval;
+}
+
+/**
+* Prints the features a group has access. Please follow the comments in
the
+* code closely if you need to modify this function. Also right is
synonymous
+* with feature.
+*
+* @param mixed $grp_id ID to print rights for
+* @param boolean $core indicates if group is a core Geeklog
group
+* @return string HTML for rights
+*
+*/
+function printrights ($grp_id = '', $core = 0)
+{
+ global $_TABLES, $_USER, $LANG_ACCESS, $VERBOSE;
+
+ // $VERBOSE = true;
+ // this gets a bit complicated so bear with the comments
+
+ // get a list of all the features that the current user (i.e. Group
Admin)
+ // has access to, so we only include these features in the list below
+ if (!SEC_inGroup('Root')) {
+ $GroupAdminFeatures = SEC_getUserPermissions ();
+ $availableFeatures = explode (',', $GroupAdminFeatures);
+ $GroupAdminFeatures = "'" . implode ("','",
$availableFeatures) . "'";
+ $ftWhere = ' WHERE ft_name IN (' . $GroupAdminFeatures . ')';
+ } else {
+ $ftWhere = '';
+ }
+
+ // now query for all available features
+ $features = DB_query ("SELECT ft_id,ft_name,ft_descr FROM
{$_TABLES['features']}{$ftWhere} ORDER BY ft_name");
+ $nfeatures = DB_numRows($features);
+
+ $grpftarray = array ();
+ if (!empty($grp_id)) {
+ // now get all the feature this group gets directly
+ $directfeatures = DB_query("SELECT acc_ft_id,ft_name FROM
{$_TABLES['access']},{$_TABLES['features']} WHERE ft_id = acc_ft_id AND
acc_grp_id = $grp_id",1);
+
+ // now in many cases the features will be given to this user
indirectly
+ // via membership to another group. These are not editable and
must,
+ // instead, be removed from that group directly
+ $indirectfeatures = getIndirectFeatures ($grp_id);
+ $indirectfeatures = explode (',', $indirectfeatures);
+
+ // Build an array of indirect features
+ for ($i = 0; $i < sizeof($indirectfeatures); $i++) {
+ $grpftarray[current($indirectfeatures)] = 'indirect';
+ next($indirectfeatures);
+ }
+
+ // Build an arrray of direct features
+ $grpftarray1 = array ();
+ $ndirect = DB_numRows($directfeatures);
+ for ($i = 0; $i < $ndirect; $i++) {
+ $A = DB_fetchArray($directfeatures);
+ $grpftarray1[$A['ft_name']] = 'direct';
+ }
+
+ // Now merge the two arrays
+ $grpftarray = array_merge ($grpftarray, $grpftarray1);
+ if ($VERBOSE) {
+ // this is for debugging purposes
+ for ($i = 1; $i < sizeof($grpftarray); $i++) {
+ COM_errorLog("element $i is feature " .
key($grpftarray) . " and is " . current($grpftarray),1);
+ next($grpftarray);
+ }
+ }
+ }
+
+ // OK, now loop through and print all the features giving edit rights
+ // to only the ones that are direct features
+ $ftcount = 0;
+ $retval = '<tr>' . LB;
+ for ($i = 1; $i <= $nfeatures; $i++) {
+ if ($i > 0 AND ($i % 3 == 1)) {
+ $retval .= "</tr>\n<tr>";
+ }
+ $A = DB_fetchArray($features);
+
+ if ((empty($grpftarray[$A['ft_name']]) OR
($grpftarray[$A['ft_name']] == 'direct')) AND ($core != 1)) {
+ $ftcount++;
+ $retval .= '<td><input type="checkbox" name="features[]"
value="'. $A['ft_id'] . '"';
+ if (!empty ($grpftarray[$A['ft_name']])) {
+ if ($grpftarray[$A['ft_name']] == 'direct') {
+ $retval .= ' checked="checked"';
+ }
+ }
+ $retval .= XHTML . '><span title="' . $A['ft_descr'] . '">' .
$A['ft_name']
+ . '</span></td>';
+ } else {
+ // either this is an indirect right OR this is a core feature
+ if ((($core == 1) AND (isset ($grpftarray[$A['ft_name']]) AND
(($grpftarray[$A['ft_name']] == 'indirect') OR ($grpftarray[$A['ft_name']]
== 'direct')))) OR ($core != 1)) {
+ $ftcount++;
+ $retval .= '<td> (<i title="'
+ . $A['ft_descr'] . '">' .
$A['ft_name'] . '</i>)</td>';
+ }
+ }
+ }
+ if ($ftcount == 0) {
+ // This group doesn't have rights to any features
+ $retval .= '<td colspan="3">' .
$LANG_ACCESS['grouphasnorights'] . '</td>';
+ }
+
+ $retval .= '</tr>' . LB;
+
+ return $retval;
+}
+
+/**
+* Save a group to the database
+*
+* @param string $grp_id ID of group to save
+* @param string $grp_name Group Name
+* @param string $grp_descr Description of group
+* @param boolean $grp_admin Flag that indicates this is an admin
use group
+* @param boolean $grp_gl_core Flag that indicates if this is a core
Geeklog group
+* @param array $features Features the group has access to
+* @param array $groups Groups this group will belong to
+* @return string HTML refresh or error message
+*
+*/
+function savegroup ($grp_id, $grp_name, $grp_descr, $grp_admin,
$grp_gl_core, $features, $groups)
+{
+ global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $VERBOSE;
+
+ $retval = '';
+ if (!empty ($grp_name) && !empty ($grp_descr)) {
+ $GroupAdminGroups = SEC_getUserGroups ();
+ if (!empty ($grp_id) &&
+ ($grp_id > 0) &&
+ !in_array ($grp_id, $GroupAdminGroups) &&
+ !SEC_groupIsRemoteUserAndHaveAccess($grp_id,
$GroupAdminGroups)) {
+ COM_accessLog ("User {$_USER['username']} tried to edit
group '$grp_name' ($grp_id) with insufficient privileges.");
+
+ return COM_refresh ($_CONF['site_admin_url'] . '/group.php');
+ }
+
+ if ($grp_gl_core == 1 AND !is_array ($features)) {
+ COM_errorLog ("Sorry, no valid features were passed to this
core group ($grp_id) and saving could cause problem...bailing.");
+
+ return COM_refresh ($_CONF['site_admin_url'] . '/group.php');
+ }
+
+ // group names have to be unique, so check if this one exists
already
+ $g_id = DB_getItem ($_TABLES['groups'], 'grp_id',
+ "grp_name = '$grp_name'");
+ if ($g_id > 0) {
+ if (empty ($grp_id) || ($grp_id != $g_id)) {
+ // there already is a group with that name - complain
+ $retval .= COM_siteHeader ('menu',
$LANG_ACCESS['groupeditor']);
+ $retval .= COM_startBlock ($LANG_ACCESS['groupexists'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ $retval .= $LANG_ACCESS['groupexistsmsg'];
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+ $retval .= editgroup ($grp_id);
+ $retval .= COM_siteFooter ();
+
+ return $retval;
+ }
+ }
+
+ $grp_descr = COM_stripslashes ($grp_descr);
+ $grp_descr = addslashes ($grp_descr);
+
+ if (empty ($grp_id)) {
+ DB_save ($_TABLES['groups'], 'grp_name,grp_descr,grp_gl_core',
+ "'$grp_name','$grp_descr',$grp_gl_core");
+ $grp_id = DB_getItem ($_TABLES['groups'], 'grp_id',
+ "grp_name = '$grp_name'");
+ $new_group = true;
+ } else {
+ DB_save ($_TABLES['groups'],
+ 'grp_id,grp_name,grp_descr,grp_gl_core',
+ "$grp_id,'$grp_name','$grp_descr',$grp_gl_core");
+ $new_group = false;
+ }
+
+ if (empty($grp_id) || ($grp_id < 1)) {
+ // "this shouldn't happen"
+ COM_errorLog("Internal error: invalid group id");
+ $retval .= COM_siteHeader('menu', $LANG_ACCESS['groupeditor']);
+ $retval .= COM_showMessage(95);
+ $retval .= COM_siteFooter();
+
+ return $retval;
+ }
+
+ // Use the field grp_gl_core to indicate if this is non-core GL
Group is an Admin related group
+ if (($grp_gl_core != 1) AND ($grp_id > 1)) {
+ if ($grp_admin == 'on') {
+ DB_query("UPDATE {$_TABLES['groups']} SET grp_gl_core=2
WHERE grp_id=$grp_id");
+ } else {
+ DB_query("UPDATE {$_TABLES['groups']} SET grp_gl_core=0
WHERE grp_id=$grp_id");
+ }
+ }
+
+ // now save the features
+ DB_delete ($_TABLES['access'], 'acc_grp_id', $grp_id);
+ if (SEC_inGroup ('Root')) {
+ for ($i = 1; $i <= sizeof ($features); $i++) {
+ DB_query ("INSERT INTO {$_TABLES['access']}
(acc_ft_id,acc_grp_id) VALUES (" . current ($features) . ",$grp_id)");
+ next ($features);
+ }
+ } else {
+ $GroupAdminFeatures = SEC_getUserPermissions ();
+ $availableFeatures = explode (',', $GroupAdminFeatures);
+ for ($i = 1; $i <= sizeof($features); $i++) {
+ if (in_array (current ($features), $availableFeatures)) {
+ DB_query("INSERT INTO {$_TABLES['access']}
(acc_ft_id,acc_grp_id) VALUES (" . current($features) . ",$grp_id)");
+ next($features);
+ }
+ }
+ }
+ if ($VERBOSE) {
+ COM_errorLog('groups = ' . $groups);
+ COM_errorLog("deleting all group_assignments for group
$grp_id/$grp_name",1);
+ }
+
+ DB_delete ($_TABLES['group_assignments'], 'ug_grp_id', $grp_id);
+ if (!empty ($groups)) {
+ for ($i = 1; $i <= sizeof ($groups); $i++) {
+ if (in_array ($grp_id, $GroupAdminGroups)) {
+ if ($VERBOSE) COM_errorLog("adding
group_assignment " . current($groups) . " for $grp_name",1);
+ $sql = "INSERT INTO {$_TABLES['group_assignments']}
(ug_main_grp_id, ug_grp_id) VALUES (" . current($groups) . ",$grp_id)";
+ DB_query($sql);
+ }
+ next($groups);
+ }
+ }
+
+ // Make sure Root group belongs to any new group
+ if (DB_getItem ($_TABLES['group_assignments'], 'COUNT(*)',
+ "ug_main_grp_id = $grp_id AND ug_grp_id = 1") == 0) {
+ DB_query("INSERT INTO {$_TABLES['group_assignments']}
(ug_main_grp_id, ug_grp_id) VALUES ($grp_id, 1)");
+ }
+
+ // make sure this Group Admin belongs to the new group
+ if (!SEC_inGroup ('Root')) {
+ if (DB_count ($_TABLES['group_assignments'], 'ug_uid',
+ "(ug_uid = {$_USER['uid']}) AND (ug_main_grp_id = $grp_id)")
== 0) {
+ DB_query ("INSERT INTO {$_TABLES['group_assignments']}
(ug_main_grp_id, ug_uid) VALUES ($grp_id,{$_USER['uid']})");
+ }
+ }
+
+ if ($new_group) {
+ PLG_groupChanged ($grp_id, 'new');
+ } else {
+ PLG_groupChanged ($grp_id, 'edit');
+ }
+ if ($_POST['chk_showall'] == 1) {
+ echo
COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49&showall=1');
+ } else {
+ echo
COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49');
+ }
+ } else {
+ $retval .= COM_siteHeader ('menu', $LANG_ACCESS['groupeditor']);
+ $retval .= COM_startBlock ($LANG_ACCESS['missingfields'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ $retval .= $LANG_ACCESS['missingfieldsmsg'];
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+ $retval .= editgroup ($grp_id);
+ $retval .= COM_siteFooter ();
+
+ return $retval;
+ }
+}
+
+/**
+* Get a list (actually an array) of all groups this group belongs to.
+*
+* @param basegroup int id of group
+* @return array array of all groups 'basegroup' belongs to
+*
+*/
+function getGroupList ($basegroup)
+{
+ global $_TABLES;
+
+ $to_check = array ();
+ array_push ($to_check, $basegroup);
+
+ $checked = array ();
+
+ while (sizeof ($to_check) > 0) {
+ $thisgroup = array_pop ($to_check);
+ if ($thisgroup > 0) {
+ $result = DB_query ("SELECT ug_grp_id FROM
{$_TABLES['group_assignments']} WHERE ug_main_grp_id = $thisgroup");
+ $numGroups = DB_numRows ($result);
+ for ($i = 0; $i < $numGroups; $i++) {
+ $A = DB_fetchArray ($result);
+ if (!in_array ($A['ug_grp_id'], $checked)) {
+ if (!in_array ($A['ug_grp_id'], $to_check)) {
+ array_push ($to_check, $A['ug_grp_id']);
+ }
+ }
+ }
+ $checked[] = $thisgroup;
+ }
+ }
+
+ return $checked;
+}
+
+/**
+* Display a list of all users in a given group.
+*
+* @param grp_id int group id
+* @return string HTML for user listing
+*
+*/
+function listusers ($grp_id)
+{
+ global $_CONF, $_TABLES, $LANG28, $LANG_ACCESS, $LANG_ADMIN,
$_IMAGE_TYPE;
+
+ require_once $_CONF['path_system'] . 'lib-admin.php';
+
+ $retval = '';
+
+ $thisUsersGroups = SEC_getUserGroups ();
+ if (!empty ($grp_id) &&
+ ($grp_id > 0) &&
+ !in_array ($grp_id, $thisUsersGroups) &&
+ !SEC_groupIsRemoteUserAndHaveAccess( $grp_id, $thisUsersGroups)) {
+ $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ $retval .= $LANG_ACCESS['cantlistgroup'];
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+
+ return $retval;
+ }
+
+ if ($_CONF['lastlogin']) {
+ $login_text = $LANG28[41];
+ $login_field = 'lastlogin';
+ } else {
+ $login_text = $LANG28[40];
+ $login_field = 'regdate';
+ }
+
+ $header_arr = array (
+ array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' =>
false),
+ array('text' => $LANG28[37], 'field' => 'uid', 'sort' => true),
+ array('text' => $LANG28[3], 'field' => 'username', 'sort' => true),
+ array('text' => $LANG28[4], 'field' => 'fullname', 'sort' => true),
+ array('text' => $login_text, 'field' => $login_field, 'sort' =>
true),
+ array('text' => $LANG28[7], 'field' => 'email', 'sort' => true)
+ );
+
+ $defsort_arr = array ('field' => 'username',
+ 'direction' => 'asc'
+ );
+
+ $form_url =
$_CONF['site_admin_url'] . '/group.php?mode=listusers&grp_id='.$grp_id;
+ if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] ==
1)) {
+ $form_url .= '&chk_showall=1';
+ }
+
+ $groupname = DB_getItem ($_TABLES['groups'], 'grp_name',
+ "grp_id = '$grp_id'");
+ $headline = sprintf ($LANG_ACCESS['usersingroup'], $groupname);
+
+ $url = $_CONF['site_admin_url'] . '/group.php';
+ if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] ==
1)) {
+ $url .= '?chk_showall=1';
+ }
+ $menu_arr = array (
+ array('url' => $url,
+ 'text' => $LANG28[38]),
+ array('url' => $_CONF['site_admin_url'],
+ 'text' => $LANG_ADMIN['admin_home']));
+
+ $retval .= COM_startBlock($headline, '',
+
COM_getBlockTemplate('_admin_block', 'header'));
+
+ $retval .= ADMIN_createMenu(
+ $menu_arr,
+ ' ',
+ $_CONF['layout_url'] . '/images/icons/group.' . $_IMAGE_TYPE
+ );
+
+ $text_arr = array (
+ 'has_extras' => true,
+ 'form_url' => $form_url,
+ 'help_url' => ''
+ );
+
+ $join_userinfo = '';
+ $select_userinfo = '';
+ if ($_CONF['lastlogin']) {
+ $join_userinfo = "LEFT JOIN {$_TABLES['userinfo']} ON
{$_TABLES['users']}.uid={$_TABLES['userinfo']}.uid ";
+ $select_userinfo = ",lastlogin ";
+ }
+
+ $groups = getGroupList ($grp_id);
+ $groupList = implode (',', $groups);
+
+ $sql = "SELECT DISTINCT
{$_TABLES['users']}.uid,username,fullname,email,photo,regdate$select_userinfo "
+ ."FROM {$_TABLES['group_assignments']},{$_TABLES['users']}
$join_userinfo "
+ ."WHERE {$_TABLES['users']}.uid > 1 "
+ ."AND {$_TABLES['users']}.uid =
{$_TABLES['group_assignments']}.ug_uid "
+ ."AND ({$_TABLES['group_assignments']}.ug_main_grp_id IN
({$groupList}))";
+
+ $query_arr = array ('table' => 'users',
+ 'sql' => $sql,
+ 'query_fields' =>
array('username', 'email', 'fullname'),
+ 'default_filter' => "AND {$_TABLES['users']}.uid >
1"
+ );
+
+ $retval .= ADMIN_list('user', 'ADMIN_getListField_users', $header_arr,
+ $text_arr, $query_arr, $defsort_arr);
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
+
+ return $retval;
+}
+
+function listgroups()
+{
+ global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $LANG28,
$_IMAGE_TYPE;
+
+ require_once $_CONF['path_system'] . 'lib-admin.php';
+
+ $retval = '';
+
+ $header_arr = array( // display 'text' and use table field 'field'
+ array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' =>
false),
+ array('text' => $LANG_ACCESS['groupname'], 'field'
=> 'grp_name', 'sort' => true),
+ array('text' => $LANG_ACCESS['description'], 'field'
=> 'grp_descr', 'sort' => true),
+ array('text' => $LANG_ACCESS['coregroup'], 'field'
=> 'grp_gl_core', 'sort' => true),
+ array('text' => $LANG_ACCESS['listusers'], 'field'
=> 'list', 'sort' => false)
+ );
+
+ $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
+
+ $form_url = $_CONF['site_admin_url'] . '/group.php';
+ if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] ==
1)) {
+ $form_url .= '?chk_showall=1';
+ }
+
+ $menu_arr = array (
+ array('url' => $_CONF['site_admin_url'] . '/group.php?mode=edit',
+ 'text' => $LANG_ADMIN['create_new']),
+ array('url' => $_CONF['site_admin_url'],
+ 'text' => $LANG_ADMIN['admin_home'])
+ );
+
+ $retval .= COM_startBlock($LANG_ACCESS['groupmanager'], '',
+
COM_getBlockTemplate('_admin_block', 'header'));
+
+ $retval .= ADMIN_createMenu(
+ $menu_arr,
+ $LANG_ACCESS['newgroupmsg'],
+ $_CONF['layout_url'] . '/images/icons/group.' . $_IMAGE_TYPE
+ );
+
+ $text_arr = array(
+ 'has_extras' => true,
+ 'form_url' => $form_url
+ );
+
+ $filter = '<span style="padding-right:20px;">';
+
+ // Extra test required to handle that different ways this option is
passed and need to be able to
+ // over-ride the option using the posted form when the URL contains
the variable as well
+ $show_all_groups = false;
+ $checked ='';
+ if (isset($_POST['q'])) { // Form has been posted - test actual
option in this form
+ if ($_POST['chk_showall'] == 1) {
+ $show_all_groups = true;
+ $checked = ' checked';
+ }
+ } else if (isset ($_GET['chk_showall']) && ($_GET['chk_showall'] ==
1)) {
+ $show_all_groups = true;
+ $checked = ' checked';
+ }
+
+ if (SEC_inGroup('Root')) {
+ $grpFilter = '';
+ } else {
+ $thisUsersGroups = SEC_getUserGroups ();
+ $grpFilter = 'AND (grp_id IN (' . implode (',',
$thisUsersGroups) . '))';
+ }
+
+ if ($show_all_groups) {
+ $filter .= '<label for="chk_showall"><input id="chk_showall"
type="checkbox" name="chk_showall" value="1" checked="checked"' .
XHTML . '>';
+ $query_arr = array(
+ 'table' => 'groups',
+ 'sql' => "SELECT * FROM {$_TABLES['groups']} WHERE 1=1",
+ 'query_fields' => array('grp_name', 'grp_descr'),
+ 'default_filter' => $grpFilter);
+ } else {
+ $filter .= "<label for=\"chk_showall\"><input id=\"chk_showall\"
type=\"checkbox\" name=\"chk_showall\" value=\"1\"$checked" . XHTML . ">";
+ $query_arr = array(
+ 'table' => 'groups',
+ 'sql' => "SELECT * FROM {$_TABLES['groups']} WHERE
(grp_gl_core = 0 OR grp_id in (2,13))",
+ 'query_fields' => array('grp_name', 'grp_descr'),
+ 'default_filter' => $grpFilter);
+ }
+ $filter .= $LANG28[48] . '</label></span>';
+
+ $retval .= ADMIN_list('groups', 'ADMIN_getListField_groups',
$header_arr,
+ $text_arr, $query_arr, $defsort_arr, $filter);
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
+
+ return $retval;
+}
+
+function grp_selectUsers ($group_id, $allusers = false)
+{
+ global $_TABLES, $_USER;
+
+ $retval = '';
+
+ // Get a list of users in the Root Group and the selected group
+ $sql = "SELECT DISTINCT uid FROM {$_TABLES['users']} LEFT JOIN
{$_TABLES['group_assignments']} ";
+ $sql .= "ON {$_TABLES['group_assignments']}.ug_uid = uid WHERE uid > 1
AND ";
+ $sql .= "({$_TABLES['group_assignments']}.ug_main_grp_id = 1 OR
{$_TABLES['group_assignments']}.ug_main_grp_id = $group_id)";
+ $result = DB_query ($sql);
+ $filteredusers = array();
+ while ($A = DB_fetchArray($result)) {
+ $filteredusers[] = $A['uid'];
+ }
+
+ $groups = getGroupList ($group_id);
+ $grouplist = '(' . implode (',', $groups) . ')';
+ $sql = "SELECT DISTINCT uid,username FROM {$_TABLES['users']} LEFT
JOIN {$_TABLES['group_assignments']} ";
+ $sql .= "ON {$_TABLES['group_assignments']}.ug_uid = uid WHERE uid > 1
AND ";
+ $sql .= "{$_TABLES['group_assignments']}.ug_main_grp_id ";
+ if ($allusers) {
+ $sql .= 'NOT ';
+ }
+ $sql .= "IN {$grouplist} ";
+ // Filter out the users that will be in the selected group
+ if ($allusers) {
+ $filteredusers = implode(',',$filteredusers);
+ $sql .= " AND uid NOT IN ($filteredusers) ";
+ }
+ $sql .= "ORDER BY username";
+ $result = DB_query ($sql);
+ $numUsers = DB_numRows ($result);
+ for ($i = 0; $i < $numUsers; $i++) {
+ list($uid, $username) = DB_fetchArray ($result);
+ $retval .= '<option value="' . $uid . '">' .
$username . '</option>';
+ }
+
+ return $retval;
+}
+
+/**
+* Allow easy addition/removal of users to/from a group
+*
+* @param int $group Group ID
+* @return string HTML form
+*
+*/
+function editusers($group)
+{
+ global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG_ADMIN, $LANG28;
+
+ $retval = '';
+
+ $thisUsersGroups = SEC_getUserGroups ();
+ $groupName =
DB_getItem($_TABLES['groups'],'grp_name',"grp_id='$group'");
+ if (!empty ($group) &&
+ ($group > 0) &&
+ !in_array ($group, $thisUsersGroups) &&
+ !SEC_groupIsRemoteUserAndHaveAccess($group, $thisUsersGroups)
+ ) {
+ $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ if (!SEC_inGroup ('Root') && (DB_getItem ($_TABLES['groups'],
+ 'grp_name', "grp_id = $group") == 'Root')) {
+ $retval .= $LANG_ACCESS['canteditroot'];
+ COM_accessLog ("User {$_USER['username']} tried to edit the
Root group with insufficient privileges.");
+ } else {
+ $retval .= $LANG_ACCESS['canteditgroup'];
+ }
+ $retval .= COM_endBlock (COM_getBlockTemplate
('_msg_block', 'footer'));
+
+ return $retval;
+ }
+
+ $group_listing_url = $_CONF['site_admin_url'] . '/group.php';
+ $showall = 0;
+ if (isset($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] ==
1)) {
+ $group_listing_url .= '?chk_showall=1';
+ $showall = 1;
+ }
+
+ $retval .= COM_startBlock($LANG_ACCESS['usergroupadmin'] . " -
$groupName" , '',
+ COM_getBlockTemplate('_admin_block', 'header'));
+ $groupmembers = new Template($_CONF['path_layout'] . 'admin/group');
+ $groupmembers->set_file(array('groupmembers'=>'groupmembers.thtml'));
+ $groupmembers->set_var('site_url', $_CONF['site_url']);
+ $groupmembers->set_var('site_admin_url', $_CONF['site_admin_url']);
+ $groupmembers->set_var('group_listing_url', $group_listing_url);
+ $groupmembers->set_var('layout_url', $_CONF['layout_url']);
+ $groupmembers->set_var('phpself',
$_CONF['site_admin_url'] . '/group.php');
+ $groupmembers->set_var('lang_adminhome', $LANG_ACCESS['adminhome']);
+ $groupmembers->set_var('lang_instructions',
$LANG_ACCESS['editgroupmsg']);
+
$groupmembers->set_var('LANG_sitemembers',$LANG_ACCESS['availmembers']);
+ $groupmembers->set_var('LANG_grpmembers',$LANG_ACCESS['groupmembers']);
+ $groupmembers->set_var('sitemembers', grp_selectUsers($group,true) );
+ $groupmembers->set_var('group_list', grp_selectUsers($group) );
+ $groupmembers->set_var('LANG_add',$LANG_ACCESS['add']);
+ $groupmembers->set_var('LANG_remove',$LANG_ACCESS['remove']);
+ $groupmembers->set_var('lang_save', $LANG_ADMIN['save']);
+ $groupmembers->set_var('lang_cancel', $LANG_ADMIN['cancel']);
+ $groupmembers->set_var('lang_grouplist', $LANG28[38]);
+ $groupmembers->set_var('show_all', $showall);
+ $groupmembers->set_var('group_id',$group);
+ $groupmembers->set_var('xhtml', XHTML);
+ $groupmembers->set_var('gltoken_name', CSRF_TOKEN);
+ $groupmembers->set_var('gltoken', SEC_createToken());
+ $groupmembers->parse('output', 'groupmembers');
+ $retval .= $groupmembers->finish($groupmembers->get_var('output'));
+ $retval .=
COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
+
+ return $retval;
+}
+
+function savegroupusers ($groupid, $groupmembers)
+{
+ global $_CONF, $_TABLES;
+
+ // Delete all the current buddy records for this user and add all the
selected ones
+ $sql = "DELETE FROM {$_TABLES['group_assignments']} WHERE
ug_main_grp_id={$groupid} AND ug_uid IS NOT NULL";
+ DB_query($sql);
+ $adduser = explode("|",$groupmembers);
+ for( $i = 0; $i < count($adduser); $i++ ) {
+ $adduser[$i] = COM_applyFilter($adduser[$i], true);
+ DB_query("INSERT INTO {$_TABLES['group_assignments']}
(ug_main_grp_id, ug_uid) VALUES ('$groupid', '$adduser[$i]')");
+ }
+ if ($_POST['chk_showall'] == 1) {
+ echo
COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49&showall=1');
+ } else {
+ echo COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49');
+ }
+}
+
+/**
+* Delete a group
+*
+* @param int $grp_id id of group to delete
+* @return string HTML redirect
+*
+*/
+function deleteGroup ($grp_id)
+{
+ global $_CONF, $_TABLES, $_USER;
+
+ if (!SEC_inGroup ('Root') && (DB_getItem
($_TABLES['groups'], 'grp_name',
+ "grp_id = $grp_id") == 'Root')) {
+ COM_accessLog ("User {$_USER['username']} tried to delete the Root
group with insufficient privileges.");
+
+ return COM_refresh ($_CONF['site_admin_url'] . '/group.php');
+ }
+
+ $GroupAdminGroups = SEC_getUserGroups ();
+ if (!in_array ($grp_id, $GroupAdminGroups)
&& !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $GroupAdminGroups)) {
+ COM_accessLog ("User {$_USER['username']} tried to delete group
$grp_id with insufficient privileges.");
+
+ return COM_refresh ($_CONF['site_admin_url'] . '/group.php');
+ }
+
+ DB_delete ($_TABLES['access'], 'acc_grp_id', $grp_id);
+ DB_delete ($_TABLES['group_assignments'], 'ug_grp_id', $grp_id);
+ DB_delete ($_TABLES['group_assignments'], 'ug_main_grp_id', $grp_id);
+ DB_delete ($_TABLES['groups'], 'grp_id', $grp_id);
+
+ PLG_groupChanged ($grp_id, 'delete');
+ if ($_POST['chk_showall'] == 1) {
+ return
COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50&showall=1');
+ } else {
+ return COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50');
+ }
+}
+
+// MAIN
+$mode = '';
+if (isset($_REQUEST['mode'])) {
+ $mode = $_REQUEST['mode'];
+}
+
+if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) {
+ $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
+ if (!isset ($grp_id) || empty ($grp_id) || ($grp_id == 0)) {
+ COM_errorLog ('Attempted to delete group grp_id=' . $grp_id);
+ $display .= COM_refresh ($_CONF['site_admin_url'] . '/group.php');
+ } elseif (SEC_checkToken()) {
+ $display .= deleteGroup ($grp_id);
+ } else {
+ COM_accessLog("User {$_USER['username']} tried to illegally delete
group $grp_id and failed CSRF checks.");
+ echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
+ }
+} elseif (($mode == $LANG_ADMIN['save']) && !empty($LANG_ADMIN['save']) &&
SEC_checkToken()) {
+ $chk_grpadmin = '';
+ if (isset($_POST['chk_grpadmin'])) {
+ $chk_grpadmin = COM_applyFilter($_POST['chk_grpadmin']);
+ }
+ $features = array();
+ if (isset($_POST['features'])) {
+ $features = $_POST['features'];
+ }
+ $groups = array();
+ if (isset($_POST[$_TABLES['groups']])) {
+ $groups = $_POST[$_TABLES['groups']];
+ }
+ $display .= savegroup(COM_applyFilter($_POST['grp_id'], true),
+ COM_applyFilter($_POST['grp_name']),
+ $_POST['grp_descr'], $chk_grpadmin,
+ COM_applyFilter($_POST['grp_gl_core']),
+ $features, $groups);
+} else if (($mode == 'savegroupusers') && SEC_checkToken()) {
+ $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
+ $display .= savegroupusers ($grp_id, $_POST['groupmembers']);
+} else if ($mode == 'edit') {
+ $grp_id = 0;
+ if (isset ($_REQUEST['grp_id'])) {
+ $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
+ }
+ $display .= COM_siteHeader ('menu', $LANG_ACCESS['groupeditor']);
+ $display .= editgroup ($grp_id);
+ $display .= COM_siteFooter ();
+} else if ($mode == 'listusers') {
+ $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
+ $display .= COM_siteHeader ('menu', $LANG_ACCESS['groupmembers']);
+ $display .= listusers ($grp_id);
+ $display .= COM_siteFooter ();
+} else if ($mode == 'editusers') {
+ $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
+ $display .= COM_siteHeader ('menu', $LANG_ACCESS['usergroupadmin']);
+ $display .= editusers ($grp_id);
+ $display .= COM_siteFooter ();
+} else { // 'cancel' or no mode at all
+ $display .= COM_siteHeader ('menu', $LANG28[38]);
+ if (isset ($_REQUEST['msg'])) {
+ $display .= COM_showMessage (COM_applyFilter ($_REQUEST['msg'],
true));
+ }
+ $display .= listgroups();
+ $display .= COM_siteFooter();
+}
+
+echo $display;
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/index.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/index.php Sun Apr 5
18:10:31 2009
@@ -0,0 +1,36 @@
+<?php
+###############################################################################
+# /admin/index.php
+# This is the admin index page that does nothing more that login you in.
+#
+# Copyright (C) 2000 Jason Whittenburg
+# jwhit****@secur*****
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.
+#
+###############################################################################
+//
+// $Id: index.php,v 1.9 2006/10/01 19:13:37 dhaun Exp $
+
+require_once('../lib-common.php');
+
+// MAIN
+if (isset ($_GET['mode']) && ($_GET['mode'] == 'logout')) {
+ print COM_refresh($_CONF['site_url'] . '/users.php?mode=logout');
+}
+
+print COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
+
+?>
Added:
externals/geeklog-1.5.2sr2/public_html/admin/install/config-install.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/install/config-install.php
Sun Apr 5 18:10:31 2009
@@ -0,0 +1,355 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
config-install.php |
+//
|
|
+// | Initial configuration
setup. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2007-2009 by the following
authors: |
+//
|
|
+// | Authors: Aaron Blankstein - kantai AT gmail DOT
com |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: config-install.php,v 1.33 2008/09/21 08:37:09 dhaun Exp $
+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'config-install.php') !==
false) {
+ die('This file can not be used on its own!');
+}
+
+function install_config()
+{
+ global $_CONF, $_TABLES;
+
+ $c = config::get_instance();
+
+ // Subgroup: Site
+ $c->add('sg_site', NULL, 'subgroup', 0, 0, NULL, 0, TRUE);
+
+ $c->add('fs_site', NULL, 'fieldset', 0, 0, NULL, 0, TRUE);
+ $c->add('site_url','','text',0,0,NULL,20,TRUE);
+ $c->add('site_admin_url','','text',0,0,NULL,30,TRUE);
+ $c->add('site_name','','text',0,0,NULL,60,TRUE);
+ $c->add('site_slogan','','text',0,0,NULL,70,TRUE);
+ $c->add('microsummary_short','GL: ','text',0,0,NULL,80,TRUE);
+ $c->add('site_disabled_msg','Geeklog Site is down. Please come back
soon.','text',0,0,NULL,510,TRUE);
+ $c->add('copyrightyear',date('Y'),'text',0,0,NULL,1440,FALSE);
+ $c->add('url_rewrite',FALSE,'select',0,0,1,1800,TRUE);
+
+ $c->add('fs_mail', NULL, 'fieldset', 0, 1, NULL, 0, TRUE);
+ $c->add('site_mail','','text',0,1,NULL,40,TRUE);
+ $c->add('noreply_mail','','text',0,1,NULL,50,TRUE);
+ $c->add('mail_settings',array ('backend' => 'mail', 'sendmail_path'
=> '/usr/bin/sendmail', 'sendmail_args' => '', 'host'
=> 'smtp.example.com','port' => '25', 'auth' => false, 'username'
=> 'smtp-username','password'
=> 'smtp-password'),'@text',0,1,NULL,160,TRUE);
+
+ $c->add('fs_syndication', NULL, 'fieldset', 0, 2, NULL, 0, TRUE);
+ $c->add('backend',1,'select',0,2,0,1380,TRUE);
+ $c->add('rdf_file','','text',0,2,NULL,1390,TRUE);
+ $c->add('rdf_limit',10,'text',0,2,NULL,1400,TRUE);
+ $c->add('rdf_storytext',1,'text',0,2,NULL,1410,TRUE);
+ $c->add('rdf_language','en-gb','text',0,2,NULL,1420,TRUE);
+ $c->add('syndication_max_headlines',0,'text',0,2,NULL,1430,TRUE);
+
+ $c->add('fs_paths', NULL, 'fieldset', 0, 3, NULL, 0, TRUE);
+ $c->add('path_html','','text',0,3,NULL,10,TRUE);
+ $c->add('path_log','','text',0,3,NULL,90,TRUE);
+ $c->add('path_language','','text',0,3,NULL,100,TRUE);
+ $c->add('backup_path','','text',0,3,NULL,110,TRUE);
+ $c->add('path_data','','text',0,3,NULL,120,TRUE);
+ $c->add('path_images','','text',0,3,NULL,130,TRUE);
+
+ $c->add('fs_pear', NULL, 'fieldset', 0, 4, NULL, 0, TRUE);
+ $c->add('have_pear',FALSE,'select',0,4,1,135,TRUE);
+ $c->add('path_pear','','text',0,4,NULL,140,TRUE);
+
+ $c->add('fs_mysql', NULL, 'fieldset', 0, 5, NULL, 0, TRUE);
+ $c->add('allow_mysqldump',1,'select',0,5,0,170,TRUE);
+
$c->add('mysqldump_path','/usr/bin/mysqldump','text',0,5,NULL,175,TRUE);
+ $c->add('mysqldump_options','-Q','text',0,5,NULL,180,TRUE);
+
+ $c->add('fs_search', NULL, 'fieldset', 0, 6, NULL, 0, TRUE);
+ $c->add('num_search_results',10,'text',0,6,NULL,670,TRUE);
+
+ // Subgroup: Stories and Trackback
+ $c->add('sg_stories', NULL, 'subgroup', 1, 0, NULL, 0, TRUE);
+
+ $c->add('fs_story', NULL, 'fieldset', 1, 7, NULL, 0, TRUE);
+ $c->add('maximagesperarticle',5,'text',1,7,NULL,1170,TRUE);
+ $c->add('limitnews',10,'text',1,7,NULL,1180,TRUE);
+ $c->add('minnews',1,'text',1,7,NULL,1190,TRUE);
+ $c->add('contributedbyline',1,'select',1,7,0,1200,TRUE);
+ $c->add('hideviewscount',0,'select',1,7,0,1210,TRUE);
+ $c->add('hideemailicon',0,'select',1,7,0,1220,TRUE);
+ $c->add('hideprintericon',0,'select',1,7,0,1230,TRUE);
+ $c->add('allow_page_breaks',1,'select',1,7,0,1240,TRUE);
+ $c->add('page_break_comments','last','select',1,7,7,1250,TRUE);
+ $c->add('article_image_align','right','select',1,7,8,1260,TRUE);
+ $c->add('show_topic_icon',1,'select',1,7,0,1270,TRUE);
+ $c->add('draft_flag',0,'select',1,7,0,1280,TRUE);
+ $c->add('frontpage',1,'select',1,7,0,1290,TRUE);
+ $c->add('hide_no_news_msg',0,'select',1,7,0,1300,TRUE);
+ $c->add('hide_main_page_navigation',0,'select',1,7,0,1310,TRUE);
+ $c->add('onlyrootfeatures',0,'select',1,7,0,1320,TRUE);
+ $c->add('aftersave_story','list','select',1,7,9,1330,TRUE);
+
+ $c->add('fs_trackback', NULL, 'fieldset', 1, 8, NULL, 0, TRUE);
+ $c->add('trackback_enabled',TRUE,'select',1,8,1,1060,TRUE);
+ $c->add('trackback_code',0,'select',1,8,3,1070,TRUE);
+ $c->add('trackbackspeedlimit',300,'text',1,8,NULL,1080,TRUE);
+ $c->add('check_trackback_link',2,'select',1,8,4,1090,TRUE);
+ $c->add('multiple_trackbacks',0,'select',1,8,2,1100,TRUE);
+
+ $c->add('fs_pingback', NULL, 'fieldset', 1, 9, NULL, 0, TRUE);
+ $c->add('pingback_enabled',TRUE,'select',1,9,1,1110,TRUE);
+ $c->add('pingback_excerpt',TRUE,'select',1,9,1,1120,TRUE);
+ $c->add('pingback_self',0,'select',1,9,13,1130,TRUE);
+ $c->add('ping_enabled',TRUE,'select',1,9,1,1140,TRUE);
+
+ // Subgroup: Theme
+ $c->add('sg_theme', NULL, 'subgroup', 2, 0, NULL, 0, TRUE);
+
+ $c->add('fs_theme', NULL, 'fieldset', 2, 10, NULL, 0, TRUE);
+ $c->add('theme','professional','select',2,10,NULL,190,TRUE);
+
$c->add('menu_elements',array('contribute','search','stats','directory','plugins'),'%text',2,10,NULL,200,TRUE);
+ $c->add('path_themes','','text',2,10,NULL,210,TRUE);
+
+ $c->add('fs_theme_advanced', NULL, 'fieldset', 2, 11, NULL, 0, TRUE);
+ $c->add('show_right_blocks',FALSE,'select',2,11,1,1350,TRUE);
+ $c->add('showfirstasfeatured',0,'select',2,11,0,1360,TRUE);
+
+ // Subgroup: Blocks
+ $c->add('sg_blocks', NULL, 'subgroup', 3, 0, NULL, 0, TRUE);
+
+ $c->add('fs_admin_block', NULL, 'fieldset', 3, 12, NULL, 0, TRUE);
+ $c->add('sort_admin',TRUE,'select',3,12,1,340,TRUE);
+ $c->add('link_documentation',1,'select',3,12,0,1150,TRUE);
+ $c->add('link_versionchecker',1,'select',3,12,0,1160,TRUE);
+
+ $c->add('fs_topics_block', NULL, 'fieldset', 3, 13, NULL, 0, TRUE);
+ $c->add('sortmethod','sortnum','select',3,13,15,870,TRUE);
+ $c->add('showstorycount',1,'select',3,13,0,880,TRUE);
+ $c->add('showsubmissioncount',1,'select',3,13,0,890,TRUE);
+ $c->add('hide_home_link',0,'select',3,13,0,900,TRUE);
+
+ $c->add('fs_whosonline_block', NULL, 'fieldset', 3, 14, NULL, 0, TRUE);
+ $c->add('whosonline_threshold',300,'text',3,14,NULL,910,TRUE);
+ $c->add('whosonline_anonymous',0,'select',3,14,0,920,TRUE);
+
+ $c->add('fs_whatsnew_block', NULL, 'fieldset', 3, 15, NULL, 0, TRUE);
+ $c->add('newstoriesinterval',86400,'text',3,15,NULL,980,TRUE);
+ $c->add('newcommentsinterval',172800,'text',3,15,NULL,990,TRUE);
+ $c->add('newtrackbackinterval',172800,'text',3,15,NULL,1000,TRUE);
+ $c->add('hidenewstories',0,'select',3,15,0,1010,TRUE);
+ $c->add('hidenewcomments',0,'select',3,15,0,1020,TRUE);
+ $c->add('hidenewtrackbacks',0,'select',3,15,0,1030,TRUE);
+ $c->add('hidenewplugins',0,'select',3,15,0,1040,TRUE);
+ $c->add('title_trim_length',20,'text',3,15,NULL,1050,TRUE);
+
+ // Subgroup: Users and Submissions
+ $c->add('sg_users', NULL, 'subgroup', 4, 0, NULL, 0, TRUE);
+
+ $c->add('fs_users', NULL, 'fieldset', 4, 16, NULL, 0, TRUE);
+
$c->add('disable_new_user_registration',FALSE,'select',4,16,0,220,TRUE);
+ $c->add('allow_user_themes',1,'select',4,16,0,230,TRUE);
+ $c->add('allow_user_language',1,'select',4,16,0,240,TRUE);
+ $c->add('allow_user_photo',1,'select',4,16,0,250,TRUE);
+ $c->add('allow_username_change',0,'select',4,16,0,260,TRUE);
+ $c->add('allow_account_delete',0,'select',4,16,0,270,TRUE);
+ $c->add('hide_author_exclusion',0,'select',4,16,0,280,TRUE);
+ $c->add('show_fullname',0,'select',4,16,0,290,TRUE);
+ $c->add('show_servicename',TRUE,'select',4,16,1,300,TRUE);
+ $c->add('custom_registration',FALSE,'select',4,16,1,310,TRUE);
+ $c->add('user_login_method',array('standard' => true, 'openid' =>
false, '3rdparty' => false),'@select',4,16,1,320,TRUE);
+ $c->add('aftersave_user','item','select',4,16,9,1340,TRUE);
+
+ $c->add('fs_spamx', NULL, 'fieldset', 4, 17, NULL, 0, TRUE);
+ $c->add('spamx',128,'text',4,17,NULL,330,TRUE);
+
+ $c->add('fs_login', NULL, 'fieldset', 4, 18, NULL, 0, TRUE);
+ $c->add('lastlogin',TRUE,'select',4,18,1,640,TRUE);
+ $c->add('loginrequired',0,'select',4,18,0,680,TRUE);
+ $c->add('submitloginrequired',0,'select',4,18,0,690,TRUE);
+ $c->add('commentsloginrequired',0,'select',4,18,0,700,TRUE);
+ $c->add('statsloginrequired',0,'select',4,18,0,710,TRUE);
+ $c->add('searchloginrequired',0,'select',4,18,16,720,TRUE);
+ $c->add('profileloginrequired',0,'select',4,18,0,730,TRUE);
+ $c->add('emailuserloginrequired',0,'select',4,18,0,740,TRUE);
+ $c->add('emailstoryloginrequired',0,'select',4,18,0,750,TRUE);
+ $c->add('directoryloginrequired',0,'select',4,18,0,760,TRUE);
+ $c->add('passwordspeedlimit',300,'text',4,18,NULL,1680,TRUE);
+ $c->add('login_attempts',3,'text',4,18,NULL,1690,TRUE);
+ $c->add('login_speedlimit',300,'text',4,18,NULL,1700,TRUE);
+
+ $c->add('fs_user_submission', NULL, 'fieldset', 4, 19, NULL, 0, TRUE);
+ $c->add('usersubmission',0,'select',4,19,0,780,TRUE);
+ $c->add('allow_domains','','text',4,19,NULL,960,TRUE);
+ $c->add('disallow_domains','','text',4,19,NULL,970,TRUE);
+
+ $c->add('fs_submission', NULL, 'fieldset', 4, 20, NULL, 0, TRUE);
+ $c->add('storysubmission',1,'select',4,20,0,770,TRUE);
+ $c->add('listdraftstories',0,'select',4,20,0,790,TRUE);
+ $c->add('postmode','plaintext','select',4,20,5,810,TRUE);
+ $c->add('speedlimit',45,'text',4,20,NULL,820,TRUE);
+ $c->add('skip_preview',0,'select',4,20,0,830,TRUE);
+ $c->add('advanced_editor',FALSE,'select',4,20,1,840,TRUE);
+ $c->add('wikitext_editor',FALSE,'select',4,20,1,850,TRUE);
+
+ $c->add('fs_comments', NULL, 'fieldset', 4, 21, NULL, 0, TRUE);
+ $c->add('commentspeedlimit',45,'text',4,21,NULL,1640,TRUE);
+ $c->add('comment_limit',100,'text',4,21,NULL,1650,TRUE);
+ $c->add('comment_mode','threaded','select',4,21,11,1660,TRUE);
+ $c->add('comment_code',0,'select',4,21,17,1670,TRUE);
+
+ // Subgroup: Images
+ $c->add('sg_images', NULL, 'subgroup', 5, 0, NULL, 0, TRUE);
+
+ $c->add('fs_imagelib', NULL, 'fieldset', 5, 22, NULL, 0, TRUE);
+ $c->add('image_lib','','select',5,22,10,1450,TRUE);
+ $c->add('path_to_mogrify','','text',5,22,NULL,1460,FALSE);
+ $c->add('path_to_netpbm','','text',5,22,NULL,1470,FALSE);
+
+ $c->add('fs_upload', NULL, 'fieldset', 5, 23, NULL, 0, TRUE);
+ $c->add('keep_unscaled_image',0,'select',5,23,0,1480,TRUE);
+ $c->add('allow_user_scaling',1,'select',5,23,0,1490,TRUE);
+ $c->add('debug_image_upload',FALSE,'select',5,23,1,1500,TRUE);
+
+ $c->add('fs_articleimg', NULL, 'fieldset', 5, 24, NULL, 0, TRUE);
+ $c->add('max_image_width',160,'text',5,24,NULL,1510,TRUE);
+ $c->add('max_image_height',160,'text',5,24,NULL,1520,TRUE);
+ $c->add('max_image_size',1048576,'text',5,24,NULL,1530,TRUE);
+
+ $c->add('fs_topicicon', NULL, 'fieldset', 5, 25, NULL, 0, TRUE);
+ $c->add('max_topicicon_width',48,'text',5,25,NULL,1540,TRUE);
+ $c->add('max_topicicon_height',48,'text',5,25,NULL,1550,TRUE);
+ $c->add('max_topicicon_size',65536,'text',5,25,NULL,1560,TRUE);
+
+ $c->add('fs_userphoto', NULL, 'fieldset', 5, 26, NULL, 0, TRUE);
+ $c->add('max_photo_width',128,'text',5,26,NULL,1570,TRUE);
+ $c->add('max_photo_height',128,'text',5,26,NULL,1580,TRUE);
+ $c->add('max_photo_size',65536,'text',5,26,NULL,1590,TRUE);
+ $c->add('force_photo_width',75,'text',5,26,NULL,1620,FALSE);
+
$c->add('default_photo','http://example.com/default.jpg','text',5,26,NULL,1630,FALSE);
+
+ $c->add('fs_gravatar', NULL, 'fieldset', 5, 27, NULL, 0, TRUE);
+ $c->add('use_gravatar',FALSE,'select',5,27,1,1600,TRUE);
+ $c->add('gravatar_rating','R','text',5,27,NULL,1610,FALSE);
+
+ // Subgroup: Languages and Locale
+ $c->add('sg_locale', NULL, 'subgroup', 6, 0, NULL, 0, TRUE);
+
+ $c->add('fs_language', NULL, 'fieldset', 6, 28, NULL, 0, TRUE);
+ $c->add('language','english','select',6,28,NULL,350,TRUE);
+
$c->add('language_files',array('en'=>'english_utf-8', 'de'=>'german_formal_utf-8'),'*text',6,28,NULL,470,FALSE);
+
$c->add('languages',array('en'=>'English', 'de'=>'Deutsch'),'*text',6,28,NULL,480,FALSE);
+
+ $c->add('fs_locale', NULL, 'fieldset', 6, 29, NULL, 0, TRUE);
+ $c->add('locale','en_GB','text',6,29,NULL,360,TRUE);
+ $c->add('date','%A, %B %d %Y @ %I:%M %p %Z','text',6,29,NULL,370,TRUE);
+ $c->add('daytime','%m/%d %I:%M%p','text',6,29,NULL,380,TRUE);
+ $c->add('shortdate','%x','text',6,29,NULL,390,TRUE);
+ $c->add('dateonly','%d-%b','text',6,29,NULL,400,TRUE);
+ $c->add('timeonly','%I:%M%p','text',6,29,NULL,410,TRUE);
+ $c->add('week_start','Sun','select',6,29,14,420,TRUE);
+ $c->add('hour_mode',12,'select',6,29,6,430,TRUE);
+ $c->add('thousand_separator',",",'text',6,29,NULL,440,TRUE);
+ $c->add('decimal_separator',".",'text',6,29,NULL,450,TRUE);
+ $c->add('decimal_count',"2",'text',6,29,NULL,460,TRUE);
+ $c->add('timezone','Etc/GMT-6','text',6,29,NULL,490,FALSE);
+
+ // Subgroup: Miscellaneous
+ $c->add('sg_misc', NULL, 'subgroup', 7, 0, NULL, 0, TRUE);
+
+ $c->add('fs_cookies', NULL, 'fieldset', 7, 30, NULL, 0, TRUE);
+ $c->add('cookie_session','gl_session','text',7,30,NULL,530,TRUE);
+ $c->add('cookie_name','geeklog','text',7,30,NULL,540,TRUE);
+ $c->add('cookie_password','password','text',7,30,NULL,550,TRUE);
+ $c->add('cookie_theme','theme','text',7,30,NULL,560,TRUE);
+ $c->add('cookie_language','language','text',7,30,NULL,570,TRUE);
+ $c->add('cookie_tzid','timezone','text',7,30,NULL,575,TRUE);
+ $c->add('cookie_ip',0,'select',7,30,0,580,TRUE);
+ $c->add('default_perm_cookie_timeout',28800,'text',7,30,NULL,590,TRUE);
+ $c->add('session_cookie_timeout',7200,'text',7,30,NULL,600,TRUE);
+ $c->add('cookie_path','/','text',7,30,NULL,610,TRUE);
+ $c->add('cookiedomain','','text',7,30,NULL,620,TRUE);
+ $c->add('cookiesecure',FALSE,'select',7,30,1,630,TRUE);
+
+ $c->add('fs_misc', NULL, 'fieldset', 7, 31, NULL, 0, TRUE);
+ $c->add('pdf_enabled',0,'select',7,31,0,660,TRUE);
+ $c->add('notification',array(),'%text',7,31,NULL,800,TRUE);
+ $c->add('cron_schedule_interval',86400,'text',7,31,NULL,860,TRUE);
+ $c->add('disable_autolinks',0,'select',7,31,0,1750,TRUE);
+
+ $c->add('fs_debug', NULL, 'fieldset', 7, 32, NULL, 0, TRUE);
+ $c->add('rootdebug',FALSE,'select',7,32,1,520,TRUE);
+
+ $c->add('fs_daily_digest', NULL, 'fieldset', 7, 33, NULL, 0, TRUE);
+ $c->add('emailstories',0,'select',7,33,0,930,TRUE);
+ $c->add('emailstorieslength',1,'text',7,33,NULL,940,TRUE);
+ $c->add('emailstoriesperdefault',0,'select',7,33,0,950,TRUE);
+
+ $c->add('fs_htmlfilter', NULL, 'fieldset', 7, 34, NULL, 0, TRUE);
+ $c->add('user_html',array ('p' => array(), 'b' => array(), 'strong' =>
array(),'i' => array(), 'a' => array('href' => 1, 'title' => 1, 'rel' =>
1),'em' => array(),'br' => array(),'tt' => array(),'hr' =>
array(), 'li' => array(), 'ol' => array(), 'ul' =>
array(), 'code' => array(), 'pre' =>
array()),'**placeholder',7,34,NULL,1710,TRUE);
+ $c->add('admin_html',array ('p' => array('class' => 1, 'id' =>
1, 'align' => 1), 'div' => array('class' => 1, 'id' => 1), 'span' =>
array('class' => 1, 'id' => 1), 'table' => array('class' => 1, 'id' =>
1, 'width' => 1, 'border' => 1, 'cellspacing' => 1, 'cellpadding' =>
1), 'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' =>
1), 'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' =>
1, 'colspan' => 1, 'rowspan' => 1), 'td' => array('class' => 1, 'id' =>
1, 'align' => 1, 'valign' => 1, 'colspan' => 1, 'rowspan' =>
1)),'**placeholder',7,34,NULL,1720,TRUE);
+ $c->add('skip_html_filter_for_root',0,'select',7,34,0,1730,TRUE);
+
$c->add('allowed_protocols',array('http','ftp','https'),'%text',7,34,NULL,1740,TRUE);
+
+ $c->add('fs_censoring', NULL, 'fieldset', 7, 35, NULL, 0, TRUE);
+ $c->add('censormode',1,'select',7,35,0,1760,TRUE);
+ $c->add('censorreplace','*censored*','text',7,35,NULL,1770,TRUE);
+ $c->add('censorlist',
array('fuck','cunt','fucker','fucking','pussy','cock','c0ck','
cum ','twat','clit','bitch','fuk','fuking','motherfucker'),'%text',7,35,NULL,1780,TRUE);
+
+ $c->add('fs_iplookup', NULL, 'fieldset', 7, 36, NULL, 0, TRUE);
+
$c->add('ip_lookup','/nettools/whois.php?domain=*','text',7,36,NULL,1790,FALSE);
+
+ $c->add('fs_perm_story', NULL, 'fieldset', 7, 37, NULL, 0, TRUE);
+ $c->add('default_permissions_story',array(3, 2, 2,
2),'@select',7,37,12,1820,TRUE);
+
+ $c->add('fs_perm_topic', NULL, 'fieldset', 7, 38, NULL, 0, TRUE);
+ $c->add('default_permissions_topic',array(3, 2, 2,
2),'@select',7,38,12,1830,TRUE);
+
+ $c->add('fs_perm_block', NULL, 'fieldset', 7, 39, NULL, 0, TRUE);
+ $c->add('default_permissions_block',array(3, 2, 2,
2),'@select',7,39,12,1810,TRUE);
+
+ $c->add('fs_webservices', NULL, 'fieldset', 7, 40, NULL, 0, TRUE);
+ $c->add('disable_webservices', 0, 'select', 7, 40, 0, 1840, TRUE);
+ $c->add('restrict_webservices', 0, 'select', 7, 40, 0, 1850, TRUE);
+ $c->add('atom_max_stories', 10, 'text', 7, 40, 0, 1860, TRUE);
+
+
+ // Add the configuration records for the default installed plugins
+ $plugin_path = $_CONF['path'] . 'plugins/';
+
+ require_once $plugin_path . 'calendar/install_defaults.php';
+ plugin_initconfig_calendar();
+
+ require_once $plugin_path . 'links/install_defaults.php';
+ plugin_initconfig_links();
+
+ require_once $plugin_path . 'polls/install_defaults.php';
+ plugin_initconfig_polls();
+
+ require_once $plugin_path . 'spamx/install_defaults.php';
+ plugin_initconfig_spamx();
+
+ require_once $plugin_path . 'staticpages/install_defaults.php';
+ plugin_initconfig_staticpages();
+}
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/install/configinfo.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/install/configinfo.php Sun
Apr 5 18:10:31 2009
@@ -0,0 +1,97 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
configinfo.php |
+//
|
|
+// | Display current configuration
settings |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2002-2008 by the following
authors: |
+//
|
|
+// | Authors: Jeffrey Schoolcraft - dream AT dr3amscap3 DOT
com |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+//
+// $Id: configinfo.php,v 1.7 2008/05/11 07:25:08 dhaun Exp $
+
+/**
+* This script will display file and permission information based on
settings in
+* the configuration. This is meant to be used as a support tool when asked
+* questions in #geeklog.
+*
+* @author Jeffrey Schoolcraft <dream AT dr3amscap3 DOT com>
+*
+*/
+
+if (file_exists('../../lib-common.php')) {
+ require_once '../../lib-common.php';
+} else {
+ die("Sorry, lib-common.php not found ...");
+}
+
+$highlight_on = '#EFEFEF';
+$highlight_off = '#D9D9D9';
+
+if (isset($_CONF['site_url']) &&
+ strpos($_CONF['site_url'], 'example.com') === false) {
+ $docs = $_CONF['site_url'] . '/docs/config.html#desc_';
+} else {
+ $docs = '../../docs/config.html#desc_';
+}
+
+if (isset($_CONF['mail_settings']['password'])) {
+ unset($_CONF['mail_settings']['password']);
+}
+
+$display = "<html>\n<head><title>Configuration
Settings</title></head>\n<body>\n";
+$n = 0;
+$display .= '<table width="100%" cellspacing="0" cellpadding="0"
border="0" style="border: thin black solid;">';
+
+foreach ($_CONF as $option => $value) {
+ $display .= '<tr';
+ if ($n % 2 == 0) {
+ $display .= ' style="background-color: ' . $highlight_on . '">';
+ } else {
+ $display .= ' style="background-color: ' . $highlight_off . '">';
+ }
+ $display .= '<td style="border: thin black solid; padding:
2px;"><strong>$_CONF[\'<a href="'
+ . $docs . $option . '">' . $option . '</a>\']</strong></td>';
+ if (is_array($value)) {
+ ob_start();
+ print_r($value);
+ $value=nl2br(ob_get_contents());
+ ob_end_clean();
+ } elseif (is_bool($value)) {
+ $value = ($value === false) ? 'false' : 'true';
+ } elseif (eregi('[a-z]+html', $option)) {
+ $value = htmlentities($value);
+ } elseif (!isset($value)) {
+ $value = ' ';
+ }
+ $display .= '<td style="border: thin black solid; padding:
2px;"><strong>' . $value . '</strong></td>';
+ $display .= '</tr>';
+ $n++;
+}
+$display .= "</table>\n</body>\n</html>";
+
+echo $display;
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/install/help.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/install/help.php Sun Apr
5 18:10:31 2009
@@ -0,0 +1,146 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
help.php |
+//
|
|
+// | Support for Geeklog installation
script. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2008 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Mark Limburg - mlimburg AT users DOT sourceforge DOT
net |
+// | Jason Whittenburg - jwhitten AT securitygeeks DOT
com |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+// | Randy Kolenko - randy AT nextide DOT ca
+// | Matt West - matt AT mattdanger DOT
net |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+// | You don't need to change anything in this
file. |
+// | Please read docs/install.html which describes how to install
Geeklog. |
+//
+---------------------------------------------------------------------------+
+//
+// $Id: help.php,v 1.7 2008/06/07 07:56:36 dhaun Exp $
+
+if (!defined ("LB")) {
+ define("LB", "\n");
+}
+if ( !defined( 'XHTML' ) ) {
+ define( 'XHTML', ' /' );
+}
+
+$language = 'english';
+if (isset($_GET['language'])) {
+ $lng = $_GET['language'];
+} else if (isset($_COOKIE['language'])) {
+ // Okay, so the name of the language cookie is configurable, so it may
not
+ // be named 'language' after all. Still worth a try ...
+ $lng = $_COOKIE['language'];
+} else {
+ $lng = $language;
+}
+// sanitize value and check for file
+$lng = preg_replace('/[^a-z0-9\-_]/', '', $lng);
+if (!empty($lng) && is_file('language/' . $lng . '.php')) {
+ $language = $lng;
+}
+require_once 'language/' . $language . '.php';
+
+// $display holds all the outputted HTML and content
+if ( defined( 'XHTML' ) ) {
+ $display = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">';
+} else {
+ $display = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
Transitional//EN">
+<html>';
+}
+if (empty($LANG_DIRECTION)) {
+ $LANG_DIRECTION = 'ltr';
+}
+$display .= '<head>
+<meta http-equiv="Content-Type" content="text/html;charset=' .
$LANG_CHARSET . '"' . XHTML . '>
+<link rel="stylesheet" type="text/css" href="layout/style.css"' .
XHTML . '>
+<meta name="robots" content="noindex,nofollow"' . XHTML . '>
+<title>' . $LANG_INSTALL[0] . '</title>
+</head>
+
+<body dir="' . $LANG_DIRECTION . '">
+ <div class="header-navigation-container">
+ <div class="header-navigation-line">
+ <a href="' . $LANG_INSTALL[87] . '"
class="header-navigation">' . $LANG_INSTALL[1] . '</a>
+ </div>
+ </div>
+ <div class="header-logobg-container-inner">
+ <a class="header-logo" href="http://www.geeklog.net/">
+ <img src="layout/logo.png" width="151" height="56"
alt="Geeklog"' . XHTML . '>
+ </a>
+ <div class="header-slogan">' . $LANG_INSTALL[2] . ' <br' .
XHTML . '><br' . XHTML . '></div>
+ </div>
+ <div class="installation-container">
+ <div class="installation-body-container">
+ <h1 class="heading">' . $LANG_HELP[0] . '</h1>
+ <h2><a name="site_name">' . $LANG_INSTALL[32] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[1] . '</p>
+
+ <h2><a name="site_slogan">' . $LANG_INSTALL[33] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[2] . '</p>
+
+ <h2><a name="db_type">' . $LANG_INSTALL[34] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[3] . '</p>
+
+ <h2><a name="db_host">' . $LANG_INSTALL[39] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[4] . '</p>
+
+ <h2><a name="db_name">' . $LANG_INSTALL[40] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[5] . '</p>
+
+ <h2><a name="db_user">' . $LANG_INSTALL[41] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[6] . '</p>
+
+ <h2><a name="db_pass">' . $LANG_INSTALL[42] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[7] . '</p>
+
+ <h2><a name="db_prefix">' . $LANG_INSTALL[43] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[8] . '</p>
+
+ <h2><a name="site_url">' . $LANG_INSTALL[45] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[9] . '</p>
+
+ <h2><a name="site_admin_url">' . $LANG_INSTALL[47] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[10] . '</p>
+
+ <h2><a name="site_mail">' . $LANG_INSTALL[48] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[11] . '</p>
+
+ <h2><a name="noreply_mail">' . $LANG_INSTALL[49] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[12] . '</p>
+
+ <h2><a name="utf8">' . $LANG_INSTALL[92] . '</a></h2>
+ <p class="indent">' . $LANG_HELP[13] . '</p>
+
+ </div>
+ </div>
+
+</body>
+</html>' . LB;
+
+echo $display;
+
+?>
Added: externals/geeklog-1.5.2sr2/public_html/admin/install/index.php
==============================================================================
--- (empty file)
+++ externals/geeklog-1.5.2sr2/public_html/admin/install/index.php Sun Apr
5 18:10:31 2009
@@ -0,0 +1,2210 @@
+<?php
+
+/* Reminder: always indent with 4 spaces (no tabs). */
+//
+---------------------------------------------------------------------------+
+// | Geeklog
1.5 |
+//
+---------------------------------------------------------------------------+
+// |
index.php |
+//
|
|
+// | Geeklog installation
script. |
+//
+---------------------------------------------------------------------------+
+// | Copyright (C) 2000-2009 by the following
authors: |
+//
|
|
+// | Authors: Tony Bibbs - tony AT tonybibbs DOT
com |
+// | Mark Limburg - mlimburg AT users DOT sourceforge DOT
net |
+// | Jason Whittenburg - jwhitten AT securitygeeks DOT
com |
+// | Dirk Haun - dirk AT haun-online DOT
de |
+// | Randy Kolenko - randy AT nextide DOT ca
+// | Matt West - matt AT mattdanger DOT
net |
+//
+---------------------------------------------------------------------------+
+//
|
|
+// | This program is free software; you can redistribute it
and/or |
+// | modify it under the terms of the GNU General Public
License |
+// | as published by the Free Software Foundation; either version
2 |
+// | of the License, or (at your option) any later
version. |
+//
|
|
+// | This program is distributed in the hope that it will be
useful, |
+// | but WITHOUT ANY WARRANTY; without even the implied warranty
of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the |
+// | GNU General Public License for more
details. |
+//
|
|
+// | You should have received a copy of the GNU General Public
License |
+// | along with this program; if not, write to the Free Software
Foundation, |
+// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. |
+//
|
|
+//
+---------------------------------------------------------------------------+
+// | You don't need to change anything in this
file. |
+// | Please read docs/install.html which describes how to install
Geeklog. |
+//
+---------------------------------------------------------------------------+
+
+// this should help expose parse errors even when
+// display_errors is set to Off in php.ini
+if (function_exists('ini_set')) {
+ ini_set('display_errors', '1');
+}
+error_reporting(E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+
+if (!defined("LB")) {
+ define("LB", "\n");
+}
+if (!defined('VERSION')) {
+ define('VERSION', '1.5.2sr2');
+}
+if (!defined('XHTML')) {
+ define('XHTML', ' /');
+}
+
+/**
+ * Returns the PHP version
+ *
+ * Note: Removes appendices like 'rc1', etc.
+ *
+ * @return array the 3 separate parts of the PHP version number
+ *
+ */
+function php_v ()
+{
+ $phpv = explode ('.', phpversion ());
+ return array ($phpv[0], $phpv[1], (int) $phpv[2]);
+}
+
+
+/**
+ * Returns the MySQL version
+ *
+ * @return mixed array[0..2] of the parts of the version number or false
+ *
+ */
+function mysql_v($_DB_host, $_DB_user, $_DB_pass)
+{
+ if (@mysql_connect($_DB_host, $_DB_user, $_DB_pass) === false) {
+ return false;
+ }
+ $mysqlv = '';
+
+ // mysql_get_server_info() is only available as of PHP 4.0.5
+ $phpv = php_v ();
+ if (($phpv[0] > 4) || (($phpv[0] == 4) && ($phpv[1] > 0)) ||
+ (($phpv[0] == 4) && ($phpv[1] == 0) && ($phpv[2] > 4))) {
+ $mysqlv = @mysql_get_server_info();
+ }
+
+ if (!empty ($mysqlv)) {
+ preg_match ('/^([0-9]+).([0-9]+).([0-9]+)/', $mysqlv, $match);
+ $mysqlmajorv = $match[1];
+ $mysqlminorv = $match[2];
+ $mysqlrev = $match[3];
+ } else {
+ $mysqlmajorv = 0;
+ $mysqlminorv = 0;
+ $mysqlrev = 0;
+ }
+ @mysql_close ();
+
+ return array ($mysqlmajorv, $mysqlminorv, $mysqlrev);
+}
+
+
+/*
+* Checks for Static Pages Version
+*
+* @return 0 = not installed, 1 = original plugin, 2 = plugin by Phill or
Tom, 3 = v1.3 (center block, etc.), 4 = 1.4 ('in block' flag)
+*
+* Note: Needed for upgrades from old versions - don't remove.
+*
+*/
+function get_SP_Ver()
+{
+ global $_TABLES;
+
+ $retval = 0;
+
+ if (DB_count ($_TABLES['plugins'], 'pi_name', 'staticpages') > 0) {
+ $result = DB_query ("DESCRIBE {$_TABLES['staticpage']}");
+ $numrows = DB_numRows ($result);
+
+ $retval = 1; // assume v1.1 for now ...
+
+ for ($i = 0; $i < $numrows; $i++) {
+ $A = DB_fetchArray ($result, true);
+ if ($A[0] == 'sp_nf') {
+ $retval = 3; // v1.3
+ } elseif ($A[0] == 'sp_pos') {
+ $retval = 2; // v1.2
+ } elseif ($A[0] == 'sp_inblock') {
+ $retval = 4; // v1.4
+ break;
+ }
+ }
+ }
+
+ return $retval;
+}
+
+
+/**
+ * Check if we can skip upgrade steps (post-1.5.0)
+ *
+ * If we're doing an upgrade from 1.5.0 or later and we have the necessary
+ * DB credentials, skip the forms and upgrade directly.
+ *
+ * @param string $dbconfig_path path to db-config.php
+ * @param string $siteconfig_path path to siteconfig.php
+ * @return string database version, if possible
+ * @note Will not return if upgrading from 1.5.0 or later.
+ *
+ */
+function INST_checkPost150Upgrade($dbconfig_path, $siteconfig_path)
+{
+ global $_CONF, $_TABLES, $_DB, $_DB_dbms, $_DB_host, $_DB_user,
$_DB_pass;
+
+ require $dbconfig_path;
+ require $siteconfig_path;
+
+ $connected = false;
+ $version = '';
+
+ switch ($_DB_dbms) {
+ case 'mysql':
+ $db_handle = @mysql_connect($_DB_host, $_DB_user, $_DB_pass);
+ if ($db_handle) {
+ $connected = @mysql_select_db($_DB_name, $db_handle);
+ }
+ break;
+
+ case 'mssql':
+ $db_handle = @mssql_connect($_DB_host, $_DB_user, $_DB_pass);
+ if ($db_handle) {
+ $connected = @mssql_select_db($_DB_name, $db_handle);
+ }
+ break;
+
+ default:
+ $connected = false;
+ break;
+ }
+
+ if ($connected) {
+ require $_CONF['path_system'] . 'lib-database.php';
+
+ $version = INST_identifyGeeklogVersion();
+
+ switch ($_DB_dbms) {
+ case 'mysql':
+ @mysql_close($db_handle);
+ break;
+
+ case 'mssql':
+ @mssql_close($db_handle);
+ break;
+ }
+
+ if (!empty($version) && ($version != VERSION) &&
+ (substr($version, 0, 4) == '1.5.')) {
+
+ // this is a 1.5.x version, so upgrade directly
+ $req_string = 'index.php?mode=upgrade&step=3'
+ . '&dbconfig_path=' . $dbconfig_path
+ . '&version=' . $version;
+
+ header('Location: ' . $req_string);
+ exit;
+ }
+ }
+
+ return $version;
+}
+
+
+/**
+ * Set VERSION constant in siteconfig.php after successful upgrade
+ *
+ * @param string $siteconfig_path path to siteconfig.php
+ * @return void
+ *
+ */
+function INST_setVersion($siteconfig_path)
+{
+ global $LANG_INSTALL;
+
+ $siteconfig_file = fopen($siteconfig_path, 'r');
+ $siteconfig_data = fread($siteconfig_file, filesize($siteconfig_path));
+ fclose($siteconfig_file);
+
+ $siteconfig_data = preg_replace
+ (
+ '/define\s*\(\'VERSION\',[^;]*;/',
+ "define('VERSION', '" . VERSION . "');",
+ $siteconfig_data
+ );
+
+ $siteconfig_file = fopen($siteconfig_path, 'w');
+ if (!fwrite($siteconfig_file, $siteconfig_data)) {
+ exit($LANG_INSTALL[26] . ' ' . $LANG_INSTALL[28]);
+ }
+ fclose($siteconfig_file);
+}
+
+
+/*
+ * Installer engine
+ *
+ * The guts of the installation and upgrade package.
+ *
+ * @param string $install_type 'install' or 'upgrade'
+ * @param int $install_step 1 - 3
+ */
+function INST_installEngine($install_type, $install_step)
+{
+ global $_CONF, $LANG_INSTALL, $LANG_CHARSET, $_DB, $_TABLES, $gl_path,
$html_path, $dbconfig_path, $siteconfig_path, $display, $language,
$label_dir;
+
+ switch ($install_step) {
+
+ /**
+ * Page 1 - Enter Geeklog config information
+ */
+ case 1:
+ require_once $dbconfig_path; // Get the current DB info
+
+ if ($install_type == 'upgrade') {
+ $v = INST_checkPost150Upgrade($dbconfig_path,
$siteconfig_path);
+ // will skip to step 3 if possible, otherwise return here
+
+ if ($v == VERSION) {
+ // looks like we're already up to date
+ $display .= '<h2>' . $LANG_INSTALL[74] . '</h2>' . LB
+ . '<p>' . $LANG_INSTALL[75] . '</p>';
+ return;
+ }
+ }
+
+ // Set all the form values either with their defaults or with
received POST data.
+ // The only instance where you'd get POST data would be if the
user has to
+ // go back because they entered incorrect database information.
+ $site_name = (isset($_POST['site_name'])) ?
str_replace('\\', '', $_POST['site_name']) : $LANG_INSTALL[29];
+ $site_slogan = (isset($_POST['site_slogan'])) ?
str_replace('\\', '', $_POST['site_slogan']) : $LANG_INSTALL[30];
+ $mysql_innodb_selected = '';
+ $mysql_selected = '';
+ $mssql_selected = '';
+ if (isset($_POST['db_type'])) {
+ switch ($_POST['db_type']) {
+ case 'mysql-innodb':
+ $mysql_innodb_selected = ' selected="selected"';
+ break;
+ case 'mssql':
+ $mssql_selected = ' selected="selected"';
+ break;
+ default:
+ $mysql_selected = ' selected="selected"';
+ break;
+ }
+ } else {
+ switch ($_DB_dbms) {
+ case 'mssql':
+ $mssql_selected = ' selected="selected"';
+ break;
+ default:
+ $mysql_selected = ' selected="selected"';
+ break;
+ }
+ }
+ if (($_DB_host != 'localhost') || ($_DB_name != 'geeklog') ||
+ ($_DB_user != 'username') ||
($_DB_pass != 'password')) {
+ // only display those if they all have their default values
+ $_DB_host = '';
+ $_DB_name = '';
+ $_DB_user = '';
+ $_DB_pass = '';
+ }
+ $db_host = isset($_POST['db_host']) ? $_POST['db_host']
+ : ($_DB_host != 'localhost' ? '' : $_DB_host);
+ $db_name = isset($_POST['db_name']) ? $_POST['db_name']
+ : ($_DB_name != 'geeklog' ? '' : $_DB_name);
+ $db_user = isset($_POST['db_user']) ? $_POST['db_user']
+ : ($_DB_user != 'username' ? '' : $_DB_user);
+ $db_pass = isset($_POST['db_pass']) ? $_POST['db_pass'] : '';
+ $db_prefix = isset($_POST['db_prefix']) ? $_POST['db_prefix']
+ : $_DB_table_prefix;
+
+ $site_url = isset($_POST['site_url']) ?
$_POST['site_url'] : 'http://' . $_SERVER['HTTP_HOST'] .
preg_replace('/\/admin.*/', '', $_SERVER['PHP_SELF']) ;
+ $site_admin_url = isset($_POST['site_admin_url']) ?
$_POST['site_admin_url'] : 'http://' . $_SERVER['HTTP_HOST'] .
preg_replace('/\/install.*/', '', $_SERVER['PHP_SELF']) ;
+ $host_name = explode(':', $_SERVER['HTTP_HOST']);
+ $host_name = $host_name[0];
+ if (empty($_CONF['site_mail'])) {
+ $_CONF['site_mail'] = 'admin****@examp*****';
+ }
+ $site_mail = isset($_POST['site_mail']) ?
$_POST['site_mail'] : ($_CONF['site_mail'] != 'admin****@examp*****' ?
$_CONF['site_mail'] : 'admin@' . $host_name);
+ if (empty($_CONF['noreply_mail'])) {
+ $_CONF['noreply_mail'] = 'norep****@examp*****';
+ }
+ $noreply_mail = isset($_POST['noreply_mail']) ?
$_POST['noreply_mail'] : ($_CONF['noreply_mail'] != 'norep****@examp*****' ?
$_CONF['noreply_mail'] : 'noreply@' . $host_name);
+ if (isset($_POST['utf8']) && ($_POST['utf8'] == 'on')) {
+ $utf8 = true;
+ } else {
+ $utf8 = false;
+ if (strcasecmp($LANG_CHARSET, 'utf-8') == 0) {
+ $utf8 = true;
+ }
+ }
+
+ if ($install_type == 'install') {
+ $buttontext = $LANG_INSTALL[50];
+ $innodbnote = '<small>' . $LANG_INSTALL[38] . '</small>';
+ } else {
+ $buttontext = $LANG_INSTALL[25];
+ $innodbnote = '';
+ }
+
+ $display .= '
+ <h2>' . $LANG_INSTALL[31] . '</h2>
+ <form action="index.php" method="post">
+ <input type="hidden" name="mode" value="' .
$install_type . '"' . XHTML . '>
+ <input type="hidden" name="step" value="2"' . XHTML . '>
+ <input type="hidden" name="language" value="' .
$language . '"' . XHTML . '>
+ <input type="hidden" name="dbconfig_path" value="' .
$dbconfig_path . '"' . XHTML . '>
+
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[32] . ' ' . INST_helpLink('site_name') . '</label> <input
type="text" name="site_name" value="' . $site_name . '" size="40"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[33] . ' ' . INST_helpLink('site_slogan') . '</label> <input
type="text" name="site_slogan" value="' . $site_slogan . '" size="40"' .
XHTML . '></p><br' . XHTML . '>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[34] . ' ' . INST_helpLink('db_type') . '</label> <select
name="db_type">
+ <option value="mysql"' . $mysql_selected . '>' .
$LANG_INSTALL[35] . '</option>
+ ' . ($install_type == 'install' ? '<option
value="mysql-innodb"' . $mysql_innodb_selected . '>' .
$LANG_INSTALL[36] . '</option>' : '') . '
+ <option value="mssql"' . $mssql_selected . '>' .
$LANG_INSTALL[37] . '</option></select> ' . $innodbnote . '</p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[39] . ' ' . INST_helpLink('db_host') . '</label> <input
type="text" name="db_host" value="'. $db_host .'" size="20"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[40] . ' ' . INST_helpLink('db_name') . '</label> <input
type="text" name="db_name" value="'. $db_name . '" size="20"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[41] . ' ' . INST_helpLink('db_user') . '</label> <input
type="text" name="db_user" value="' . $db_user . '" size="20"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[42] . ' ' . INST_helpLink('db_pass') . '</label> <input
type="password" name="db_pass" value="' . $db_pass . '" size="20"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[43] . ' ' . INST_helpLink('db_prefix') . '</label> <input
type="text" name="db_prefix" value="' . $db_prefix . '" size="20"' .
XHTML . '></p>
+
+ <br' . XHTML . '>
+ <h2>' . $LANG_INSTALL[44] . '</h2>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[45] . ' ' . INST_helpLink('site_url') . '</label> <input
type="text" name="site_url" value="' . $site_url . '" size="50"' .
XHTML . '> ' . $LANG_INSTALL[46] . '</p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[47] . ' ' . INST_helpLink('site_admin_url') . '</label>
<input type="text" name="site_admin_url" value="' . $site_admin_url . '"
size="50"' . XHTML . '> ' . $LANG_INSTALL[46] . '</p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[48] . ' ' . INST_helpLink('site_mail') . '</label> <input
type="text" name="site_mail" value="' . $site_mail . '" size="50"' .
XHTML . '></p>
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[49] . ' ' . INST_helpLink('noreply_mail') . '</label> <input
type="text" name="noreply_mail" value="' . $noreply_mail . '" size="50"' .
XHTML . '></p>';
+
+ if ($install_type == 'install') {
+ $display .= '
+ <p><label class="' . $label_dir . '">' .
$LANG_INSTALL[92] . ' ' . INST_helpLink('utf8') . '</label> <input
type="checkbox" name="utf8"' . ($utf8 ? ' checked="checked"' : '') .
XHTML . '></p>';
+ }
+
+ $display .= '
+ <br' . XHTML . '>
+ <input type="submit" name="submit" class="submit"
value="' . $buttontext . ' >>"' . XHTML . '>
+ </form>' . LB;
+ break;
+
+
+ /**
+ * Page 2 - Enter information into db-config.php
+ * and ask about InnoDB tables (if supported)
+ */
+ case 2:
+ // Set all the variables from the received POST data.
+ $site_name = $_POST['site_name'];
+ $site_slogan = $_POST['site_slogan'];
+ $db_type = $_POST['db_type'];
+ $db_host = $_POST['db_host'];
+ $db_name = $_POST['db_name'];
+ $db_user = $_POST['db_user'];
+ $db_pass = $_POST['db_pass'];
+ $db_prefix = $_POST['db_prefix'];
+ $site_url = $_POST['site_url'];
+ $site_admin_url = $_POST['site_admin_url'];
+ $site_mail = $_POST['site_mail'];
+ $noreply_mail = $_POST['noreply_mail'];
+ $utf8 = (isset($_POST['utf8']) && ($_POST['utf8'] == 'on')) ?
true : false;
+
+ // If using MySQL check to make sure the version is supported
+ $outdated_mysql = false;
+ $failed_to_connect = false;
+ if ($db_type == 'mysql' || $db_type == 'mysql-innodb') {
+ $myv = mysql_v($db_host, $db_user, $db_pass);
+ if ($myv === false) {
+ $failed_to_connect = true;
+ } elseif (($myv[0] < 3) || (($myv[0] == 3) && ($myv[1] <
23)) ||
+ (($myv[0] == 3) && ($myv[1] == 23) && ($myv[2] <
2))) {
+ $outdated_mysql = true;
+ }
+ }
+ if ($outdated_mysql) { // If MySQL is out of date
+ $display .= '<h1>' . $LANG_INSTALL[51] . '</h1>' . LB;
+ $display .= '<p>' . $LANG_INSTALL[52] . $myv[0] . '.' .
$myv[1] . '.' . $myv[2] . $LANG_INSTALL[53] . '</p>' . LB;
+ } elseif ($failed_to_connect) {
+ $display .= '<h2>' . $LANG_INSTALL[54] . '</h2><p>'
+ . $LANG_INSTALL[55] . '</p>'
+ . INST_showReturnFormData($_POST) . LB;
+ } else {
+ // Check if you can connect to database
+ $invalid_db_auth = false;
+ $db_handle = null;
+ $innodb = false;
+ switch ($db_type) {
+ case 'mysql-innodb':
+ $innodb = true;
+ $db_type = 'mysql';
+ // deliberate fallthrough - no "break"
+ case 'mysql':
+ if (!$db_handle = @mysql_connect($db_host, $db_user,
$db_pass)) {
+ $invalid_db_auth = true;
+ }
+ break;
+ case 'mssql':
+ if (!$db_handle = mssql_connect($db_host, $db_user,
$db_pass)) {
+ $invalid_db_auth = true;
+ }
+ break;
+ }
+ if ($invalid_db_auth) { // If we can't connect to the
database server
+ $display .= '<h2>' . $LANG_INSTALL[54] . '</h2><p>'
+ . $LANG_INSTALL[55] . '</p>'
+ . INST_showReturnFormData($_POST) . LB;
+ } else { // If we can connect
+ // Check if the database exists
+ $db_exists = false;
+ switch ($db_type) {
+ case 'mysql':
+ if (@mysql_select_db($db_name, $db_handle)) {
+ $db_exists = true;
+ }
+ break;
+ case 'mssql':
+ if (@mssql_select_db($db_name, $db_handle)) {
+ $db_exists = true;
+ }
+ break;
+ }
+ if (!$db_exists) { // If database doesn't exist
+ $display .= '<h2>' . $LANG_INSTALL[56] . '</h2>
+ <p>' . $LANG_INSTALL[57] . '</p>' .
INST_showReturnFormData($_POST) . LB;
+ } else { // If database does exist
+
+ require_once $dbconfig_path; // Grab the current
DB values
+
+ // Read in db-config.php so we can insert the DB
information
+ $dbconfig_file = fopen($dbconfig_path, 'r');
+ $dbconfig_data = fread($dbconfig_file,
filesize($dbconfig_path));
+ fclose($dbconfig_file);
+
+ // Replace the values with the new ones
+ $dbconfig_data = str_replace("\$_DB_host = '" .
$_DB_host . "';", "\$_DB_host = '" . $db_host . "';", $dbconfig_data); //
Host
+ $dbconfig_data = str_replace("\$_DB_name = '" .
$_DB_name . "';", "\$_DB_name = '" . $db_name . "';", $dbconfig_data); //
Database
+ $dbconfig_data = str_replace("\$_DB_user = '" .
$_DB_user . "';", "\$_DB_user = '" . $db_user . "';", $dbconfig_data); //
Username
+ $dbconfig_data = str_replace("\$_DB_pass = '" .
$_DB_pass . "';", "\$_DB_pass = '" . $db_pass . "';", $dbconfig_data); //
Password
+ $dbconfig_data = str_replace("\$_DB_table_prefix
= '" . $_DB_table_prefix . "';", "\$_DB_table_prefix = '" .
$db_prefix . "';", $dbconfig_data); // Table prefix
+ $dbconfig_data = str_replace("\$_DB_dbms = '" .
$_DB_dbms . "';", "\$_DB_dbms = '" . $db_type . "';", $dbconfig_data); //
Database type ('mysql' or 'mssql')
+
+ // Write our changes to db-config.php
+ $dbconfig_file = fopen($dbconfig_path, 'w');
+ if (!fwrite($dbconfig_file, $dbconfig_data)) {
+ exit($LANG_INSTALL[26] . ' ' . $dbconfig_path
+ . $LANG_INSTALL[58]);
+ }
+ fclose($dbconfig_file);
+
+ // for the default charset, patch siteconfig.php
again
+ if ($install_type != 'upgrade') {
+ if (!INST_setDefaultCharset($siteconfig_path,
+ ($utf8 ? 'utf-8' : $LANG_CHARSET))) {
+ exit($LANG_INSTALL[26] . ' ' .
$siteconfig_path
+ . $LANG_INSTALL[58]);
+ }
+ }
+
+ require $dbconfig_path;
+ require_once $siteconfig_path;
+ require_once
$_CONF['path_system'] . 'lib-database.php';
+ $req_string = 'index.php?mode=' .
$install_type . '&step=3&dbconfig_path=' . $dbconfig_path
+ . '&language=' . $language
+ . '&site_name=' . urlencode($site_name)
+ . '&site_slogan=' .
urlencode($site_slogan)
+ . '&site_url=' . urlencode($site_url)
+ . '&site_admin_url=' .
urlencode($site_admin_url)
+ . '&site_mail=' . urlencode($site_mail)
+ . '&noreply_mail=' .
urlencode($noreply_mail);
+ if ($utf8) {
+ $req_string .= '&utf8=true';
+ }
+
+ switch ($install_type) {
+
+ case 'install':
+ $hidden_fields = '<input type="hidden"
name="mode" value="' . $install_type . '"' . XHTML . '>
+ <input type="hidden"
name="language" value="' . $language . '"' . XHTML . '>
+ <input type="hidden"
name="dbconfig_path" value="' . urlencode($dbconfig_path) . '"' . XHTML . '>
+ <input type="hidden"
name="site_name" value="' . urlencode($site_name) . '"' . XHTML . '>
+ <input type="hidden"
name="site_slogan" value="' . urlencode($site_slogan) . '"' . XHTML . '>
+ <input type="hidden"
name="site_url" value="' . urlencode($site_url) . '"' . XHTML . '>
+ <input type="hidden"
name="site_admin_url" value="' . urlencode($site_admin_url) . '"' .
XHTML . '>
+ <input type="hidden"
name="site_mail" value="' . urlencode($site_mail) . '"' . XHTML . '>
+ <input type="hidden"
name="noreply_mail" value="' . urlencode($noreply_mail) . '"' . XHTML . '>
+ <input type="hidden" name="utf8"
value="' . ($utf8 ? 'true' : 'false') . '"' . XHTML . '>';
+
+ // If using MySQL check to see if InnoDB is
supported
+ if ($innodb && !INST_innodbSupported()) {
+ // Warn that InnoDB tables are not
supported
+ $display .= '<h2>' .
$LANG_INSTALL[59] . '</h2>
+ <p>' . $LANG_INSTALL['60'] . '</p>
+
+ <br' . XHTML . '>
+ <div style="margin-left: auto;
margin-right: auto; width: 125px">
+ <div style="position: relative; right:
10px">
+ <form action="index.php"
method="post">
+ <input type="hidden" name="step"
value="1"' . XHTML . '>
+ ' . $hidden_fields . '
+ <input type="submit"
value="<< ' . $LANG_INSTALL[61] . '"' . XHTML . '>
+ </form>
+ </div>
+
+ <div style="position: relative; left:
65px; top: -27px">
+ <form action="index.php"
method="post">
+ <input type="hidden" name="step"
value="3"' . XHTML . '>
+ ' . $hidden_fields . '
+ <input type="hidden" name="innodb"
value="false"' . XHTML . '>
+ <input type="submit" name="submit"
value="' . $LANG_INSTALL[62] . ' >>"' . XHTML . '>
+ </form>
+ </div>
+ </div>' . LB;
+ } else {
+ // Continue on to step 3 where the
installation will happen
+ if ($innodb) {
+ $req_string .= '&innodb=true';
+ }
+ header('Location: ' . $req_string);
+ }
+ break;
+
+ case 'upgrade':
+ // Try and find out what the current version
of GL is
+ $curv = INST_identifyGeeklogVersion ();
+ if ($curv == VERSION) {
+ // If current version is the newest version
+ // then there's no need to update.
+ $display .= '<h2>' .
$LANG_INSTALL[74] . '</h2>' . LB
+ . '<p>' .
$LANG_INSTALL[75] . '</p>';
+ } elseif ($curv == 'empty') {
+ $display .= '<h2>' .
$LANG_INSTALL[90] . '</h2>' . LB
+ . '<p>' .
$LANG_INSTALL[91] . '</p>';
+ } else {
+
+ $old_versions =
array('1.2.5-1','1.3','1.3.1','1.3.2','1.3.2-1','1.3.3','1.3.4','1.3.5','1.3.6','1.3.7','1.3.8','1.3.9','1.3.10','1.3.11','1.4.0','1.4.1','1.5.0','1.5.1');
+ if (empty($curv)) {
+ // If we were unable to determine the
current GL
+ // version is then ask the user what
it is
+ $display .= '<h2>' .
$LANG_INSTALL[76] . '</h2>
+ <p>' . $LANG_INSTALL[77] . '</p>
+ <form action="index.php"
method="post">
+ <input type="hidden" name="mode"
value="upgrade"' . XHTML . '>
+ <input type="hidden" name="step"
value="3"' . XHTML . '>
+ <input type="hidden"
name="dbconfig_path" value="' . $dbconfig_path . '"' . XHTML . '>
+ <p><label class="' .
$label_dir . '">' . $LANG_INSTALL[89] . '</label> <select name="version">';
+ $tmp_counter = 0;
+ $ver_selected = '';
+ foreach ($old_versions as $version) {
+ if ($tmp_counter ==
(count($old_versions) - 1)) {
+ $ver_selected = '
selected="selected"';
+ }
+ $display .= LB . '<option' .
$ver_selected . '>' . $version . '</option>';
+ $tmp_counter++;
+ }
+ $display .= '</select></p>
+ <br' . XHTML . '>
+ <input type="submit" name="submit"
class="submit" value="Upgrade >>"' . XHTML . '>
+ </form>' . LB;
+
+ $curv =
$old_versions[count($old_versions) - 1];
+ } else {
+ // Continue on to step 3 where the
upgrade will happen
+ header('Location: ' .
$req_string . '&version=' . $curv);
+ }
+ }
+ break;
+ }
+ }
+ }
+ }
+ break;
+
+ /**
+ * Page 3 - Install
+ */
+ case 3:
+ $gl_path = str_replace('db-config.php', '', $dbconfig_path);
+ switch ($install_type) {
+ case 'install':
+ if (isset($_POST['submit']) &&
+ ($_POST['submit'] == '<< ' .
$LANG_INSTALL[61])) {
+ header('Location: index.php?mode=install');
+ }
+
+ // Check whether to use InnoDB tables
+ $use_innodb = false;
+ if ((isset($_POST['innodb']) && $_POST['innodb']
== 'true') || (isset($_GET['innodb']) && $_GET['innodb'] == 'true')) {
+ $use_innodb = true;
+ }
+
+ $utf8 = false;
+ if ((isset($_POST['utf8']) && $_POST['utf8']
== 'true') || (isset($_GET['utf8']) && $_GET['utf8'] == 'true')) {
+ $utf8 = true;
+ }
+
+ // We need all this just to do one DB query
+ require_once $dbconfig_path;
+ require_once $siteconfig_path;
+ require_once
$_CONF['path_system'] . 'lib-database.php';
+
+ // Check if GL is already installed
+ if (INST_checkTableExists('vars')) {
+
+ $display .= '<p>' . $LANG_INSTALL[63] . '</p>
+ <ol>
+ <li>' . $LANG_INSTALL[64] . '</li>
+ <li>' . $LANG_INSTALL[65] . '</li>
+ </ol>
+
+ <div style="margin-left: auto; margin-right:
auto; width: 125px">
+ <div style="position: absolute">
+ <form action="index.php" method="post">
+ <input type="hidden" name="mode"
value="install"' . XHTML . '>
+ <input type="hidden" name="step"
value="3"' . XHTML . '>
+ <input type="hidden" name="language"
value="' . $language . '"' . XHTML . '>
+ <input type="hidden"
name="dbconfig_path" value="' . $dbconfig_path . '"' . XHTML . '>
+ <input type="hidden" name="innodb"
value="' . (($use_innodb) ? 'true' : 'false') . '"' . XHTML . '>
+ <input type="submit" value="' .
$LANG_INSTALL[66] . '"' . XHTML . '>
+ </form>
+ </div>
+
+ <div style="position: relative; left:
55px; top: 5px">
+ <form action="index.php" method="post">
+ <input type="hidden" name="mode"
value="upgrade"' . XHTML . '>
+ <input type="hidden" name="language"
value="' . $language . '"' . XHTML . '>
+ <input type="hidden"
name="dbconfig_path" value="' . $dbconfig_path . '"' . XHTML . '>
+ <input type="submit" value="' .
$LANG_INSTALL[25] . '"' . XHTML . '>
+ </form>
+ </div>
+ </div>
+ ' . LB;
+
+ } else {
+
+ if (INST_createDatabaseStructures($use_innodb)) {
+ $site_name = isset($_POST['site_name']) ?
$_POST['site_name'] : (isset($_GET['site_name']) ?
$_GET['site_name'] : '') ;
+ $site_slogan =
isset($_POST['site_slogan']) ? $_POST['site_slogan'] :
(isset($_GET['site_slogan']) ? $_GET['site_slogan'] : '') ;
+ $site_url = isset($_POST['site_url']) ?
$_POST['site_url'] : (isset($_GET['site_url']) ? $_GET['site_url'] : '') ;
+ $site_admin_url =
isset($_POST['site_admin_url']) ? $_POST['site_admin_url'] :
(isset($_GET['site_admin_url']) ? $_GET['site_admin_url'] : '') ;
+ $site_mail = isset($_POST['site_mail']) ?
$_POST['site_mail'] : (isset($_GET['site_mail']) ?
$_GET['site_mail'] : '') ;
+ $noreply_mail =
isset($_POST['noreply_mail']) ? $_POST['noreply_mail'] :
(isset($_GET['noreply_mail']) ? $_GET['noreply_mail'] : '') ;
+
+ INST_personalizeAdminAccount($site_mail,
$site_url);
+
+ // Insert the form data into the conf_values
table
+
+ require_once
$_CONF['path_system'] . 'classes/config.class.php';
+ require_once 'config-install.php';
+ install_config();
+
+ $config = config::get_instance();
+ $config->set('site_name',
urldecode($site_name));
+ $config->set('site_slogan',
urldecode($site_slogan));
+ $config->set('site_url', urldecode($site_url));
+ // FIXME: Check that directory exists
+ $config->set('site_admin_url',
urldecode($site_admin_url));
+ $config->set('site_mail',
urldecode($site_mail));
+ $config->set('noreply_mail',
urldecode($noreply_mail));
+ $config->set('path_html', $html_path);
+ $config->set('path_log', $gl_path . 'logs/');
+ $config->set('path_language',
$gl_path . 'language/');
+ $config->set('backup_path',
$gl_path . 'backups/');
+ $config->set('path_data', $gl_path . 'data/');
+ $config->set('path_images',
$html_path . 'images/');
+ $config->set('path_themes',
$html_path . 'layout/');
+ $config->set('rdf_file',
$html_path . 'backend/geeklog.rss');
+ $config->set('path_pear',
$_CONF['path_system'] . 'pear/');
+ $config->set_default('default_photo',
urldecode($site_url) . '/default.jpg');
+
+ $lng =
INST_getDefaultLanguage($gl_path . 'language/', $language, $utf8);
+ if (!empty($lng)) {
+ $config->set('language', $lng);
+ }
+
+ // Now we're done with the installation so
redirect the user to success.php
+ header('Location:
success.php?type=install&language=' . $language);
+ } else {
+ $display .= "<h2>" .
$LANG_INSTALL[67] . "</h2><p>" . $LANG_INSTALL[68] . "</p>";
+ }
+
+ }
+ break;
+
+ case 'upgrade':
+ // Get and set which version to display
+ $version = '';
+ if (isset($_GET['version'])) {
+ $version = $_GET['version'];
+ } else {
+ if (isset($_POST['version'])) {
+ $version = $_POST['version'];
+ }
+ }
+
+ // Let's do this
+ require_once $dbconfig_path;
+ require_once $siteconfig_path;
+ require_once
$_CONF['path_system'] . 'lib-database.php';
+
+ // If this is a MySQL database check to see if it was
+ // installed with InnoDB support
+ if ($_DB_dbms == 'mysql') {
+ // Query `vars` and see if 'database_engine'
== 'InnoDB'
+ $result = DB_query("SELECT `name`,`value` FROM
{$_TABLES['vars']} WHERE `name`='database_engine'");
+ $row = DB_fetchArray($result);
+ if ($row['value'] == 'InnoDB') {
+ $use_innodb = true;
+ } else {
+ $use_innodb = false;
+ }
+ }
+
+ if (INST_doDatabaseUpgrades($version, $use_innodb)) {
+ if (version_compare($version, '1.5.0') == -1) {
+ // After updating the database we'll want to
update some of the information from the form.
+ $site_name = isset($_POST['site_name']) ?
$_POST['site_name'] : (isset($_GET['site_name']) ?
$_GET['site_name'] : '') ;
+ $site_slogan =
isset($_POST['site_slogan']) ? $_POST['site_slogan'] :
(isset($_GET['site_slogan']) ? $_GET['site_slogan'] : '') ;
+ $site_url = isset($_POST['site_url']) ?
$_POST['site_url'] : (isset($_GET['site_url']) ? $_GET['site_url'] : '') ;
+ $site_admin_url =
isset($_POST['site_admin_url']) ? $_POST['site_admin_url'] :
(isset($_GET['site_admin_url']) ? $_GET['site_admin_url'] : '') ;
+ $site_mail = isset($_POST['site_mail']) ?
$_POST['site_mail'] : (isset($_GET['site_mail']) ?
$_GET['site_mail'] : '') ;
+ $noreply_mail =
isset($_POST['noreply_mail']) ? $_POST['noreply_mail'] :
(isset($_GET['noreply_mail']) ? $_GET['noreply_mail'] : '') ;
+
+ require_once
$_CONF['path_system'] . 'classes/config.class.php';
+ $config = config::get_instance();
+ $config->set('site_name',
urldecode($site_name));
+ $config->set('site_slogan',
urldecode($site_slogan));
+ $config->set('site_url', urldecode($site_url));
+ $config->set('site_admin_url',
urldecode($site_admin_url));
+ $config->set('site_mail',
urldecode($site_mail));
+ $config->set('noreply_mail',
urldecode($noreply_mail));
+ $config->set_default('default_photo',
urldecode($site_url) . '/default.jpg');
+ }
+
+ INST_checkPlugins();
+
+ // Great, installation is complete, redirect to
success page
+ header('Location:
success.php?type=upgrade&language=' . $language);
+ } else {
+ $display .= '<h2>' . $LANG_INSTALL[78] . '</h2>
+ <p>' . $LANG_INSTALL[79] . '</p>' . LB;
+ }
+ break;
+ }
+ break;
+ }
+}
+
+
+/**
+ * Check to see if required files are writeable by the web server.
+ *
+ * @param array $files list of files to check
+ * @return boolean true if all files are writeable
+ *
+ */
+function INST_checkIfWritable($files)
+{
+ $writable = true;
+ foreach ($files as $file) {
+ if (!$tmp_file = @fopen($file, 'a')) {
+ // Unable to modify
+ $writable = false;
+ } else {
+ fclose($tmp_file);
+ }
+ }
+
+ return $writable;
+}
+
+
+/**
+ * Returns an HTML formatted string containing a list of which files
+ * have incorrect permissions.
+ *
+ * @param array $files List of files to check
+ * @return string HTML and permission warning message.
+ *
+ */
+function INST_permissionWarning($files)
+{
+ global $LANG_INSTALL;
+ $display .= '
+ <div class="install-path-container-outer">
+ <div class="install-path-container-inner">
+ <h2>' . $LANG_INSTALL[81] . '</h2>
+
+ <p>' . $LANG_INSTALL[82] . '</p>
+
+ <br' . XHTML . '>
+ <p><label class="file-permission-list"><b>' .
$LANG_INSTALL[10] . '</b></label> <b>' . $LANG_INSTALL[11] . '</b></p>
+ ' . LB;
+
+ foreach ($files as $file) {
+ if (!$file_handler = @fopen ($file, 'a')) {
+ $display .= '<p><label class="file-permission-list"><code>' .
$file . '</code></label>' ;
+ $file_perms = sprintf ("%3o", @fileperms ($file) & 0777);
+ $display .= '<span class="error">' . $LANG_INSTALL[12] . '
777</span> (' . $LANG_INSTALL[13] . ' ' . $file_perms . ')</p>' . LB ;
+ } else {
+ fclose ($file_handler);
+ }
+ }
+
+ $display .= '
+ </div>
+ </div>
+
+ <br' . XHTML . '><br' . XHTML . '>' . LB;
+
+ return $display;
+
+}
+
+
+/**
+ * Returns the HTML form to return the user's inputted data to the
+ * previous page.
+ *
+ * @return string HTML form code.
+ *
+ */
+function INST_showReturnFormData($post_data)
+{
+ global $mode, $dbconfig_path, $language, $LANG_INSTALL;
+
+ $display = '
+ <form action="index.php" method="post">
+ <input type="hidden" name="mode" value="' . $mode . '"' .
XHTML . '>
+ <input type="hidden" name="step" value="1"' . XHTML . '>
+ <input type="hidden" name="dbconfig_path" value="' .
$dbconfig_path . '"' . XHTML . '>
+ <input type="hidden" name="language" value="' . $language . '"' .
XHTML . '>
+ <input type="hidden" name="site_name" value="' .
$post_data['site_name'] . '"' . XHTML . '>
+ <input type="hidden" name="site_slogan" value="' .
$post_data['site_slogan'] . '"' . XHTML . '>
+ <input type="hidden" name="db_type" value="' .
$post_data['db_type'] . '"' . XHTML . '>
+ <input type="hidden" name="db_host" value="' .
$post_data['db_host'] . '"' . XHTML . '>
+ <input type="hidden" name="db_name" value="' .
$post_data['db_name'] . '"' . XHTML . '>
+ <input type="hidden" name="db_user" value="' .
$post_data['db_user'] . '"' . XHTML . '>
+ <input type="hidden" name="db_prefix" value="' .
$post_data['db_prefix'] . '"' . XHTML . '>
+ <input type="hidden" name="site_url" value="' .
$post_data['site_url'] . '"' . XHTML . '>
+ <input type="hidden" name="site_admin_url" value="' .
$post_data['site_admin_url'] . '"' . XHTML . '>
+ <input type="hidden" name="site_mail" value="' .
$post_data['site_mail'] . '"' . XHTML . '>
+ <input type="hidden" name="noreply_mail" value="' .
$post_data['noreply_mail'] . '"' . XHTML . '>
+ <p align="center"><input type="submit" value="<< ' .
$LANG_INSTALL[61] . '"' . XHTML . '></p>
+ </form>';
+
+ return $display;
+}
+
+
+/**
+ * Returns the HTML form to return the user's inputted data to the
+ * previous page.
+ *
+ * @return string HTML form code.
+ *
+ */
+function INST_helpLink($var)
+{
+ global $language;
+
+ return '(<a href="help.php?language=' . $language . '#' . $var . '"
target="_blank">?</a>)';
+}
+
+
+/**
+ * Get the current installed version of Geeklog
+ *
+ * @return Geeklog version in x.x.x format
+ *
+ */
+function INST_identifyGeeklogVersion ()
+{
+ global $_TABLES, $_DB, $_DB_dbms, $dbconfig_path, $siteconfig_path;
+
+ $_DB->setDisplayError(true);
+
+ // simple tests for the version of the database:
+ // "DESCRIBE sometable somefield", ''
+ // => just test that the field exists
+ // "DESCRIBE sometable somefield", 'somefield,sometype'
+ // => test that the field exists and is of the given type
+ //
+ // Should always include a test for the current version so that we can
+ // warn the user if they try to run the update again.
+
+
+ switch ($_DB_dbms) {
+
+ case 'mysql':
+ $test = array(
+ '1.5.2' => array("SELECT value FROM {$_TABLES['vars']} WHERE
name = 'database_version'", '1.5.2'),
+ '1.5.1' => array("SELECT name FROM {$_TABLES['vars']} WHERE
name = 'database_version'", 'database_version'),
+ '1.5.0' => array("DESCRIBE {$_TABLES['storysubmission']}
bodytext",''),
+ '1.4.1' => array("SELECT ft_name FROM {$_TABLES['features']}
WHERE ft_name = 'syndication.edit'", 'syndication.edit'),
+ '1.4.0' => array("DESCRIBE {$_TABLES['users']}
remoteusername",''),
+ '1.3.11' => array("DESCRIBE {$_TABLES['comments']}
sid", 'sid,varchar(40)'),
+ '1.3.10' => array("DESCRIBE {$_TABLES['comments']} lft",''),
+ '1.3.9' => array("DESCRIBE {$_TABLES['syndication']} fid",''),
+ '1.3.8' => array("DESCRIBE {$_TABLES['userprefs']}
showonline",'')
+ // It's hard to (reliably) test for 1.3.7 - let's just hope
+ // nobody uses such an old version any more ...
+ );
+ $firstCheck = "DESCRIBE {$_TABLES['access']} acc_ft_id";
+ $result = DB_query($firstCheck, 1);
+ if ($result === false) {
+ // A check for the first field in the first table failed?
+ // Sounds suspiciously like an empty table ...
+ return 'empty';
+ }
+ break;
+
+ case 'mssql':
+ $test = array(
+ '1.5.2' => array("SELECT value FROM {$_TABLES['vars']} WHERE
name = 'database_version'", '1.5.2'),
+ '1.5.1' => array("SELECT name FROM {$_TABLES['vars']} WHERE
name = 'database_version'", 'database_version'),
+ '1.5.0' => array("SELECT c.name FROM syscolumns c JOIN
sysobjects o ON o.id = c.id WHERE c.name='bodytext' AND
o.name='{$_TABLES['storysubmission']}'",'bodytext'),
+ '1.4.1' => array("SELECT ft_name FROM {$_TABLES['features']}
WHERE ft_name = 'syndication.edit'", 'syndication.edit')
+ // 1.4.1 was the first version with MS SQL support
+ );
+ $firstCheck = "SELECT 1 FROM sysobjects WHERE
name='{$_TABLES['access']}'";
+ $result = DB_query($firstCheck, 1);
+ if (($result === false) || (DB_numRows($result) < 1)) {
+ // a check for the first table returned nothing.
+ // empty database?
+ return 'empty';
+ }
+ break;
+
+ }
+
+ $version = '';
+
+ foreach ($test as $v => $qarray) {
+ $result = DB_query($qarray[0], 1);
+ if ($result === false) {
+ // error - continue with next test
+
+ } else if (DB_numRows($result) > 0) {
+ $A = DB_fetchArray($result);
+ if (empty($qarray[1])) {
+ // test only for existence of field - succeeded
+ $version = $v;
+ break;
+ } else {
+ if (substr($qarray[0], 0, 6) == 'SELECT') {
+ // text for a certain value
+ if ($A[0] == $qarray[1]) {
+ $version = $v;
+ break;
+ }
+ } else {
+ // test for certain type of field
+ $tst = explode(',', $qarray[1]);
+ if (($A['Field'] == $tst[0]) && ($A['Type'] ==
$tst[1])) {
+ $version = $v;
+ break;
+ }
+ }
+ }
+ }
+ }
+
+ return $version;
+}
+
+
+/**
+ * Sets up the database tables
+ *
+ * @param boolean $use_innodb Whether to use InnoDB table support if
using MySQL
+ * @return boolean True if successful
+ *
+ */
+function INST_createDatabaseStructures ($use_innodb = false)
+{
+ global $_CONF, $_TABLES, $_DB, $_DB_dbms, $_DB_host, $_DB_user,
$_DB_pass;
+
+ $_DB->setDisplayError (true);
+
+ // Because the create table syntax can vary from dbms-to-dbms we are
+ // leaving that up to each database driver (e.g. mysql.class.php,
+ // postgresql.class.php, etc)
+
+ // Get DBMS-specific create table array and data array
+ require_once $_CONF['path'] . 'sql/' . $_DB_dbms . '_tableanddata.php';
+
+ $progress = '';
+
+ if (INST_checkTableExists ('access')) {
+ return false;
+ }
+
+ switch($_DB_dbms){
+ case 'mysql':
+
+ INST_updateDB($_SQL);
+ if ($use_innodb) {
+ DB_query ("INSERT INTO {$_TABLES['vars']} (name, value)
VALUES ('database_engine', 'InnoDB')");
+ }
+ break;
+ case 'mssql':
+ foreach ($_SQL as $sql) {
+ $_DB->dbQuery($sql, 0, 1);
+ }
+ break;
+ }
+
+ // Now insert mandatory data and a small subset of initial data
+ foreach ($_DATA as $data) {
+ $progress .= "executing " . $data . "<br" . XHTML . ">\n";
+
+ DB_query ($data);
+ }
+
+ return true;
+}
+
+
+/**
+ * On a fresh install, set the Admin's account email and homepage
+ *
+ * @param string $site_mail email address, e.g. the site email
+ * @param string $site_url the site's URL
+ * @return void
+ *
+ */
+function INST_personalizeAdminAccount($site_mail, $site_url)
+{
+ global $_TABLES, $_DB_dbms;
+
+ if (($_DB_dbms == 'mysql') || ($_DB_dbms == 'mssql')) {
+
+ // let's try and personalize the Admin account a bit ...
+
+ if (!empty($site_mail)) {
+ if (strpos($site_mail, 'example.com') === false) {
+ DB_query("UPDATE {$_TABLES['users']} SET email = '" .
addslashes($site_mail) . "' WHERE uid = 2");
+ }
+ }
+ if (!empty($site_url)) {
+ if (strpos($site_url, 'example.com') === false) {
+ DB_query("UPDATE {$_TABLES['users']} SET homepage = '" .
addslashes($site_url) . "' WHERE uid = 2");
+ }
+ }
+ }
+}
+
+/**
+* Derive site's default language from available information
+*
+* @param string $langpath path where the language files are kept
+* @param string $language language used in the install script
+* @param boolean $utf8 whether to use UTF-8
+* @return string name of default language (for the config)
+*
+*/
+function INST_getDefaultLanguage($langpath, $language, $utf8 = false)
+{
+ $pos = strpos($language, '_utf-8');
+ if ($pos !== false) {
+ $language = substr($language, 0, $pos);
+ }
+
+ if ($utf8) {
+ $lngname = $language . '_utf-8';
+ } else {
+ $lngname = $language;
+ }
+ $lngfile = $lngname . '.php';
+
+ if (!file_exists($langpath . $lngfile)) {
+ // doesn't exist - fall back to English
+ if ($utf8) {
+ $lngname = 'english_utf-8';
+ } else {
+ $lngname = 'english';
+ }
+ }
+
+ return $lngname;
+}
+
+
+/**
+ * Make a nice display name from the language filename
+ *
+ * @param string $file filename without the extension
+ * @return string language name to display to the user
+ * @note This code is a straight copy from MBYTE_languageList()
+ *
+ */
+function INST_prettifyLanguageName($filename)
+{
+ $langfile = str_replace ('_utf-8', '', $filename);
+ $uscore = strpos ($langfile, '_');
+ if ($uscore === false) {
+ $lngname = ucfirst ($langfile);
+ } else {
+ $lngname = ucfirst (substr ($langfile, 0, $uscore));
+ $lngadd = substr ($langfile, $uscore + 1);
+ $lngadd = str_replace ('utf-8', '', $lngadd);
+ $lngadd = str_replace ('_', ', ', $lngadd);
+ $word = explode (' ', $lngadd);
+ $lngadd = '';
+ foreach ($word as $w) {
+ if (preg_match ('/[0-9]+/', $w)) {
+ $lngadd .= strtoupper ($w) . ' ';
+ } else {
+ $lngadd .= ucfirst ($w) . ' ';
+ }
+ }
+ $lngname .= ' (' . trim ($lngadd) . ')';
+ }
+
+ return $lngname;
+}
+
+
+/**
+ * Check if a table exists
+ *
+ * @see DB_checkTableExists
+ *
+ * @param string $table Table name
+ * @return boolean True if table exists, false if it does not
+ *
+ */
+function INST_checkTableExists ($table)
+{
+ return DB_checkTableExists($table);
+}
+
+
+/**
+ * Check for InnoDB table support (usually as of MySQL 4.0, but may be
+ * available in earlier versions, e.g. "Max" or custom builds).
+ *
+ * @return boolean true = InnoDB tables supported, false = not
supported
+ *
+ */
+function INST_innodbSupported()
+{
+ $result = DB_query ("SHOW VARIABLES LIKE 'have_innodb'");
+ $A = DB_fetchArray ($result, true);
+
+ if (strcasecmp ($A[1], 'yes') == 0) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
+
+/**
+ * Check InnoDB Upgrade
+ *
+ * @param array $_SQL List of SQL queries
+ * @return array InnoDB table style if chosen
+ *
+ */
+function INST_checkInnodbUpgrade($_SQL)
+{
+ global $use_innodb;
+
+ if ($use_innodb) {
+ $statements = count($_SQL);
+ for ($i = 0; $i < $statements; $i++) {
+ $_SQL[$i] = str_replace('MyISAM', 'InnoDB', $_SQL[$i]);
+ }
+ }
+
+ return $_SQL;
+}
+
+/**
+ * Perform database upgrades
+ *
+ * @param string $current_gl_version Current Geeklog version
+ * @param boolean $use_innodb Whether or not to use InnoDB
support with MySQL
+ * @return boolean True if successful
+ *
+ */
+function INST_doDatabaseUpgrades($current_gl_version, $use_innodb = false)
+{
+ global $_TABLES, $_CONF, $_SP_CONF, $_DB, $_DB_dbms, $_DB_table_prefix,
+ $dbconfig_path, $siteconfig_path, $html_path;
+
+ $_DB->setDisplayError (true);
+
+ // Because the upgrade sql syntax can vary from dbms-to-dbms we are
+ // leaving that up to each Geeklog database driver
+
+ $done = false;
+ $progress = '';
+ while ($done == false) {
+ switch ($current_gl_version) {
+ case '1.2.5-1':
+ // Get DMBS-specific update sql
+ require_once($_CONF['path'] . 'sql/updates/' .
$_DB_dbms . '_1.2.5-1_to_1.3.php');
+ INST_updateDB($_SQL);
+
+ // OK, now we need to add all users except anonymous to the
All Users group and Logged in users group
+ // I can hard-code these group numbers because the group table
was JUST created with these numbers
+ $result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE
uid <> 1");
+ $nrows = DB_numRows($result);
+ for ($i = 1; $i <= $nrows; $i++) {
+ $U = DB_fetchArray($result);
+ DB_query("INSERT INTO {$_TABLES['group_assignments']}
VALUES (2, {$U['uid']}, NULL)");
+ DB_query("INSERT INTO {$_TABLES['group_assignments']}
VALUES (13, {$U['uid']}, NULL)");
+ }
+ // Now take care of any orphans off the user table...and let
me curse MySQL lack for supporting foreign
+ // keys at this time ;-)
+ $result = DB_query("SELECT MAX(uid) FROM {$_TABLES['users']}");
+ $ITEM = DB_fetchArr
==============================================================================
Diff truncated at 200k characters
