Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1065 lines
33 KiB

10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
9 years ago
10 years ago
9 years ago
9 years ago
10 years ago
9 years ago
10 years ago
9 years ago
10 years ago
10 years ago
  1. <?php
  2. /**
  3. * Friendica admin
  4. */
  5. require_once("include/remoteupdate.php");
  6. /**
  7. * @param App $a
  8. */
  9. function admin_post(&$a){
  10. if(!is_site_admin()) {
  11. return;
  12. }
  13. // do not allow a page manager to access the admin panel at all.
  14. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  15. return;
  16. // urls
  17. if ($a->argc > 1){
  18. switch ($a->argv[1]){
  19. case 'site':
  20. admin_page_site_post($a);
  21. break;
  22. case 'users':
  23. admin_page_users_post($a);
  24. break;
  25. case 'plugins':
  26. if ($a->argc > 2 &&
  27. is_file("addon/".$a->argv[2]."/".$a->argv[2].".php")){
  28. @include_once("addon/".$a->argv[2]."/".$a->argv[2].".php");
  29. if(function_exists($a->argv[2].'_plugin_admin_post')) {
  30. $func = $a->argv[2].'_plugin_admin_post';
  31. $func($a);
  32. }
  33. }
  34. goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
  35. return; // NOTREACHED
  36. break;
  37. case 'themes':
  38. $theme = $a->argv[2];
  39. if (is_file("view/theme/$theme/config.php")){
  40. require_once("view/theme/$theme/config.php");
  41. if (function_exists("theme_admin_post")){
  42. theme_admin_post($a);
  43. }
  44. }
  45. info(t('Theme settings updated.'));
  46. if(is_ajax()) return;
  47. goaway($a->get_baseurl(true) . '/admin/themes/' . $theme );
  48. return;
  49. break;
  50. case 'logs':
  51. admin_page_logs_post($a);
  52. break;
  53. case 'update':
  54. admin_page_remoteupdate_post($a);
  55. break;
  56. }
  57. }
  58. goaway($a->get_baseurl(true) . '/admin' );
  59. return; // NOTREACHED
  60. }
  61. /**
  62. * @param App $a
  63. * @return string
  64. */
  65. function admin_content(&$a) {
  66. if(!is_site_admin()) {
  67. return login(false);
  68. }
  69. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  70. return "";
  71. /**
  72. * Side bar links
  73. */
  74. // array( url, name, extra css classes )
  75. $aside = Array(
  76. 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
  77. 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
  78. 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
  79. 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
  80. 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Update") , "update")
  81. );
  82. /* get plugins admin page */
  83. $r = q("SELECT * FROM `addon` WHERE `plugin_admin`=1");
  84. $aside['plugins_admin']=Array();
  85. foreach ($r as $h){
  86. $plugin =$h['name'];
  87. $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
  88. // temp plugins with admin
  89. $a->plugins_admin[] = $plugin;
  90. }
  91. $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
  92. $t = get_markup_template("admin_aside.tpl");
  93. $a->page['aside'] = replace_macros( $t, array(
  94. '$admin' => $aside,
  95. '$h_pending' => t('User registrations waiting for confirmation'),
  96. '$admurl'=> $a->get_baseurl(true)."/admin/"
  97. ));
  98. /**
  99. * Page content
  100. */
  101. $o = '';
  102. // urls
  103. if ($a->argc > 1){
  104. switch ($a->argv[1]){
  105. case 'site':
  106. $o = admin_page_site($a);
  107. break;
  108. case 'users':
  109. $o = admin_page_users($a);
  110. break;
  111. case 'plugins':
  112. $o = admin_page_plugins($a);
  113. break;
  114. case 'themes':
  115. $o = admin_page_themes($a);
  116. break;
  117. case 'logs':
  118. $o = admin_page_logs($a);
  119. break;
  120. case 'update':
  121. $o = admin_page_remoteupdate($a);
  122. break;
  123. default:
  124. notice( t("Item not found.") );
  125. }
  126. } else {
  127. $o = admin_page_summary($a);
  128. }
  129. if(is_ajax()) {
  130. echo $o;
  131. killme();
  132. return '';
  133. } else {
  134. return $o;
  135. }
  136. }
  137. /**
  138. * Admin Summary Page
  139. * @param App $a
  140. * @return string
  141. */
  142. function admin_page_summary(&$a) {
  143. $r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
  144. $accounts = Array(
  145. Array( t('Normal Account'), 0),
  146. Array( t('Soapbox Account'), 0),
  147. Array( t('Community/Celebrity Account'), 0),
  148. Array( t('Automatic Friend Account'), 0)
  149. );
  150. $users=0;
  151. foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
  152. logger('accounts: ' . print_r($accounts,true));
  153. $r = q("SELECT COUNT(id) as `count` FROM `register`");
  154. $pending = $r[0]['count'];
  155. $t = get_markup_template("admin_summary.tpl");
  156. return replace_macros($t, array(
  157. '$title' => t('Administration'),
  158. '$page' => t('Summary'),
  159. '$users' => Array( t('Registered users'), $users),
  160. '$accounts' => $accounts,
  161. '$pending' => Array( t('Pending registrations'), $pending),
  162. '$version' => Array( t('Version'), FRIENDICA_VERSION),
  163. '$build' => get_config('system','build'),
  164. '$plugins' => Array( t('Active plugins'), $a->plugins )
  165. ));
  166. }
  167. /**
  168. * Admin Site Page
  169. * @param App $a
  170. */
  171. function admin_page_site_post(&$a){
  172. if (!x($_POST,"page_site")){
  173. return;
  174. }
  175. check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
  176. $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
  177. $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
  178. $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
  179. $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
  180. $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
  181. $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
  182. $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
  183. $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
  184. $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
  185. $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
  186. $block_public = ((x($_POST,'block_public')) ? True : False);
  187. $force_publish = ((x($_POST,'publish_all')) ? True : False);
  188. $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
  189. $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
  190. $no_openid = !((x($_POST,'no_openid')) ? True : False);
  191. $no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
  192. $no_utf = !((x($_POST,'no_utf')) ? True : False);
  193. $no_community_page = !((x($_POST,'no_community_page')) ? True : False);
  194. $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
  195. $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
  196. $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
  197. $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
  198. $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
  199. $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
  200. $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
  201. $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
  202. if($ssl_policy != intval(get_config('system','ssl_policy'))) {
  203. if($ssl_policy == SSL_POLICY_FULL) {
  204. q("update `contact` set
  205. `url` = replace(`url` , 'http:' , 'https:'),
  206. `photo` = replace(`photo` , 'http:' , 'https:'),
  207. `thumb` = replace(`thumb` , 'http:' , 'https:'),
  208. `micro` = replace(`micro` , 'http:' , 'https:'),
  209. `request` = replace(`request`, 'http:' , 'https:'),
  210. `notify` = replace(`notify` , 'http:' , 'https:'),
  211. `poll` = replace(`poll` , 'http:' , 'https:'),
  212. `confirm` = replace(`confirm`, 'http:' , 'https:'),
  213. `poco` = replace(`poco` , 'http:' , 'https:')
  214. where `self` = 1"
  215. );
  216. q("update `profile` set
  217. `photo` = replace(`photo` , 'http:' , 'https:'),
  218. `thumb` = replace(`thumb` , 'http:' , 'https:')
  219. where 1 "
  220. );
  221. }
  222. elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
  223. q("update `contact` set
  224. `url` = replace(`url` , 'https:' , 'http:'),
  225. `photo` = replace(`photo` , 'https:' , 'http:'),
  226. `thumb` = replace(`thumb` , 'https:' , 'http:'),
  227. `micro` = replace(`micro` , 'https:' , 'http:'),
  228. `request` = replace(`request`, 'https:' , 'http:'),
  229. `notify` = replace(`notify` , 'https:' , 'http:'),
  230. `poll` = replace(`poll` , 'https:' , 'http:'),
  231. `confirm` = replace(`confirm`, 'https:' , 'http:'),
  232. `poco` = replace(`poco` , 'https:' , 'http:')
  233. where `self` = 1"
  234. );
  235. q("update `profile` set
  236. `photo` = replace(`photo` , 'https:' , 'http:'),
  237. `thumb` = replace(`thumb` , 'https:' , 'http:')
  238. where 1 "
  239. );
  240. }
  241. }
  242. set_config('system','ssl_policy',$ssl_policy);
  243. set_config('config','sitename',$sitename);
  244. if ($banner==""){
  245. // don't know why, but del_config doesn't work...
  246. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  247. dbesc("system"),
  248. dbesc("banner")
  249. );
  250. } else {
  251. set_config('system','banner', $banner);
  252. }
  253. set_config('system','language', $language);
  254. set_config('system','theme', $theme);
  255. set_config('system','maximagesize', $maximagesize);
  256. set_config('config','register_policy', $register_policy);
  257. set_config('system','account_abandon_days', $abandon_days);
  258. set_config('config','register_text', $register_text);
  259. set_config('system','allowed_sites', $allowed_sites);
  260. set_config('system','allowed_email', $allowed_email);
  261. set_config('system','block_public', $block_public);
  262. set_config('system','publish_all', $force_publish);
  263. if ($global_directory==""){
  264. // don't know why, but del_config doesn't work...
  265. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  266. dbesc("system"),
  267. dbesc("directory_submit_url")
  268. );
  269. } else {
  270. set_config('system','directory_submit_url', $global_directory);
  271. }
  272. set_config('system','block_extended_register', $no_multi_reg);
  273. set_config('system','no_openid', $no_openid);
  274. set_config('system','no_regfullname', $no_regfullname);
  275. set_config('system','no_community_page', $no_community_page);
  276. set_config('system','no_utf', $no_utf);
  277. set_config('system','verifyssl', $verifyssl);
  278. set_config('system','proxyuser', $proxyuser);
  279. set_config('system','proxy', $proxy);
  280. set_config('system','curl_timeout', $timeout);
  281. set_config('system','dfrn_only', $dfrn_only);
  282. set_config('system','ostatus_disabled', $ostatus_disabled);
  283. set_config('system','diaspora_enabled', $diaspora_enabled);
  284. info( t('Site settings updated.') . EOL);
  285. goaway($a->get_baseurl(true) . '/admin/site' );
  286. return; // NOTREACHED
  287. }
  288. /**
  289. * @param App $a
  290. * @return string
  291. */
  292. function admin_page_site(&$a) {
  293. /* Installed langs */
  294. $lang_choices = array();
  295. $langs = glob('view/*/strings.php');
  296. if(is_array($langs) && count($langs)) {
  297. if(! in_array('view/en/strings.php',$langs))
  298. $langs[] = 'view/en/';
  299. asort($langs);
  300. foreach($langs as $l) {
  301. $t = explode("/",$l);
  302. $lang_choices[$t[1]] = $t[1];
  303. }
  304. }
  305. /* Installed themes */
  306. $theme_choices = array();
  307. $files = glob('view/theme/*');
  308. if($files) {
  309. foreach($files as $file) {
  310. $f = basename($file);
  311. $theme_name = ((file_exists($file . '/experimental')) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
  312. $theme_choices[$f] = $theme_name;
  313. }
  314. }
  315. /* Banner */
  316. $banner = get_config('system','banner');
  317. if($banner == false)
  318. $banner = '<a href="http://friendica.com"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="http://friendica.com">Friendica</a></span>';
  319. $banner = htmlspecialchars($banner);
  320. //echo "<pre>"; var_dump($lang_choices); die("</pre>");
  321. /* Register policy */
  322. $register_choices = Array(
  323. REGISTER_CLOSED => t("Closed"),
  324. REGISTER_APPROVE => t("Requires approval"),
  325. REGISTER_OPEN => t("Open")
  326. );
  327. $ssl_choices = array(
  328. SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
  329. SSL_POLICY_FULL => t("Force all links to use SSL"),
  330. SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
  331. );
  332. $t = get_markup_template("admin_site.tpl");
  333. return replace_macros($t, array(
  334. '$title' => t('Administration'),
  335. '$page' => t('Site'),
  336. '$submit' => t('Submit'),
  337. '$registration' => t('Registration'),
  338. '$upload' => t('File upload'),
  339. '$corporate' => t('Policies'),
  340. '$advanced' => t('Advanced'),
  341. '$baseurl' => $a->get_baseurl(true),
  342. // name, label, value, help string, extra data...
  343. '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
  344. '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
  345. '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
  346. '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
  347. '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
  348. '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
  349. '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
  350. '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
  351. '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
  352. '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
  353. '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
  354. '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
  355. '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
  356. '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), t("URL to update the global directory. If this is not set, the global directory is completely unavailable to the application.")),
  357. '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
  358. '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
  359. '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
  360. '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
  361. '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
  362. '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), t("Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")),
  363. '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), t("Provide built-in Diaspora network compatibility.")),
  364. '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")),
  365. '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites.")),
  366. '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
  367. '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
  368. '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
  369. '$form_security_token' => get_form_security_token("admin_site"),
  370. ));
  371. }
  372. /**
  373. * Users admin page
  374. *
  375. * @param App $a
  376. */
  377. function admin_page_users_post(&$a){
  378. $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() );
  379. $users = ( x($_POST, 'user') ? $_POST['user'] : Array() );
  380. check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
  381. if (x($_POST,'page_users_block')){
  382. foreach($users as $uid){
  383. q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
  384. intval( $uid )
  385. );
  386. }
  387. notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) );
  388. }
  389. if (x($_POST,'page_users_delete')){
  390. require_once("include/Contact.php");
  391. foreach($users as $uid){
  392. user_remove($uid);
  393. }
  394. notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
  395. }
  396. if (x($_POST,'page_users_approve')){
  397. require_once("mod/regmod.php");
  398. foreach($pending as $hash){
  399. user_allow($hash);
  400. }
  401. }
  402. if (x($_POST,'page_users_deny')){
  403. require_once("mod/regmod.php");
  404. foreach($pending as $hash){
  405. user_deny($hash);
  406. }
  407. }
  408. goaway($a->get_baseurl(true) . '/admin/users' );
  409. return; // NOTREACHED
  410. }
  411. /**
  412. * @param App $a
  413. * @return string
  414. */
  415. function admin_page_users(&$a){
  416. if ($a->argc>2) {
  417. $uid = $a->argv[3];
  418. $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
  419. if (count($user)==0){
  420. notice( 'User not found' . EOL);
  421. goaway($a->get_baseurl(true) . '/admin/users' );
  422. return ''; // NOTREACHED
  423. }
  424. switch($a->argv[2]){
  425. case "delete":{
  426. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  427. // delete user
  428. require_once("include/Contact.php");
  429. user_remove($uid);
  430. notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
  431. }; break;
  432. case "block":{
  433. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  434. q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
  435. intval( 1-$user[0]['blocked'] ),
  436. intval( $uid )
  437. );
  438. notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
  439. }; break;
  440. }
  441. goaway($a->get_baseurl(true) . '/admin/users' );
  442. return ''; // NOTREACHED
  443. }
  444. /* get pending */
  445. $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
  446. FROM `register`
  447. LEFT JOIN `contact` ON `register`.`uid` = `contact`.`uid`
  448. LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
  449. /* get users */
  450. $total = q("SELECT count(*) as total FROM `user` where 1");
  451. if(count($total)) {
  452. $a->set_pager_total($total[0]['total']);
  453. $a->set_pager_itemspage(100);
  454. }
  455. $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro`, `lastitem`.`lastitem_date`
  456. FROM
  457. (SELECT MAX(`item`.`changed`) as `lastitem_date`, `item`.`uid`
  458. FROM `item`
  459. WHERE `item`.`type` = 'wall'
  460. GROUP BY `item`.`uid`) AS `lastitem`
  461. RIGHT OUTER JOIN `user` ON `user`.`uid` = `lastitem`.`uid`,
  462. `contact`
  463. WHERE
  464. `user`.`uid` = `contact`.`uid`
  465. AND `user`.`verified` =1
  466. AND `contact`.`self` =1
  467. ORDER BY `contact`.`name` LIMIT %d, %d
  468. ",
  469. intval($a->pager['start']),
  470. intval($a->pager['itemspage'])
  471. );
  472. function _setup_users($e){
  473. $accounts = Array(
  474. t('Normal Account'),
  475. t('Soapbox Account'),
  476. t('Community/Celebrity Account'),
  477. t('Automatic Friend Account')
  478. );
  479. $e['page-flags'] = $accounts[$e['page-flags']];
  480. $e['register_date'] = relative_date($e['register_date']);
  481. $e['login_date'] = relative_date($e['login_date']);
  482. $e['lastitem_date'] = relative_date($e['lastitem_date']);
  483. return $e;
  484. }
  485. $users = array_map("_setup_users", $users);
  486. $t = get_markup_template("admin_users.tpl");
  487. $o = replace_macros($t, array(
  488. // strings //
  489. '$title' => t('Administration'),
  490. '$page' => t('Users'),
  491. '$submit' => t('Submit'),
  492. '$select_all' => t('select all'),
  493. '$h_pending' => t('User registrations waiting for confirm'),
  494. '$th_pending' => array( t('Request date'), t('Name'), t('Email') ),
  495. '$no_pending' => t('No registrations.'),
  496. '$approve' => t('Approve'),
  497. '$deny' => t('Deny'),
  498. '$delete' => t('Delete'),
  499. '$block' => t('Block'),
  500. '$unblock' => t('Unblock'),
  501. '$h_users' => t('Users'),
  502. '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
  503. '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
  504. '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
  505. '$form_security_token' => get_form_security_token("admin_users"),
  506. // values //
  507. '$baseurl' => $a->get_baseurl(true),
  508. '$pending' => $pending,
  509. '$users' => $users,
  510. ));
  511. $o .= paginate($a);
  512. return $o;
  513. }
  514. /**
  515. * Plugins admin page
  516. *
  517. * @param App $a
  518. * @return string
  519. */
  520. function admin_page_plugins(&$a){
  521. /**
  522. * Single plugin
  523. */
  524. if ($a->argc == 3){
  525. $plugin = $a->argv[2];
  526. if (!is_file("addon/$plugin/$plugin.php")){
  527. notice( t("Item not found.") );
  528. return '';
  529. }
  530. if (x($_GET,"a") && $_GET['a']=="t"){
  531. check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't');
  532. // Toggle plugin status
  533. $idx = array_search($plugin, $a->plugins);
  534. if ($idx !== false){
  535. unset($a->plugins[$idx]);
  536. uninstall_plugin($plugin);
  537. info( sprintf( t("Plugin %s disabled."), $plugin ) );
  538. } else {
  539. $a->plugins[] = $plugin;
  540. install_plugin($plugin);
  541. info( sprintf( t("Plugin %s enabled."), $plugin ) );
  542. }
  543. set_config("system","addon", implode(", ",$a->plugins));
  544. goaway($a->get_baseurl(true) . '/admin/plugins' );
  545. return ''; // NOTREACHED
  546. }
  547. // display plugin details
  548. require_once('library/markdown.php');
  549. if (in_array($plugin, $a->plugins)){
  550. $status="on"; $action= t("Disable");
  551. } else {
  552. $status="off"; $action= t("Enable");
  553. }
  554. $readme=Null;
  555. if (is_file("addon/$plugin/README.md")){
  556. $readme = file_get_contents("addon/$plugin/README.md");
  557. $readme = Markdown($readme);
  558. } else if (is_file("addon/$plugin/README")){
  559. $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
  560. }
  561. $admin_form="";
  562. if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){
  563. @require_once("addon/$plugin/$plugin.php");
  564. $func = $plugin.'_plugin_admin';
  565. $func($a, $admin_form);
  566. }
  567. $t = get_markup_template("admin_plugins_details.tpl");
  568. return replace_macros($t, array(
  569. '$title' => t('Administration'),
  570. '$page' => t('Plugins'),
  571. '$toggle' => t('Toggle'),
  572. '$settings' => t('Settings'),
  573. '$baseurl' => $a->get_baseurl(true),
  574. '$plugin' => $plugin,
  575. '$status' => $status,
  576. '$action' => $action,
  577. '$info' => get_plugin_info($plugin),
  578. '$str_author' => t('Author: '),
  579. '$str_maintainer' => t('Maintainer: '),
  580. '$admin_form' => $admin_form,
  581. '$function' => 'plugins',
  582. '$screenshot' => '',
  583. '$readme' => $readme,
  584. '$form_security_token' => get_form_security_token("admin_themes"),
  585. ));
  586. }
  587. /**
  588. * List plugins
  589. */
  590. $plugins = array();
  591. $files = glob("addon/*/");
  592. if($files) {
  593. foreach($files as $file) {
  594. if (is_dir($file)){
  595. list($tmp, $id)=array_map("trim", explode("/",$file));
  596. $info = get_plugin_info($id);
  597. $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info);
  598. }
  599. }
  600. }
  601. $t = get_markup_template("admin_plugins.tpl");
  602. return replace_macros($t, array(
  603. '$title' => t('Administration'),
  604. '$page' => t('Plugins'),
  605. '$submit' => t('Submit'),
  606. '$baseurl' => $a->get_baseurl(true),
  607. '$function' => 'plugins',
  608. '$plugins' => $plugins,
  609. '$form_security_token' => get_form_security_token("admin_themes"),
  610. ));
  611. }
  612. /**
  613. * @param array $themes
  614. * @param string $th
  615. * @param int $result
  616. */
  617. function toggle_theme(&$themes,$th,&$result) {
  618. for($x = 0; $x < count($themes); $x ++) {
  619. if($themes[$x]['name'] === $th) {
  620. if($themes[$x]['allowed']) {
  621. $themes[$x]['allowed'] = 0;
  622. $result = 0;
  623. }
  624. else {
  625. $themes[$x]['allowed'] = 1;
  626. $result = 1;
  627. }
  628. }
  629. }
  630. }
  631. /**
  632. * @param array $themes
  633. * @param string $th
  634. * @return int
  635. */
  636. function theme_status($themes,$th) {
  637. for($x = 0; $x < count($themes); $x ++) {
  638. if($themes[$x]['name'] === $th) {
  639. if($themes[$x]['allowed']) {
  640. return 1;
  641. }
  642. else {
  643. return 0;
  644. }
  645. }
  646. }
  647. return 0;
  648. }
  649. /**
  650. * @param array $themes
  651. * @return string
  652. */
  653. function rebuild_theme_table($themes) {
  654. $o = '';
  655. if(count($themes)) {
  656. foreach($themes as $th) {
  657. if($th['allowed']) {
  658. if(strlen($o))
  659. $o .= ',';
  660. $o .= $th['name'];
  661. }
  662. }
  663. }
  664. return $o;
  665. }
  666. /**
  667. * Themes admin page
  668. *
  669. * @param App $a
  670. * @return string
  671. */
  672. function admin_page_themes(&$a){
  673. $allowed_themes_str = get_config('system','allowed_themes');
  674. $allowed_themes_raw = explode(',',$allowed_themes_str);
  675. $allowed_themes = array();
  676. if(count($allowed_themes_raw))
  677. foreach($allowed_themes_raw as $x)
  678. if(strlen(trim($x)))
  679. $allowed_themes[] = trim($x);
  680. $themes = array();
  681. $files = glob('view/theme/*');
  682. if($files) {
  683. foreach($files as $file) {
  684. $f = basename($file);
  685. $is_experimental = intval(file_exists($file . '/experimental'));
  686. $is_supported = 1-(intval(file_exists($file . '/unsupported'))); // Is not used yet
  687. $is_allowed = intval(in_array($f,$allowed_themes));
  688. $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
  689. }
  690. }
  691. if(! count($themes)) {
  692. notice( t('No themes found.'));
  693. return '';
  694. }
  695. /**
  696. * Single theme
  697. */
  698. if ($a->argc == 3){
  699. $theme = $a->argv[2];
  700. if(! is_dir("view/theme/$theme")){
  701. notice( t("Item not found.") );
  702. return '';
  703. }
  704. if (x($_GET,"a") && $_GET['a']=="t"){
  705. check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
  706. // Toggle theme status
  707. toggle_theme($themes,$theme,$result);
  708. $s = rebuild_theme_table($themes);
  709. if($result)
  710. info( sprintf('Theme %s enabled.',$theme));
  711. else
  712. info( sprintf('Theme %s disabled.',$theme));
  713. set_config('system','allowed_themes',$s);
  714. goaway($a->get_baseurl(true) . '/admin/themes' );
  715. return ''; // NOTREACHED
  716. }
  717. // display theme details
  718. require_once('library/markdown.php');
  719. if (theme_status($themes,$theme)) {
  720. $status="on"; $action= t("Disable");
  721. } else {
  722. $status="off"; $action= t("Enable");
  723. }
  724. $readme=Null;
  725. if (is_file("view/theme/$theme/README.md")){
  726. $readme = file_get_contents("view/theme/$theme/README.md");
  727. $readme = Markdown($readme);
  728. } else if (is_file("view/theme/$theme/README")){
  729. $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
  730. }
  731. $admin_form="";
  732. if (is_file("view/theme/$theme/config.php")){
  733. require_once("view/theme/$theme/config.php");
  734. if(function_exists("theme_admin")){
  735. $admin_form = theme_admin($a);
  736. }
  737. }
  738. $screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
  739. if(! stristr($screenshot[0],$theme))
  740. $screenshot = null;
  741. $t = get_markup_template("admin_plugins_details.tpl");
  742. return replace_macros($t, array(
  743. '$title' => t('Administration'),
  744. '$page' => t('Themes'),
  745. '$toggle' => t('Toggle'),
  746. '$settings' => t('Settings'),
  747. '$baseurl' => $a->get_baseurl(true),
  748. '$plugin' => $theme,
  749. '$status' => $status,
  750. '$action' => $action,
  751. '$info' => get_theme_info($theme),
  752. '$function' => 'themes',
  753. '$admin_form' => $admin_form,
  754. '$str_author' => t('Author: '),
  755. '$str_maintainer' => t('Maintainer: '),
  756. '$screenshot' => $screenshot,
  757. '$readme' => $readme,
  758. '$form_security_token' => get_form_security_token("admin_themes"),
  759. ));
  760. }
  761. /**
  762. * List themes
  763. */
  764. $xthemes = array();
  765. if($themes) {
  766. foreach($themes as $th) {
  767. $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
  768. }
  769. }
  770. $t = get_markup_template("admin_plugins.tpl");
  771. return replace_macros($t, array(
  772. '$title' => t('Administration'),
  773. '$page' => t('Themes'),
  774. '$submit' => t('Submit'),
  775. '$baseurl' => $a->get_baseurl(true),
  776. '$function' => 'themes',
  777. '$plugins' => $xthemes,
  778. '$experimental' => t('[Experimental]'),
  779. '$unsupported' => t('[Unsupported]'),
  780. '$form_security_token' => get_form_security_token("admin_themes"),
  781. ));
  782. }
  783. /**
  784. * Logs admin page
  785. *
  786. * @param App $a
  787. */
  788. function admin_page_logs_post(&$a) {
  789. if (x($_POST,"page_logs")) {
  790. check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
  791. $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
  792. $debugging = ((x($_POST,'debugging')) ? true : false);
  793. $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
  794. set_config('system','logfile', $logfile);
  795. set_config('system','debugging', $debugging);
  796. set_config('system','loglevel', $loglevel);
  797. }
  798. info( t("Log settings updated.") );
  799. goaway($a->get_baseurl(true) . '/admin/logs' );
  800. return; // NOTREACHED
  801. }
  802. /**
  803. * @param App $a
  804. * @return string
  805. */
  806. function admin_page_logs(&$a){
  807. $log_choices = Array(
  808. LOGGER_NORMAL => 'Normal',
  809. LOGGER_TRACE => 'Trace',
  810. LOGGER_DEBUG => 'Debug',
  811. LOGGER_DATA => 'Data',
  812. LOGGER_ALL => 'All'
  813. );
  814. $t = get_markup_template("admin_logs.tpl");
  815. $f = get_config('system','logfile');
  816. $data = '';
  817. if(!file_exists($f)) {
  818. $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is
  819. readable.");
  820. }
  821. else {
  822. $fp = fopen($f, 'r');
  823. if(!$fp) {
  824. $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
  825. }
  826. else {
  827. $fstat = fstat($fp);
  828. $size = $fstat['size'];
  829. if($size != 0)
  830. {
  831. if($size > 5000000 || $size < 0)
  832. $size = 5000000;
  833. $seek = fseek($fp,0-$size,SEEK_END);
  834. if($seek === 0) {
  835. fgets($fp); // throw away the first partial line
  836. $data = escape_tags(fread($fp,$size));
  837. while(! feof($fp))
  838. $data .= escape_tags(fread($fp,4096));
  839. }
  840. }
  841. fclose($fp);
  842. }
  843. }
  844. return replace_macros($t, array(
  845. '$title' => t('Administration'),
  846. '$page' => t('Logs'),
  847. '$submit' => t('Submit'),
  848. '$clear' => t('Clear'),
  849. '$data' => $data,
  850. '$baseurl' => $a->get_baseurl(true),
  851. '$logname' => get_config('system','logfile'),
  852. // name, label, value, help string, extra data...
  853. '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
  854. '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
  855. '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
  856. '$form_security_token' => get_form_security_token("admin_logs"),
  857. ));
  858. }
  859. /**
  860. * @param App $a
  861. */
  862. function admin_page_remoteupdate_post(&$a) {
  863. // this function should be called via ajax post
  864. if(!is_site_admin()) {
  865. return;
  866. }
  867. if (x($_POST,'remotefile') && $_POST['remotefile']!=""){
  868. $remotefile = $_POST['remotefile'];
  869. $ftpdata = (x($_POST['ftphost'])?$_POST:false);
  870. doUpdate($remotefile, $ftpdata);
  871. } else {
  872. echo "No remote file to download. Abort!";
  873. }
  874. killme();
  875. }
  876. /**
  877. * @param App $a
  878. * @return string
  879. */
  880. function admin_page_remoteupdate(&$a) {
  881. if(!is_site_admin()) {
  882. return login(false);
  883. }
  884. $canwrite = canWeWrite();
  885. $canftp = function_exists('ftp_connect');
  886. $needupdate = true;
  887. $u = checkUpdate();
  888. if (!is_array($u)){
  889. $needupdate = false;
  890. $u = array('','','');
  891. }
  892. $tpl = get_markup_template("admin_remoteupdate.tpl");
  893. return replace_macros($tpl, array(
  894. '$baseurl' => $a->get_baseurl(true),
  895. '$submit' => t("Update now"),
  896. '$close' => t("Close"),
  897. '$localversion' => FRIENDICA_VERSION,
  898. '$remoteversion' => $u[1],
  899. '$needupdate' => $needupdate,
  900. '$canwrite' => $canwrite,
  901. '$canftp' => $canftp,
  902. '$ftphost' => array('ftphost', t("FTP Host"), '',''),
  903. '$ftppath' => array('ftppath', t("FTP Path"), '/',''),
  904. '$ftpuser' => array('ftpuser', t("FTP User"), '',''),
  905. '$ftppwd' => array('ftppwd', t("FTP Password"), '',''),
  906. '$remotefile'=>array('remotefile','', $u['2'],'')
  907. ));
  908. }